eBook - ePub

Strategies for Compliance

Name: Strategies for Compliance
Author: Alan Brener

Tools, Techniques and Challenges in Financial Services

Alan Brener

Share book

272 pages
English
ePUB (mobile friendly)
Available on iOS & Android

eBook - ePub

Strategies for Compliance

Tools, Techniques and Challenges in Financial Services

Alan Brener

Book details

Book preview

Table of contents

Citations

About This Book

Compliance is a fundamental control function within regulated industries globally. This book provides an expert introduction to corporate compliance using cases, examples and insights from the financial services sector and beyond.

The author, an experienced compliance practitioner and academic, highlights compliance challenges, using examples such as Wells Fargo, whistleblowing in the financial services and the mis-selling of payment protection insurance in the UK banking sector. The book explores strategies for creating compliant cultures and fostering regulatory trust, whilst practical guidance is provided on anticipating regulatory changes. Addressing organisational obstruction and delay, the author presents a series of valuable tools and techniques for real-world practice.

An essential professional development resource for board directors, compliance officers and other senior managers, the book also provides a unique learning and development resource for students of corporate compliance globally.

Frequently asked questions

How do I cancel my subscription?

Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.

Can/how do I download books?

At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.

What is the difference between the pricing plans?

Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.

What is Perlego?

We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.

Do you support text-to-speech?

Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.

Is Strategies for Compliance an online PDF/ePUB?

Yes, you can access Strategies for Compliance by Alan Brener in PDF and/or ePUB format, as well as other popular books in Commerce & Commerce Général. We have over one million books available in our catalogue for you to explore.

Information

Publisher

Routledge

Year

2020

ISBN

9781000320244

Edition

Topic

Commerce

Subtopic

Commerce Général

1
INTRODUCTION

Responsibility

The central issue with compliance in banking can be best summed up in an exchange before Parliamentary Commission on Banking Standards between a member of the Commission and the then Group Head of Compliance at Barclays Bank.

Q 678 Chair (Mark Garnier MP): Whose responsibility is it to make Barclays compliant?

Mike Walters (Group Head of Compliance, Barclays Bank): Compliance clearly is responsible and accountable for the responsibilities of compliance, and those are very clear. We carry out policy setting in the key areas that we are responsible for. We monitor whether those policies are being complied with, and we give advice on matters of the rules.

Q 679 Chair: Who was responsible for the compliance at Barclays – to make Barclays compliant?

Mike Walters: I believe that everybody at Barclays has the responsibility to do that.

Q 680 Chair: So the compliance officer is not responsible for making Barclays compliant; it is everybody else. Or it is everybody including you.¹

This exchange highlights both skepticism as to the effectiveness of the compliance function and confusion over its role: what is the extent of its responsibility? This raises the question of why have a compliance function if the scope of its role is too narrowly drawn? Does having a compliance unit add any real value? This book will explore these issues and suggest possible remedies.

The over-arching context is that the regulators need to operate via the compliance function and that of other controls since it is well-nigh impossible for regulators to operate directly upon a regulated firm. They do not know the processes, nor the products and services in any detail; and they lack both the resources and inclination to be ever present on site. They need to delegate the day-to-day job of regulation to the firm itself – it is for others, such as the compliance officer, within the firm to put the regulations into effect within the business. This is undertaken through the boards of the regulated firm, other senior executives and the various control functions. Of the latter, the compliance function is central.

What is meant by the term ‘compliance’ varies across jurisdictions, regulatory regimes and the types of businesses and markets involved. The next sections look at what may be encompassed by the term ‘compliance’ (largely in the United Kingdom and the United States), what the compliance function within a business is meant to do and the challenges faced by the function – including the need to improve the level of professionalism in compliance.

The aim of this book is to produce a conceptual framework for compliance. This concept must be capable of being set out clearly to staff within both the compliance function and the business and to other stakeholders, such as customers and regulators. Without this clear understanding of what compliance is trying to do and why, there is a strong risk of it losing direction and drifting towards ineffectiveness.

This work focuses on the United States and the United Kingdom but the issues have broader application. In addition, this work concentrates on financial services, and in particular, banking regulation. However, many of the issues have much wider application and may apply to other highly regulated industries such as pharmaceuticals, aerospace and the extractive industries.

A recent example of the how the themes in this book may apply to other industries can be seen in the action taken by Ofwat, the UK’s statutory water regulator, against Southern Water in 2019. The company has had to pay a £3m fine and a further £123m in redress to its customers.² The firm had failed in its statutory duties to treat sewage and had dumped ‘untreated effluent into beaches, rivers and streams’ and misreported the relevant data. It had ‘manipulated water samples for 7 years until 2017 so that the true performance of its sewage treatment works was hidden’.³ The issues were the result of ‘poor management and a failure to make the necessary investment in sewage treatment works’. ‘Southern Water, which is owned by a consortium of private equity and infrastructure investors including UBS Asset Management and JPMorgan Asset Management, now faces a criminal investigation by the Environment Agency, a separate regulator, which began investigating in 2016’.⁴

The water company suffered from poor corporate governance, a weak corporate culture and the lack of an adequate compliance function.⁵ The investigation found that ‘senior management within the Wastewater Operations division colluded to conceal the actual performance of [the treatment plants]. A culture of data manipulation was the norm and was accepted by staff across the division’.⁶ There were also ‘deficiencies in [Southern Water’s] organisational culture which prevented employees from being comfortable with speaking out about inappropriate or non-compliant behaviours’.⁷ These are all common themes which continue to reoccur in a variety of organisations considered in this book, including the scandal at the UK’s National Health Service Mid Staffordshire Trust and the circumstances leading to the Herald of Free Enterprise ferry disaster in Zeebrugge, Belgium in 1987, as well as in the UK and US financial services industry.

