1 / 24

Compliance Function & Risk Management

Compliance Function & Risk Management. Andrae Tulloch Deputy Chief Regulatory Officer, Regulations June 3, 2010. disclaimer. This presentation expresses the author’s views and does not necessarily reflect those of the Jamaica Stock Exchange, its Divisions, or other members of staff.

xander-whitaker
Download Presentation

Compliance Function & Risk Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Compliance Function & Risk Management Andrae Tulloch Deputy Chief Regulatory Officer, Regulations June 3, 2010

  2. disclaimer This presentation expresses the author’s views and does not necessarily reflect those of the Jamaica Stock Exchange, its Divisions, or other members of staff.

  3. Key topics • Role of Compliance and Risk Management • Importance of Compliance to Risk Management • Common Deficiencies in Compliance • Developing an Effective Compliance Function

  4. Role of compliance to risk management The Compliance Function involves: • Identification, assessment and monitoring of compliance risk • The reporting of such risks to senior management

  5. Role of compliance to risk management What is Compliance Risks? According to several sources, it is the “ risk impairment to the organization’s business model, reputation and financial condition resulting from failure to meet laws, regulations, internal standards and policies, and expectations of key stakeholders such as customers, employees and society as a whole.”

  6. Role of compliance to risk management Examples of Compliance Risks as it relates to the JSE include: • Breaches of JSE Rules for Member-Dealers (e.g. late financial filings) • Breaches of JSE Rules for Listed Companies (Failure to meet deadlines for Unaudited Results) • Breaches of JSE’s Trading Rules

  7. Role of compliance to risk management Other Examples of Compliance Risks are: • Breaches of the Securities Act of Jamaica • Breaches of the Companies Act of Jamaica • Non-adherence to organizational limits, policies and procedures

  8. Role of compliance to risk management Compliance & Operational Risk Management are similar in many areas: • Identification and assessment of risks • Recommending strategies to mitigate risks • Updating of policies and procedures • Determining inherent risks of new products and services • Ongoing Training in company’s policies and risk management techniques • Continued Assessment of risk management programme

  9. Importance of compliance to risk management The importance of the compliance function warrants that: • The compliance tone is cultivated from the top • Ample resources are committed to the area

  10. Importance of compliance to risk management Consequences of a weak compliance programme includes: • Increase in non-compliance to applicable rules and regulations • Increase in malpractices by employees • Disruption in Business Continuity, and • Revocation of Licenses

  11. Importance of compliance to risk management Consequences of a weak compliance programme as it relates to the JSE includes: • Increase in Fines and Penalties • Suspensions, and • Delistings

  12. Importance of compliance to risk management Reasons for a weak compliance programme are: • Compliance is viewed as a “policing function.” • Senior Management do not realize the value added to an enterprise’s risk management programme • Disconnect between top, middle and compliance management’s objectives

  13. Importance of compliance to risk management In changing its perception senior management must realize: • The Compliance Function cannot stand alone • Support must be given by all to promote a culture of compliance

  14. Common Deficiencies in compliance According to the U.S. Securities and Exchange Commission common weaknesses in compliance include: • Breakdown in communication between compliance personnel and senior management • Compliance function reduced to that of advisory with little or no monitoring • Lack of independence in relation to reporting and compensation • Inadequate compliance and supervisory procedures

  15. Common Deficiencies in compliance According to the U.S. Securities and Exchange Commission common weaknesses in compliance include: • Surveillance reports were not risk based • Heavy reliance on complaints rather than surveillance systems • Inadequate follow-up on exceptions • Absence of compliance review for new products and business activities • Knowledge, experience and training gaps with compliance staff

  16. Developing an effective compliance programme Develop an Organization Culture of Compliance through: • Board approved Compliance Policy and Procedures • Organization of wide awareness and sensitization • Aligning the organization’s policies on ethical conduct to compliance policies • Train new and existing staff on ethical conduct • Promote and provide channels for internal whistle blowing

  17. Developing an effective compliance programme Understand the functions of Business Units by: • Reviewing existing policies and procedures for each business unit • Try to develop a working knowledge of the processes of each business unit • Liaise with internal auditors

  18. Developing an effective compliance programme Identify Inherent Risk in Business Unit functions by: • Reviewing internal audit reports • Review external inspections by regulatory and other bodies • Identifying motivating factors that result in unethical behavior and malpractices

  19. Developing an effective compliance programme Develop a Formal Reporting System by: • Documenting the necessary process flow for communicating material and other compliance issues to senior management • Designing a report that quickly captures deficiencies and recommendations for senior management to consider in remedial actions • Integrate risk assessment in compliance reports that assist in ascertaining the severity of risk exposure 

  20. Developing an effective compliance programme Create and Update Policies and Procedures: • Review relevant rules and laws covering compliance and supervisory responsibilities • Ensure that written procedures address risks identified • Evaluate controls over business functions and incorporate in written policies and procedures

  21. Developing an effective compliance programme Ongoing Training and Education • Identify using risk based assessment areas of priority for training • Internal communication channels • Applicable rules and regulations should be explained through workshops and other forums • Continued education and training should be made available to compliance personnel

  22. Developing an effective compliance programme Monitoring of Compliance Function: • Requires periodic reports from heads of compliance on compliance activities • Ensures that there is periodic review by an independent third party • Ensures that there are clear strategic objectives to be accomplished on a periodic basis • Mandates that disciplinary actions are conducted without bias

  23. Compliance function & risk management Conclusion • There is no single solution for all firms • Developing an effective compliance function should consider the organizational structure, business, customers and other relevant factors

  24. Thank youLadies & Gentlemen

More Related