Enterprise Compliance Risk Management. Ramakrishna Saloni. Читать онлайн. Newlib. NEWLIB.NET

Автор: Ramakrishna Saloni
Издательство: John Wiley & Sons Limited
Серия:
Жанр произведения: Зарубежная образовательная литература
Год издания: 0
isbn: 9781118550311
Скачать книгу
deterrents if the FFIs do not do the expected reporting. This brings forth a distracting but critical aspect of evolving expectation from financial institutions – that by being the medium for financial transactions, they become responsible for compliance obligations that technically need not be in their domain. Paying taxes, for example, is the responsibility of self-declaration by individuals and organizations with the onus of ensuring compliance on the tax management authorities. It is into this world that banks have been co-opted.

      FSGO or the Federal Sentencing Guidelines for Organizations (revised 2004) is another important regulation in the US landscape.

      United Kingdom

      Here, too, the crises and panic history is an interesting read, for example, the banking crisis of 1824–25 that resulted in bank runs and failure of 93 banks, which in its turn led to the creation of the Joint Stock Companies Banking Act of 1857. From a compliance perspective, however, we start our trace of regulations in the UK from a more recent period, the Competition and Credit Control Act of 197111 and the Banking Act of 1979, which put banking regulation on a statutory footing. It required that institutions be licensed in order to accept deposits from the public. “This act, the first to establish a regime of supervision, created a two tier system of banks and licensed deposit takers.”12 The Banking Act of 1987 had its trigger in the Johnson Matthey bank crisis of 1984, where the bank suffered the consequences of two large bad debts.

      On the securities and investments side, too, prior to the Financial Services Act of 1986 that was passed by the parliament of the UK to regulate the financial services industry, there was no legislation to comprehensively regulate the markets. All subsequent expansions of the regulatory regime can be traced to this act. This provided for the creation of FSA's predecessor, the Securities and Investment Board (SIB). In 1997 the SIB formally changed its name to the Financial Services Authority.

      Interesting to note is that unlike the United States where the Federal Reserve traces back to 1913 and the Securities and Exchange Commission to 1934, the UK's formal financial regulatory setup is fairly young – Banking Acts of 1979 and 1987 and Financial Services Act of 1986. Does this mean that there were lesser scandals? Perhaps not. Perhaps they were handled though the judicial system or through localized solutions. A formal regulatory framework is of a later origin. I pick up the subsequent illustrations from the nineties.

      The 1991 the BCCI (Bank of Credit and Commerce International) scandal that led to its shutdown due to internal fraud and the Nick Leeson scandal that led to the near collapse of Barings in 1995 created enough furor in the financial circles to bring to the fore the need for a more comprehensive regulatory supervision. The Bank of England Act of 1998 that followed had two objectives, one of which was to transfer the responsibility of supervision of the deposit taking institutions from the bank to the FSA. The subsequent FSMA (The Financial Services and Markets Act 2000) created the Financial Services Authority as a single regulator for insurance, investment business, and banking, perhaps the single most powerful regulator in the world. This model was in contrast to the multiple regulator regime of the United States.

      The FSA (Financial Services Authority) of UK was well known for its detailing of the regulatory guidelines in various areas. It is often said in the financial circles that FSA is usually the first to introduce prescriptive guidelines, which are then used as a basis for similar guidelines by other regulators who add the local flavor but retain the core structure as designed by the FSA intact. So much so that the risk and compliance management teams of global banks would target compliance and coverage per FSA norms, which, they believed, would help in automatically complying with requirements of other countries.

      It is paradoxical that the organization that was known for its detail and clarity in setting out norms and standards has been replaced by two new bodies, as it was considered to be not very effective in having the regulations executed by the member banks. In the risk management section, we will discuss the effectiveness assessments as a combination of design effectiveness and operational effectiveness. Inefficiencies in either or both would result in the overall inefficiency.

Due to the perceived regulatory failure in arresting the banking crisis in the UK in the 2007–2009 period (it was reported that the Northern Rock was the first bank in 150 years to suffer a bank run in the UK) and consequent to the restructuring of the financial system, the Financial Services Act 2012 was passed, abolishing the FSA effective on April 1, 2013. This was succeeded with two bodies: the Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) (Figure 1.1). Following are brief descriptions of these two agencies:

Figure 1.1 Simplified Picture of the UK Regulatory Framework

      Source: “The Prudential Regulation Authority,” Bank of England Quarterly Bulletin 2012 Q4.

      FCA 2012 – The Financial Conduct Authority is one of the two successors for the famed Financial Services Authority, the other being the Prudential Regulation Authority. The choice of the word “Conduct” spells out the fact that financial businesses are expected to follow fair business behavior, and it would be the job of this authority to step in with corrective measures if these organizations step out of sync of that expectation.

      PRA 2012 – The Prudential Regulation Authority is the other successor to FSA. It is responsible for the regulation and supervision of financial services firms inclusive of banks, insurers, major investment firms, and credit unions. The PRA formally assumed its responsibilities on April 1, 2013.

      For tackling money laundering and countering terrorist activities UK works primarily through National Crime Agency 2013 (NCA) with an objective to build a single comprehensive picture of serious and organized crime affecting the United Kingdom. SOCA 2005 (Serious Organized Crime Agency), under which the United Kingdom Financial Intelligence Unit (UKFIU) folds, works with the financial services industry in its effort to arrest money laundering and terrorist financing. The responsibility FIU imposes on the financial services is to aid and support them in that effort. SOCA has been merged into the National Crime Agency since 2013.

      Money Laundering Regulations – MLRO 2007 (Money Laundering Reporting Officer) expects all “Money Service Business or Trust or Company Service providers” to appoint a “nominated officer” for ensuring the KYC (Know Your Customer) norms as well as report any suspicious activity to the FIU. Interestingly, this requirement folds under the HM Revenue and Customs, who are the UK's tax authorities. Like we have seen in the United States, the tax authorities co-opt the financial system to ensure that not only is there no tax revenue leakage but also that antisocial activities and wrong siphoning of funds do not happen. There are other acts like the Bribery Act 2010 of UK, which is considered one of the toughest anticorruption legislations. Compliance teams need to ensure that the staff of their organization understand and comply with the requirements of this act in the spirit of good governance.

      These two representative countries that we have chosen offer a couple of interesting insights:

      • The vintages of the start of their formal regulatory regimes as we know them today are more than half a century apart based on the situational needs but today converge to a large extent on the areas of regulation.

      • One represents a unified twin peak structure and the other embraces the multiple regulators model.

      Example of a Self-Regulatory Industry Body

      A brief note on The Wolfburg Group (WG – 2000) illustrates the influence a self-regulated industry body can have on setting standards. The Wolfburg Group and the standards it propounds is a good example of an industry body that has its say on the global compliance landscape. This group is made up of 11 global banks that have gotten together to develop standards and policies in the areas of Know Your Customer (KYC), Anti–Money Laundering (AML), and Counter–Terrorist Financing (CFT) (http://www.wolfsberg-principles.com/). Whether the member banks themselves adhere to these principles in letter and spirit is a separate conversation, which we will discuss under the real-life


<p>11</p>

Evolution of the UK Banking System,” Bank of England Quarterly Bulletin 2010 Q4, Vol. 50, No. 4, http://www.bankofengland.co.uk/publications/Documents/quarterlybulletin/qb100407.pdf.

<p>12</p>

Ibid.