By way of clarification, throughout this work the term ‘compliance’ is used to cover both the compliance function within a bank, no matter how it may be described in the organisation charts within individual firms, and also the task of undertaking the compliance role.

What is required of ‘compliance’?

The Basel Committee requires that each ‘bank should have an executive or senior staff member with overall responsibility for co-ordinating the identification and management of the bank’s compliance risk and for supervising the activities of other compliance function staff’.⁸ This individual is known as the ‘head of compliance’ or ‘compliance officer’. The international standards set by the Basel Committee are then enacted by individual jurisdictions.

The UK’s Financial Conduct Authority (FCA) requires that all regulated firms ‘must establish, implement and maintain adequate policies and procedures sufficient to ensure compliance of the firm including its managers, employees’ and so on.⁹ Firms ‘must, taking into account the nature, scale and complexity of its business, and the nature and range of financial services and activities undertaken in the course of that business, establish, implement and maintain adequate policies and procedures designed to detect any risk of failure by the firm to comply with its obligations under the regulatory system, as well as associated risks, and put in place adequate measures and procedures designed to minimise such risks and to enable the FCA to exercise its powers effectively under the regulatory system’.¹⁰

Firms must maintain a permanent and effective compliance function which operates independently and which has the following responsibilities:

(1) to monitor and, on a regular basis, to assess the adequacy and effectiveness of the measures and procedures put in place in accordance with SYSC 6.1.2 R, and the actions taken to address any deficiencies in the firm’s compliance with its obligations; and,

(2) to advise and assist the relevant persons responsible for carrying out regulated activities to comply with the firm’s obligations under the regulatory system.¹¹

There is also a requirement for an individual who carries out the ‘compliance oversight role’ (i.e. the ‘compliance officer’) to be a ‘Senior Management Function 16’ under the Senior Manager and Certified Person Regime’.¹² Besides these requirements the rules are somewhat vague about the role of the compliance officer.

The US Securities and Exchange Commission (SEC) requires investment companies and ‘investment advisers to adopt written compliance procedures, review the adequacy of those procedures annually, and to designate a chief compliance officer responsible for their administration’.¹³

The US Federal Reserve explained its approach and expectations of banks and compliance officers in a letter in 2008.¹⁴

What is the compliance function meant to achieve?

Put simply, regulated firms are required to comply with the regulations. However, attempting to comply with the ‘black-letter’ law of regulations is not sufficient. There needs to be both an analysis and understanding of what the rules are trying to achieve. Sometimes this is called following the ‘spirit’ as well as the ‘letter’ of the regulations. Simply ‘monitoring, assessing and advising’ sets a very low standard. In reality the regulators, rightly, expect much more. Further, the regulators constitute only one of the stakeholders; albeit very a very important one. Others – such as customers, the media and politicians – with an interest in the regulated firm are likely to have their own expectations which may go beyond those of the regulators.

Compliance is much more than monitoring, assessing and advising – important though these tasks are. This book covers some of the basic requirements but also focuses on four broad, but central, expectations. These are to:

• provide a ‘powerful, vocal conscience’. Compliance provides a ‘voice’ – an authoritative voice – within the firm, representing both stakeholders who may lack a voice and also the long term interests of the business,

• provide ‘imagination of thought’. Individuals in a business, as elsewhere, should think and imagine for themselves, including looking at the wider perspective. However, for a variety of reasons – including hubris, a focus on procedure rather than substance and the simple drudgery of work – this may fail to happen. The compliance function needs to ensure that ‘thought’ is present and is clearly expressed and that ultimately right is done,

• act as the intelligent ‘interlocutor’. Compliance explains the regulatory requirements in a form which resonates within a firm and to explain the business to the regulators. The importance of this ‘communication’ role cannot be overstated,

• ensure that the business retains its ‘moral compass’. From time to time individuals in the business will be tempted, on grounds of expediency, to act wrongly. There may be strong pressures to go along with this. Compliance must resist this, often self-imposed, ‘gleichschaltung’ or ‘accommodation’ or ‘alignment’. Compliance must provide leadership and not just advice.

All these roles may be negated by numbing ones’ thoughts and instead going along with the drift, abandoning the exercise of authority and instead, keeping quiet and avoiding taking a stand.

Compliance function challenges

There have been many major compliance failures over the years in both the United Kingdom and the United States. Sharon Gilad in her empirical work found that firms, generally, have a considerable ability to self-justify and to rationalise their actions.¹⁵ For example, The Financial Services Authority (FSA) launched a major project in the early 2000s that required regulated firms to ‘treat their customers fairly’ (TCF). Her work found that in many regulated firms:

management communication of TCF messages through posters and training programs were cynical attempts at ‘cosmetic compliance’ – posters appeared just before a visit from the regulator, and internal communications were … focused on providing the regulator with superficial evidence of ‘cultural transformation’.¹⁶ The research found that changes in regulation would not be ‘internalised’ within an organisation. The compliance function was often at the centre of this failure. The reasons for this include some or all of the factors set out in the next section some of which are developed in later chapters. Having said this, compared with, for example, in-house lawyers in regulated firms, research by UCL Centre for Ethics and Law found some evidence that compliance officers ‘were more independent than in-house lawyers, who were said to have a stronger ethic of zealous loyalty to the ‘client’ than fidelity to the law’....