The Criticality of a Centralised Compliance Function   February 2007  Facilitated by Paul Leary

The Criticality of a Centralised Compliance Function February 2007 Facilitated by Paul Leary PowerPoint PPT Presentation

  • Uploaded on
  • Presentation posted in: General

Content. What is ComplianceRole of Compliance in Corporate GovernanceWhat is an effective Compliance Function?Implementing a Compliance FrameworkCosts of Failure. What risks does a Compliance Framework manage?. The answer is not always obviousHow does the function of Compliance differ from the role of the Revision Committee?Does a Bank actually need this function?What will the function add to the stakeholders' purposes?.

Download Presentation

The Criticality of a Centralised Compliance Function February 2007 Facilitated by Paul Leary

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

1. The Criticality of a Centralised Compliance Function February 2007 Facilitated by Paul Leary

2. Content What is Compliance Role of Compliance in Corporate Governance What is an effective Compliance Function? Implementing a Compliance Framework Costs of Failure

3. What risks does a Compliance Framework manage? The answer is not always obvious How does the function of Compliance differ from the role of the Revision Committee? Does a Bank actually need this function? What will the function add to the stakeholders’ purposes?

4. What is Compliance Risk? The purpose of the compliance function is to assist the bank in managing its compliance risk, which can be defined as:- the risk of legal or regulatory sanctions, financial loss, or loss to reputation a bank may suffer as a result of its failure to comply with all applicable laws, regulations, codes of conduct and standards of good practice

5. The Compliance Framework Comprised of a number of components Compliance department is the nucleus Understanding and communicating the role of the compliance function is critical

6. What is Corporate Governance? The system by which a business is governed It is concerned with the practices relevant to the attainment of business objectives Risks that may prevent achievement of objectives must be managed Risk management is therefore a pre-requisite to effective corporate governance

7. What part does each of the following play in the achievement of a compliant bank? Supervisory Board Management Board Senior Managers Line Staff Compliance Function

8. Supervisory Board Aproval of the compliance policies Receiving independent information regarding the operational performance of the Bank from the Internal Audit Function (including the performance of the Compliance Function)

9. Management Board (‘Board’) Management Board is responsible for : Overseeing the management of the compliance risk Establish a permanent, independent and effective Compliance Function Providing adequate resources to the function Empowering the function

10. Senior Management Responsible for: Communicating the policies Ensuring policies are observed Interpreting the policies Managing the control environment Reporting to the Board and the Compliance Function Training the Staff

11. Line Staff Following procedures Highlighting deficiencies Working with an enquiring mind Accountable for actions

12. Compliance Function Assist in the management of Compliance Risks Provide advice, guidance and education Identification, prioritisation, managing and monitoring risks Testing and reporting Statutory responsibilities and liaison

13. Business Objectives Our objective is to become the pre-eminent provider of banking services in the Ukraine within the next 5 years Or Our objective is to increase profits by 5% annually and avoid regulatory censure over the next 5 years

14. Risk Appetite Quantative Zero tolerance Percentage tolerance Qualitative Statements talking about the relative quality of ….

15. Risk Appetite We will not accept Latin American clients A maximum of 20% of our client base will be commercial clients We will retain copies of all the required KYC documentation for our clients

16. The Compliance Function What is it’s role? What are it’s objectives? Is the Compliance Function’s perception of its role shared by other business functions?

17. Who owns compliance? Not the Compliance Function Every member of staff is a compliance stakeholder To what extent is that reflected in: - job descriptions - performance appraisals - reward

18. Scope to perform Frequently a Compliance Function does not have room to perform proper duties adequately. This problem is exacerbated by Board ignorance of what to expect of the Compliance Function.

19. Empowering Compliance Board to understand what it expects from the function Provide function with formal status Resource the function with staff, IT and power to act Ensure the Executive supports the function Ensure function has access to all personnel and bank records to enable to carry on its duties

20. Role of Compliance Function Ascertaining the role of the Compliance Function is an essential prerequisite for constructing an effective compliance framework

21. Relationships The Compliance function must manage relationships both internal and external Internal Board Business units Internal Audit Legal IT HR External Regulators Investigating authorities External Audit

22. Other internal control functions Identifying responsibilities of other control functions and demarcating between responsibilities will reduce overlap and room for confusion and error.

23. Risk Roles Management Board need comfort in all the defined areas of risk (Credit, Market, Operational and Commercial Risk) Risk Management identify the likelihood of an event and what tolerances would be acceptable Compliance set the polices, procedures and perform the internal controls Internal Audit reviews the efficacy of the system External Audit reviews the true and fairness of the financial statements

24. The framework Different functions must work together in harmony. Information and communication is the oil that makes the framework operate smoothly and effectively.

