The burden of daily regulatory updates received by our major banks has now risen to nearly 200, compared with around 10 a day in 2004.
It’s no wonder that it has become increasingly difficult for multinational banks to manage their compliance programs, particularly as they are now engaged in so many business and service lines.
One might expect this regulatory burden to have hampered banks from retaining their spirit of innovation. But they continue to identify profitable new jurisdictions (for example, Thailand and Chile) and potential new business lines (mobile banking, blockchain) without neglecting the statutes, codes, regulations and guidance documents.
However as recent fines for banks have highlighted, it appears that regulatory compliance programs are not translating into necessary change. So how can they get back on the right track?
Solid foundation needed
The increase in regulations has exposed several challenges within financial institutions. These range from a lack of understanding as to which regulations apply to which functions and people within the organization, and the disparities of regulations across jurisdictions; to how exactly financial institutions should structure their compliance programs.
A successful regulatory compliance program begins with a solid foundation, where employees participate in the necessary training to fully understand the meaning of strong ethics and integrity, and in return apply these values to their work. If the Bank Secrecy Act stipulates that depository institutions must keep certain records that have a ‘high degree of usefulness in criminal, tax, or regulatory investigations and proceedings,’ an employee should be able to exercise such values and point to the relevant training manual if questioned.
Compliance gone awry
Deutsche Bank recently paid out $258 million to US state and federal regulators to settle charges for business committed on behalf of entities in US-sanctioned countries, such as Iran and Syria. There are actually no sanctions compliance programs required by any regulations, although one might argue that Deutsche Bank should have known and implemented a written OFAC (Office of Foreign Assets Control) program.
This may be an unwritten rule, but if employees were able to apply strong business morals and ethics, this incident may have been avoided.
In another case, ABN Amro Bank N.V. paid out a smaller sum of $640,000 to the Dubai Financial Services Authority for failing to adequately supervise their private banking international staff around deficiencies in their anti-money laundering systems and controls. Again, an understanding and application of ethics and principles may have helped to catch this failing.
Seven banks (Barclays, Commerzbank, Credit Suisse, Deutsche Bank, Merrill Lynch International, Royal Bank of Scotland, and Société Générale) have been fined by the Financial Conduct Authority (its predecessor being the Financial Services Authority) for MiFID (Markets in Financial Instruments Directive) transaction reporting failures.
UBS is currently set to receive the largest ever fine (over $18m) for the same oversight. This is a clear indication that regulatory compliance programs are still in disarray and that in practice lessons have not translated into necessary change.
The solution
The solution contains two components – one on a foundational level and one on a practical level:
- On a foundational level, if we accept that strong morals and integrity are a critical component of any great business – and let’s not argue this one – we can apply Jim Collins’ quote, “Greatness, it turns out, is largely a matter of conscious choice, and discipline.” Employees can indeed learn and apply strong morals and integrity in the workplace.
- On a practical level, guidance and assistance are essential. Financial institutions must be aware of what they need to capture when it comes to implementing regulatory compliance programs. Banks need to:
- Identify the risk areas
- The types of products and services offered
- The customers served
- The jurisdictions of operation
- Comprehension of all the regulatory requirements
- Provide appropriate screening and reporting mechanisms
- Leverage technology and software
- Update training manuals, policies and procedures
- Document how these updates are distributed
The 5 step implementation plan
Developing a regulatory compliance program requires time, resources and expertise. Even with a solution in mind, banks might not have the means to begin execution. Thomson Reuters has the people, technology and expertise to implement a successful regulatory compliance program with a basic 5 step implementation plan.
Thomson Reuters can:
- Provide a comprehensive list of regulations affecting different business lines and products depending on the jurisdiction and where the financial service is operating
- Identify, from within those regulations, the relevant obligations applicable to those business lines and products
- Monitor those regulations and obligations as updates are made and ensure that the financial institution is made aware of them
- Help to identify gaps in the organizations’ training manuals, policies and procedures documentation
- Implement and configure workflow software that manages risks, reporting and issues that impact the organization from top to bottom
Clients who have implemented this 5 step plan with Thomson Reuters have observed key benefits since implementation – a greater understanding of changing regulatory requirements and their impact on the bank’s specific business lines; more efficient allocation of human and financial resources; and a superior ability to gather, prioritize and assess risk – all of which contribute to immensely improved interactions with regulatory bodies.
This 5 step plan will confidently put financial institutions on the right track to worry-free compliance.