Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
ICSA Guernsey Conference
St Pierre Park Hotel Spa & Golf Resort
Wednesday 26 April
WiFi Access:
Handpicked
Password: HPH11...
Join
the conversation
@ICSA_News
#GuernseyConf17
Welcome and introduction
Paul Smith, Vice Chairman
ICSA Guernsey Branch Council
The art of minute taking: new
ICSA guidance
Peter Swabey FCIS, Policy and Research
Director, ICSA
The minuting of meetings
The minuting of meetings
The minuting of meetings
Consultation published 23rd May
– closed 24th June
89 responses to 31 questions
2,759 answers
Sum...
So what did we find ?
• Good minuting is a deceptively difficult and time consuming task
which is often under-valued, nota...
So what did we find ?
There is no one-size fits all approach for minute-
writing and no ‘right way’ to draft minutes
• Con...
What are minutes for?
• The purpose of minutes is to provide an accurate, impartial and
balanced internal record of the bu...
What are minutes for?
In simple terms, their purpose is to record what
was done, not what was said but with sufficient
con...
What are minutes for?
‘They should be the single source of truth, and should be a complete, self-standing record
(together...
Who is responsible for the minutes?
• The Company Secretary … or other governance professional is
responsible to the chair...
The accuracy of minutes is the responsibility of
the full board
Who is responsible for the minutes?
Key skills of a good minute taker include being able to:
• listen to multiple voices a...
Listen to multiple voices
Listen to multiple voices ……
Who is responsible for the minutes?
• Wherever possible, the company secretary should be supported at
the meeting by a sui...
Drafting minutes
• It can take at least as long, often twice as long, to draft minutes as the
meeting itself took
• It may...
Drafting minutes – preliminary information
• The infrastructure of the meeting
• Who, where, when, what, how etc
• Quorum
...
Drafting minutes – preliminary information
Drafting minutes – preliminary information
Quorum
• A matter for each individual organisation
• Probably only need be ment...
Drafting minutes – preliminary information
Conflict of interests
• Legal, regulatory and constitutional requirements must ...
Drafting minutes – level of detail
• The degree of detail recorded will depend to a large extent on:
• the needs of the or...
Drafting minutes – naming names
• Individual contributions should not normally be attributed by name, but this
will be app...
Drafting minutes – naming names
• Some strongly held views against recording detail
“The purpose of the minute is to recor...
Drafting minutes – naming names
Drafting minutes – dissent
Drafting minutes – dissent
• Most board decisions are reached by consensus
• However, in exceptional circumstances, where ...
Drafting minutes – other matters
• If board papers are received for noting and no decision is
required, then unless there ...
Drafting minutes – the regulator
• Minutes are increasingly used to demonstrate that the directors have
fulfilled their st...
Review and approval of draft minutes
• Draft minutes should be clearly marked as such and amendments to the
draft minutes ...
Access to the minutes
• Who – auditors, regulators and other third parties
• For example, as a board responsibility, minut...
Company secretary’s notes
• Great care should be taken with the company secretary’s notes of the
meeting, both in terms of...
The minuting of meetings – only record of the meeting
Conclusion
• A very interesting and rewarding process
• 89 responses to a consultation – isn’t it great that there are so ...
Further information
www.icsa.org.uk/minutetaking
Thought leadership from ICSA
The Future of AGMs
Peter Swabey FCIS, Policy and Research Director, ICSA
Chris Hodge, Policy Consultant, ICSA and former D...
Practical workshop: Cyber security
Rob Shapland, Principal Cyber Security
Consultant, First Base Technologies LLP
Rob Shapland, First Base Technologies LLP
Cyber Workshop
© First Base Technologies LLP 2017
Penetration Tester and Social Engineer at First Base Technologies since
2008
• Offensive Security Certified Professional –...
Agenda
© First Base Technologies LLP 2017
• Basic Cyber Security Requirements
• Secure the Human
• Secure the Technology
•...
• Understand that cyber security is not just a job for IT, it needs to be embedded in the entire firm
• The board needs to...
• Regular security awareness training, covering at a minimum:
 Email Phishing
 Social engineering
 Safe use of social m...
• Understand where your sensitive data is and who has access, then lock it
down. This includes in the cloud
• Think about ...
Understanding the Threat
© First Base Technologies LLP 2017
Consequences of an Incident …
© First Base Technologies LLP 2017
• Reputational damage
• Loss of client confidence
• Reduc...
Cyber Threat Actors
© First Base Technologies LLP 2017
Nation States Global competition, national security, fraud
Organise...
What do these Threats have in Common?
Social Engineering
Obtaining something by exploiting trust or the ignorance or naive...
More Information?
© First Base Technologies LLP 2017
Email: rob.shapland@firstbase.co.uk
Twitter: @rdshapland
LinkedIn: Ro...
Join
the conversation
@ICSA_News
#GuernseyConf17
Client Due Diligence
Tim Andrews, Director, Ipes
54
Tim Andrews
The ID Register, Ipes
Welcome to the ID Register
Connect to
Create Profile Counterparties
DD Anyone anywhere
Risks Self Control
Screening
FATCA ...
The ID Register
56
The ID Register
57
The ID Register
58
Due Diligence Pack
59
01/01/2014 31/12/2016
01/04/2014 01/07/2014 01/10/2014 01/01/2015 01/04/2015 01/07/2015 01/10/2015 01/01/2016 01/04/2016 0...
FAQs
61
Is this outsourcing? No.
Your firm is not delegating any services or
responsibilities to The ID Register. Your fir...
FAQs
62
E-KYC has not come yet – why not?
 What does the Regulator say?
 Yes – in Guernsey from November 2015.
 Can we outsourc...
GRC professionals: increasing
your value in the workplace
David Press, Managing Director, DMJ Recruitment
Rory Strong, Man...
Maximising your skills in the workplace
How to climb the business ladder by increasing your value as an employee within yo...
1. Be clear about your long term career objectives
Pursue this with intent
David Press, Managing Director – DMJ
Rory Stron...
• Recognise your talents
• Understand your work and what it takes to do it well
• Be open-minded and flexible around what ...
2. Ask for more responsibility
David Press, Managing Director – DMJ
Rory Strong, Managing Consultant - DMJ
www.dmjrecruitm...
• Manage your boss – take work of their hands, they will be grateful
• Ask to get involved in areas outside your remit to ...
3. Take Some Career Development Risks
David Press, Managing Director – DMJ
Rory Strong, Managing Consultant - DMJ
www.dmjr...
• Chart a career path and involve management and HR in the process
• Speak your mind – voice opinions to show you are inve...
4. Continual Professional Development
David Press, Managing Director – DMJ
Rory Strong, Managing Consultant - DMJ
www.dmjr...
• The more skilled you are, the easier it will be for you to advance
• Become the ‘Go To’ person for specific matters
• Pu...
5. Play Your Part in Developing Others
David Press, Managing Director – DMJ
Rory Strong, