Enterprise Compliance Risk Management. Ramakrishna Saloni

Enterprise Compliance Risk Management - Ramakrishna Saloni


Скачать книгу
should adopt compliance as a core strategy, and expenditures should be targeted in the areas that have the largest breach risks such as mis-selling. In a compliance strategy the following three factors are critical. Firstly, a firm must account for compliance in their TOM and the knock-on impact on the BM. Secondly, compliance must not be executed as a box-ticking exercise, but rather project budgets should be aligned with the greatest risks to the bank in an optimal control framework. Finally, given the huge drain of resources, banks should prioritize projects. A bank that desires a stable profit stream needs to ensure that this can be delivered by a compliant target operating model. The new agenda for compliance is to ensure that it is in sync with the risk appetite of the firm, the conduct strategy, and the axis of the BM/TOM. “Active and positive compliance” is the core of sustained healthy growth of a financial organization and the theme of this book.

      – Dr. Colin Lawrence

      Dr. Colin Lawrence has a PhD in Economics from the University of Chicago. He is a partner with EY LLP, UK; former director of the Risk Specialists Division (FSA and PRA); and former strategic risk advisor to the Deputy Governor, Bank of England. Dr. Lawrence is a well-known practitioner with varied experience as a regulator, a banker (he was managing director in derivative trading at UBS and Global Head of Risk at Barclays), a consultant, and an academic.

      Chapter 1

      An Overview of Compliance in Financial Services

      “Money plays the largest part in determining the course of history.”

– Karl Marx

      It is a chicken-and-egg story: “Regulation influences banks' behavior by shaping the competitive environment and setting the parameters within which banks are able to pursue their economic objectives.”1 Interestingly, however, banking crises have been the trigger for many, nay most of the regulations, more so in recent times. So it is difficult to say whether it is the regulations that are shaping the behavior of banks or banks breaching the expected fair business practices that is shaping the structure and content of regulations. Or it is the interplay of both that has created the complex structure and behavior of the banking industry and by extension the financial services and its regulations?

      It is not an exaggeration to say financial services is perhaps the most regulated industry in recent years. There are more regulations, more expectation of compliance, and more supervision to ensure compliance. There is unprecedented scrutiny of the industry at national, regional, and global levels. This scrutiny and the host of far-reaching regulations together are of topical interest not only for the stakeholders but also to policy makers, politicians, and media, thus putting the spotlight on adherence or lack thereof to the set expectations.

      “Financial services” is a broad umbrella term that covers different subsectors like banking, insurance, securities, investment management, and so on. The division into subsectors is more of academic interest, given the changing contour of financial services industry like:

      • The emergence of financial conglomerates that are growing both in size and numbers

      • Bank, insurance, and market intermediary linkages that are becoming commonplace

      • Abolition of barriers/restrictions on investment/commercial banking combinations2

      Unified or stand-alone, these sectors combine to form the economic vehicle of a country, a group of countries, or the entire globe to facilitate movement of capital and currency across. They help channel money from lenders to borrowers and vice versa through financial intermediation. It is no exaggeration, therefore, to say that they are responsible for the financial well-being of not just individuals and firms but also countries.

      Given the criticality of the industry, it is understandable that the environment it operates in and its various stakeholders have expectations in terms of dos and don'ts from the industry. These dos and don'ts are spelled out in the form of laws, regulations, standards, and codes of conduct. Financial services organizations are expected to comply with these requirements in such a way that there is order in the system and all stakeholders are protected, including the financial services organizations themselves.

      Regulatory change is the only constant across industries. The rate of change is what differentiates financial service regulations of recent times. The debate on regulation versus deregulation, market maturity versus too big to fail, less regulation versus excess regulation, and regulatory gap versus regulatory overlap continues to rage.

      Be that as it may, it has resulted in a tidal wave of regulations, which some of my banker friends call a tsunami of regulations. Add to this the increasing stakeholder demands for scrutiny, and one would understand the colossal challenges that the industry faces in managing its environment. This also explains why compliance activities have moved from being transaction-focused to becoming integral elements of business management. In spite of the multiplicity of regulations, the paradox of their coverage is that there are pockets of over-coverage like those for deposit-taking institutions and for traditional products, typically for the “on–balance sheet items.” In contrast, there are less regulations of firms that pass under the radar while dealing in huge volumes of money, value, and instruments. An example of this category are the hedge funds that deal in innovative off–balance sheet products or derivatives. This leads to a regulatory imbalance that affects both ends.

      The purpose of regulation is essentially sixfold, and here I use the term “regulation” broadly to encompass laws, statutes, regulations, standards, and codes of conduct. They are:

      • To ensure fair market conduct and protect the various stakeholders, particularly consumers and the markets

      • To reduce, if not completely take away, information asymmetry between the financial services and the customers who buy products or services from these organizations

      • To protect financial services from unwittingly becoming conduits for financial crimes such as channeling money for antisocial activities like money laundering and terrorist financing

      • To reduce the probability and /or impact of failure of individual financial services firms, especially the “too big to fail” category firms, which could trigger a contagion effect

      • To ensure the safety and stability of the financial system

      • To create a level playing field that reduces monopolistic, anticompetitive situations that would result in less choice and higher price points for customers

      All these seem like noble objectives. If that is so, where is the challenge in adopting these measures is a question that requires exploring. As businesses have become more complex, so have the regulations and the resulting obligations. Interestingly, compliance or noncompliance is the outcome of an organization's meeting or not meeting those obligations. The maze gets multiplied with the multiplicity of regulators. Should a country have a single regulatory body for all the components of financial services like the United Kingdom (until March 31, 2013, when it was split into two regulatory bodies with distinct areas of operation, one focused on Prudential regulations and the other on Conduct), Japan, and Indonesia (Indonesia adopted this model in 2011)? Or should there be multiple regulators, with the USA being the lead example? Both have their pros and cons.

      The focus should be on how regulation is conducted and not so much on who regulates or how many regulators. There is a constant debate as to whether more regulations or a more effective mechanism for implementing the existing regulations could solve the problem. This is a difficult question and merits a closer look, something we will attempt in a subsequent chapter. The relevance of this question is that more the regulators potentially more the regulations that require more effort at planning and executing compliance.

      A disturbing trend over the past few decades is that the system has gotten into a vicious cycle of financial services organizations breaching the rules and regulations both overtly and covertly with serious and negative impact not just to themselves but also the system in which they operate. Like Newton said, “Every action has an equal and opposite reaction.” These breaches and their resultant impact have typically been met with two obvious responses:

      1.


Скачать книгу

<p>1</p>

“Evolution of the UK Banking System,” Bank of England Quarterly Bulletin 2010 Q4, Vol. 50 No. 4, http://www.bankofengland.co.uk/publications/Documents/quarterlybulletin/qb100407.pdf.

<p>2</p>

Adapted from the presentation of Dr. K. C. Chakrabarty, Deputy Governor, Reserve Bank of India @BCSBI conference for Principle Code Compliance officers, April 2013.