Enterprise Compliance Risk Management. Ramakrishna Saloni
Чтение книги онлайн.
Читать онлайн книгу Enterprise Compliance Risk Management - Ramakrishna Saloni страница 7
Two of the major menaces that the financial services industry unwittingly has become a part of are money laundering and terrorist financing. Across geographies regulations against money laundering and terrorism have been passed and the expectations of their compliance are very strict. The United States covers these under BSA (Banking Secrecy Act of 1970); the USA Patriot Act (Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001); and through the OFAC (Office of Foreign Assets Control), an agency of the United States Department of Treasury under the auspices of the Under Secretary of the Treasury for Terrorism and Financial Intelligence.
The next financial crisis, the crisis of 2007 that shook the western world, brought its slew of regulations. Notable among them was the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, which is enforced by multiple agencies including FDIC (Federal Deposit Insurance Corporation), SEC (Securities and Exchange Commission), the Comptroller of the Currency, and the Federal Reserve. The focus of the act is to improve accountability and transparency, which would aid in promoting the financial stability of the United States. Consumer protection from negative financial services practices is another focal point of the act. This has created the CFPB (Consumer Financial Protection Bureau) and FSOC (Financial Stability Oversight Council). Per the US Securities and Exchange Commission, “The legislation set out to reshape the U.S. regulatory system in a number of areas including but not limited to consumer protection, trading restrictions, credit ratings, regulation of financial products, corporate governance and disclosure, and transparency.”10 From a compliance point, the 848-page bill poses a nightmare as its reach and expectation is so far and wide.
FATCA (Foreign Account Tax Compliance Act), another 2010 act, while essentially a tax-related act, brings into its fold a compliance expectation from banks: foreign financial institutions (FFIs) having to directly report to the IRS (Internal Revenue Service of the United States) information about financial accounts held by US taxpayers or foreign entities in which they have substantial interest. There are obvious deterrents if the FFIs do not do the expected reporting. This brings forth a distracting but critical aspect of evolving expectation from financial institutions – that by being the medium for financial transactions, they become responsible for compliance obligations that technically need not be in their domain. Paying taxes, for example, is the responsibility of self-declaration by individuals and organizations with the onus of ensuring compliance on the tax management authorities. It is into this world that banks have been co-opted.
FSGO or the Federal Sentencing Guidelines for Organizations (revised 2004) is another important regulation in the US landscape.
United Kingdom
Here, too, the crises and panic history is an interesting read, for example, the banking crisis of 1824–25 that resulted in bank runs and failure of 93 banks, which in its turn led to the creation of the Joint Stock Companies Banking Act of 1857. From a compliance perspective, however, we start our trace of regulations in the UK from a more recent period, the Competition and Credit Control Act of 197111 and the Banking Act of 1979, which put banking regulation on a statutory footing. It required that institutions be licensed in order to accept deposits from the public. “This act, the first to establish a regime of supervision, created a two tier system of banks and licensed deposit takers.”12 The Banking Act of 1987 had its trigger in the Johnson Matthey bank crisis of 1984, where the bank suffered the consequences of two large bad debts.
On the securities and investments side, too, prior to the Financial Services Act of 1986 that was passed by the parliament of the UK to regulate the financial services industry, there was no legislation to comprehensively regulate the markets. All subsequent expansions of the regulatory regime can be traced to this act. This provided for the creation of FSA's predecessor, the Securities and Investment Board (SIB). In 1997 the SIB formally changed its name to the Financial Services Authority.
Interesting to note is that unlike the United States where the Federal Reserve traces back to 1913 and the Securities and Exchange Commission to 1934, the UK's formal financial regulatory setup is fairly young – Banking Acts of 1979 and 1987 and Financial Services Act of 1986. Does this mean that there were lesser scandals? Perhaps not. Perhaps they were handled though the judicial system or through localized solutions. A formal regulatory framework is of a later origin. I pick up the subsequent illustrations from the nineties.
The 1991 the BCCI (Bank of Credit and Commerce International) scandal that led to its shutdown due to internal fraud and the Nick Leeson scandal that led to the near collapse of Barings in 1995 created enough furor in the financial circles to bring to the fore the need for a more comprehensive regulatory supervision. The Bank of England Act of 1998 that followed had two objectives, one of which was to transfer the responsibility of supervision of the deposit taking institutions from the bank to the FSA. The subsequent FSMA (The Financial Services and Markets Act 2000) created the Financial Services Authority as a single regulator for insurance, investment business, and banking, perhaps the single most powerful regulator in the world. This model was in contrast to the multiple regulator regime of the United States.
The FSA (Financial Services Authority) of UK was well known for its detailing of the regulatory guidelines in various areas. It is often said in the financial circles that FSA is usually the first to introduce prescriptive guidelines, which are then used as a basis for similar guidelines by other regulators who add the local flavor but retain the core structure as designed by the FSA intact. So much so that the risk and compliance management teams of global banks would target compliance and coverage per FSA norms, which, they believed, would help in automatically complying with requirements of other countries.
It is paradoxical that the organization that was known for its detail and clarity in setting out norms and standards has been replaced by two new bodies, as it was considered to be not very effective in having the regulations executed by the member banks. In the risk management section, we will discuss the effectiveness assessments as a combination of design effectiveness and operational effectiveness. Inefficiencies in either or both would result in the overall inefficiency.
Due to the perceived regulatory failure in arresting the banking crisis in the UK in the 2007–2009 period (it was reported that the Northern Rock was the first bank in 150 years to suffer a bank run in the UK) and consequent to the restructuring of the financial system, the Financial Services Act 2012 was passed, abolishing the FSA effective on April 1, 2013. This was succeeded with two bodies: the Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) (Figure 1.1). Following are brief descriptions of these two agencies:
Figure 1.1 Simplified Picture of the UK Regulatory Framework
Source: “The Prudential Regulation Authority,” Bank of England Quarterly Bulletin 2012 Q4.
FCA 2012 – The Financial Conduct Authority is one of the two successors for the famed Financial Services Authority, the other being the Prudential Regulation Authority. The choice of the word “Conduct” spells out the fact that financial businesses are expected to follow fair business behavior, and it would be the job of this authority to step in with corrective
9
“The Laws that Govern the Securities Industry,” US Securities and Exchange Commission, http://www.sec.gov/about/laws.shtml#secexact1934.
10
Ibid.
11
Evolution of the UK Banking System,”
12
Ibid.