2015 will be the year that marks the end of major international regulatory reforms designed to lessen the occurrence of another financial meltdown and a renewed emphasis on ethics and customer responsibility. This article presents my ten regulatory risk insights for the Asia/Pacific region for this year, which include, culture, conduct risk, lines of management responsibility and accountability, customer disclosure, staff training and competency, AML (beneficial ownership), cyber security governance, anti – corruption, terrorist financing with particular emphasis on transactions in relation to ISIS, regulatory implementation and planning for final global reforms arising from the G20 summit.
The year 2014 was a watershed for enforcement fines by regulators achieving mile stone penalties that reigned in the activities of some of the most well known financial names on the globe. This year regulators will shift emphasis towards prudential compliance and focus on consumer protection. Emphasis will be on ensuring ethical conduct and implementing policy recommendations in line with International standards such as capital adequacy and management accountability.
Light at the end of the tunnel ending major regulatory implementation
2015 will be the year when Governments in the Asia pacific region and the rest of world are perceived to have drawn a line in the sand about introducing more major regulation following the G20 Summit. Governments have a renewed emphasis on creating positive economies for businesses to flourish. There are remaining regulatory rules to be implemented to improve banks’ capital and liquidity positions and to make derivatives markets safer to reduce risks in the financial system. There are also final policy measures being drafted to dampen risk channels between banks and non-banks and strengthen the orderliness and predictability of the sovereign debt restructuring process.
Finally firms can see the light at the end of the tunnel in terms of these major reforms that are on the table. The new theme for the region is that regulators want firms to improve culture and heighten ethical standards so that the interests of firms are aligned with customers.
However, current international Libor investigations remind us that firms are not of the woods yet and there is still a lot room for improvement in terms of how firms do business and the need to improve their perception in the market. Banks in particular, are looking introspectively to ensure they are concentrating on strengthening their own resilience to deal with unforseen risks in the market.
1. Improving Culture
The culture within a firm is a barometer that dictates the need and intensity of the amount of regulation and supervision required. Prudential and financial regulators will increase their attention on the culture of firms and, in the process, access what supervisory practices are in 2 place to monitor a firm’s culture. These sentiments are reinforced in the release of the recent Financial System Inquiry (FSI) report in Australia, where it stated that, “Appropriate firm culture is critical, but needs to be supported by proactive regulators with the right skills, culture, powers and funding.”
Firms must concentrate on improving culture and aligning the firm’s interest with those of the customer in the way business is being done. If there are customer complaints or issues, firms must have an effective way of handling them, acting in the customer’s interests to fix issues in an effective way that brings matters to resolution. The culture of a firm must ensure ethical values is paramount in all its business operations.
The significant scandals by firms, who were fine last year by regulators, clearly indicated a direct correlation between the lack of ethics in a firm’s operations and its involvement in regulatory violations in comparison with those firms that were not involved in significant regulatory breaches. This was more apparent in the US and the UK where significant fines were handed down to numerous global banks in what was in some instances, intentional violations involving weak oversight by management. Going forward, regulators will be expecting boards to be a critical influence in leading from the top and instilling a culture that adheres to strong ethical values with direct lines of responsibility for senior management in the business.
Additionally, Regulators will continue to come down hard on firms that fail to “self disclose” material compliance or regulatory breaches in a timely manner. Disclosure with integrity is now seen to be connected to a firm’s culture.
2. Conduct risk
There is a greater emphasis on “conduct risk”, which refers to the growing need for institutions to reassess the way they conduct their business and how regulatory risks and expectations are effectively managed within organisations. This area will continue to be a challenge to firms, not only having to deal with regulatory obligations, but also increasingly being required to look at the firm’s approach to monitoring, analysing and managing how they deal with customers. Banks internationally, have paid billions of dollars in claims for the shortfalls in compliance and the negligent way they have treated some of their customers. These reflect failure of systems and oversight.
All governments and regulators are emphasising the fair treatment of customers and will expect firms to ensure that financial products and services perform in the way that customers expect or are led to believe. In making improvements in this area, firms will have to look at ways they can improve customer outcomes in terms of product disclosure, accountability, technology and improving complaints handling processes.
Firms have to define what good conduct looks like and agree how processes can be improved frameworks established to assess risks and monitor ongoing work that needs to be done. The very nature of conduct risk is for firms to continually review and monitor alignments with customer products and regulatory requirements and seek feedback from the market to assess any gaps.