25. How can Supervisory and Management Boards ensure Compliance is embedded into the Bank?


27. Compliance framework Comply - to act according to an order, set of rules or requests. Risk - the possibility of something bad happening (or something good not happening). Framework - a supporting structure around which something can be built. A system of rules, ideas or beliefs that is used to plan or decide something. Process - a series of actions that you take in order to achieve a result. The result being compliance!

28. Process What are we going to consider in designing and implementing our Compliance Risk Framework?

29. Compliance Framework Establish Goals & Objectives Assess Business Risks Develop Compliance Risk Management Strategies Design/Implement Risk Control Processes Monitor Compliance Risk Management Process Performance Improve Compliance Risk Management Process Information for Decision Making

30. 1. Establish Goals & Objectives Define the bank’s : Risk management goals and objectives Risk tolerances / boundaries / limits Risk ownership

32. 2. Assess Business Risks Evaluate changes in the environment, in key assumptions underlying business strategies and in business lines, products and business processes and the impact of these changes on potential risks to the entity. Implement processes or activities to assess Compliance risks and information processing risks at the business process / activity level

33. BIS Principle 1 – Responsibilities of the Supervisory Board (SB) for Compliance The bank’s SB has the responsibility for overseeing the management of the bank’s compliance risk The SB should approve the bank’s compliance policy, including a charter or other formal document establishing a permanent Compliance Function

34. 3. Develop Compliance Risk Management Strategies Develop Compliance Risk Management Strategies and Respond to significant new risks or changes with appropriate strategies, and initiate the processes / activities to implement new risk management strategies quickly

35. 4. Design / Implement Risk Control Processes Ensure risk managers and process/activity owners: Have the requisite skills and expertise to design and implement risk control processes/activities (commensurate with the risk management strategies). Assume responsibility for and understand their accountability for managing significant risks. Assess the timeliness, efficiency and effectiveness of the design of new or improved risk control processes

36. 5. Monitor Compliance Risk Management Process Performance Measure / monitor / assess the performance effectiveness of the CRMP in: Identifying and managing specific risks and in executing strategies to create value (including the utilization of all available “audit” opportunities). Benchmarking against regulations, best practices and industry knowledge

37. 6. Improve Compliance Risk Management Process Ensure that risk assessment, control and monitoring processes / activities are continuously improved throughout the organisation At least once a year, the Supervisory Board or a committee of the Supervisory Board should review the bank’s compliance policy and its ongoing implementation to assess the extent to which the bank is managing its compliance risk effectively

38. 7. Information for Decision Making Ensure there is adequate communication and information for decision making Enabling senior management to know that all CRMP activities are performed as intended Enabling risk managers and process/ activity owners to clearly understand their responsibilities and accountabilities

41. Management Information Information generated by review programme Key Risk Indicators are valuable Must be analysed by Compliance Function MI analysis should be communicated to Board with recommendations Action should result Process should be transparent

42. Summary of Functions Responsibilities Assist the Board manage the compliance risks Advise staff on laws, regulations and development in these areas Educate staff on compliance issues Identify, measure and assess risk Monitor, test and report on findings Liaison with external bodies Develop and maintain a compliance monitoring programme

44. Human factors Cultural considerations Structures - Steep authority gradients Distance Dominant individuals Bonus driven environments Greed Environment

45. Citigroup = ethics questionable corporate/individual ethics and integrity, misleading statements in Japan Bank Of Ireland = Systematic tax avoidance Abbey National = systems and procedures and AML controls Moscow City Bank = Anton Dolgov Recent events and disasters

46. Section 311 Authorizes the Secretary of the Treasury to find that reasonable grounds exist for concluding that a foreign jurisdiction, institution, class of transactions or type of account is of "primary money laundering concern" and to require U.S. financial institutions to take certain "special measures" against those jurisdictions, institutions, accounts or transactions.

47. Banco Delta Asia On September 20, 2005, FinCEN announced the designation of Banco Delta Asia SARL, Macau Special Administrative Region, China (‘BDA’), as a financial institution of "primary money laundering concern" under Section 311 Treasury is issuing the attached proposed rule to impose special measures against BDA. The proposed rule would prohibit U.S. financial institutions from opening or maintaining correspondent or payable-through accounts in the U.S. for, or on behalf of, BDA This prohibition extends to correspondent or payable-through accounts maintained for other foreign banks when such accounts are used by the foreign bank to provide financial services to BDA indirectly

48. Benefits to Bank Structured decision making based upon soundly researched evidence Reduced errors and losses Reduced legal claims from clients Greater profit margins Greater acceptance by international banking community Reduced costs of transacting with international banking community

49. Contact details Paul Leary BakerPlatt Tel. 44 (0) 1534 613775 Fax. 44 (0) 1534 737355

  • Login