3. Lines of management responsibility and accountability
Because some firms have such a complex management structure, when things go wrong and it comes to pointing the finger at who was responsible, individual accountability is often clouded or confused. This is an unacceptable practice, not only for a firm’s internal accountability but its ultimate accountability to the board and shareholders. The board of directors should ensure they understand the chain of accountability and who is ultimately responsible for each function. If structures are too complex then they need reviewing and simplifying.
The UK are introducing laws that make senior managers and non-executive directors personally liable for major breaches of compliance or regulatory requirements within their functions of responsibility. This new framework is intended to focus on a narrower number of senior individuals in a firm than under the current Approved Persons’ Regime. The changes are designed to restore trust in financial services industry and clearly impose more personal risk on senior managers and directors. The proposed framework has an extra territorial dimension in that the laws will apply to individuals performing senior management functions whether physically based in the UK or overseas and so will apply to some executives of global firms in Asia.
Although it is not the law in Asia, or even on the table, it may be helpful for firms to review their senior manager framework and ensure that there is a clear line of responsibility for each function of the business and that the structure is not overly complex. This will encourage senior executives to take greater responsibility for their actions and will make it easier for both firms and regulators to pin point individual responsibility and hold individuals to account for serious internal compliance and regulatory failures.
4. Customer disclosure
Europe is leading the way in terms of pronouncements on product governance and Australia has just released the Financial System Inquiry report (FSI) with recommendations on product innovation and disclosure that may be wise for firms in the Asia Pacific region to consider.
Firms can improve processes by strengthening product issuer and distributor accountability. Poor product design and distribution practices have disregarded consumer interests and contributed to financial losses. Product accountability is a theme that regulators may be monitoring carefully this year. For example, many customers in the past five years were sold units in managed investment schemes or other financial products without the full risk and restrictions on exit requirements being disclosed.
The FSI report emphasises that firms should consider producing less complex disclosure documents and place more emphasis on the type of consumer who would be interested in buying the product. Many disclosure documents tend to only emphasise high yields while playing down the risk. Regulators in the region will be focusing on consumer protection with particular emphasis being paid to representations and product information distributed to consumers.
Firms can alleviate these risks by putting in place a framework that concentrates on the type of customers who would most benefit from the product to ensure that products match consumer needs. Firms that promote fair treatment of customers by designing and distributing financial products that suit customers are bound to have happier customers and less regulatory oversight.
5. Training of staff to ensure competence
Firms can raise ethical awareness and competencies especially of financial advisers, traders and other staff by ensuring competencies and standards of compliance. Traders in particular came under heightened scrutiny last year from the fall out in benchmark rigging. Firms appear to have come under the most regulatory attention in Australia, UK, USA, Singapore and Japan. These investigations are currently on going and will doubtless cause the institutions involved in substantial legal costs and fines not to mention increased scrutiny from regulators.
Compliance with professional standards and ethical approaches to circumstances needs to be actively monitored. Ongoing professional development – including technical skills, relationship skills, compliance and ethical requirements need to be monitored to ensure that the firms standards of conduct and professionalism are maintained. Firms should consider placing far greater focus in the areas ethical training and education competancies. Compliance with standards should be reviewed regularly and monitored.
6. Sanctions and beneficial ownership
Since 2009, there have been 24 global banks that have failed to disclose to US regulators that they were knowingly dealing with sanctioned countries, such as Myanmar (Burma), Cuba, Iran, Libya and Sudan. Most of this conduct was known to senior executives and senior compliance individuals who chose to “turn a blind eye” to the activity because it was profitable for the bank to do so. For this lapse in integrity, some global banks have paid billion dollar fines. There are a number of banks who are requesting prosecution agreements with regulators in relation to sanction violations.
The issues regarding money laundering, know-your-client, ultimate beneficial owners and sanctions, have become so important with the down side of getting it wrong possibly ending up in multi-million dollar fines. This important compliance area has to be appropriately resourced with the right skill mix of individuals. Comprehensive reports must be produced and maintained to establish compliance due diligence.
The actions by regulators have sent a clear warning message to firms around the world whose strategy has been only to pay lip service to US sanction regulatory requirements. The extent of these violations emphasise that banks in the Asian Pacific region have to be careful in taking sanctions seriously and implement proper frameworks and if required, immediately disclose to the regulator any material compliance issues.
AML – Beneficial ownership
There is greater emphasis by FATF on banks identifying the beneficial ownership of client accounts or assets. The use of sham corporations as nominal account holders adds another layer of secrecy between an account and its beneficial owner. These types of accounts make it impossible for government authorities to determine the ultimate beneficiary of funds.
FATF has emphasised the need of banks to determine the ultimate beneficiary of accounts. Regulators will place greater emphasis on firms to maintain relevant information, as they are required by anti-money laundering regulations to know at all times who are ultimate owners of the assets they manage.
7. Improved governance of cyber security
Cybercrime has developed over the past five years from interfering with systems to online fraud, industrial espionage, theft of data, destruction of information and disruption of systems. In a recent New York State, Department of Financial Services report on cyber security in the banking industry, it was stated that “Cyber attacks against financial services institutions are becoming more frequent, more sophisticated and more widespread”.
Three main risks for banks to understand the scope of the threat, are industry interconnection and the compliance costs for preparing for an attack. Banks will need to start to collaborate in order to deal with this growing threat, as the answers will not only come from government resources.
The rapid change of pace of technology makes it more crucial than ever for boards of directors and senior management within institutions, to ensure that all functions are aligned and sufficiently resourced. Executive management should be more involved in identifying the institutions top cyber risks and understand how the organisation can combat them. A sound understanding of cyber protection procedures are important, so that the board understands the institution’s readiness to deal with cyber risks relevant to that firm. Executive management must have an understanding of the following:
- An agreed approach of the board towards the unique risk profile of the organisation;
- Sound knowledge of IT management and governance ensuring the alignment of all necessary functions to deal with cyber risks;
- Procedures for incident response and event management;
- Understanding of access controls and network security;
- Procedures for vendor management;
- Procedures for disaster recovery.
Firms must continue to place emphasis on fighting corruption and have the area properly resourced within the firm and ensure those they do businesses with have a similar approach. Corruption continues to remain one of the major themes in Asia and if not tackled head on will thwart economic and financial prosperity in developing the region. Without out any doubt, China has placed more emphasis on this area than any other country in the region. Since 2012, President Xi Jinping has deepened China’s anti-corruption campaign – the question on everyone’s mind is, “has it been effective”? The anti-corruption drive has been one of the central policy stamps of his administration and its severity and duration appears to be surprising everyone both within and outside China.
Other countries such as Australia, Malaysia, Indonesia and Thailand will have to start ramp up their regulatory approach and take a more transparent heavy handed approach to fight corruption in their respective jurisdictions. There is much firms can do in fighting corruption, including having effective policies in place, vetting third party vendors and ensuring that compliance procedures are robust and cases are actively pursued.
At the G20 last year, an anti-corruption plan was endorsed including enhanced mutual assistance between jurisdictions and recovering the proceeds of corruption and the denial of safe havens to corrupt officials. Further reforms are on the way that may affect firms and the approach of regulatory agencies.
9. Anti terrorist financing with particular emphasis on transactions in relation to ISIS
Coalition forces have stepped up military action against ISIL in Syria and Iraq, which is beginning to slow down its sources of its revenue. US Treasury Department estimates that the organisation is continuing to obtain approximately US$1 million each day through illegal oil sales mostly through Turkey. The FATF has stressed that more insight needs to be gained by member countries into how ISIL is funded and transferring funds internationally.
Given recent terrorist attacks in Australia and Europe, firms will have to continue to be vigilant and maintain scrutiny on suspect customers, money transfers to Turkey, Lebanon, Qatar and Kuwait. Regulators are paying attention to money transfer business operators and especially those operators who are informal currency transmitters such as Hawala operations.
10. Planning for overreaching financial global reforms and capital requirements
Regulators around the world know that another crisis will happen, and when its does, financial institutions must be better prepared and stronger to face then they were in 2007/08.
Financial institutions will have to plan and prepare to implement the final set of policies that are aimed at ensuring that globally systemically important banks have additional loss absorbing capacity that will further protect tax payers and themselves in a crisis market. Other reforms that are on the table are in relation to reducing cross border risks concerning derivatives, anti – 7 corruption, prudential supervision, disclosure, and the control of capital flows between banks and non banks. Financial institutions need to ensure that they are prepared for implement the next round of policy requirements and are resourced to do so.
2015 is about returning to basics – good service, honesty and integrity. This year will see the finality of major regulatory reforms internationally intended to make financial institutions more resilient, and it is the year where culture, ethics and conduct risk will form a central focus. Although firms will have to implement compliance changes this year, the good news is that governments have drawn a line in the sand on major international regulatory reforms and firms can get on with doing business. At the end of the day ethics culture is paramount in ensuring customer’s interests remain cenral, after all, these are the true internal guardians of a firm to ensure its longevity.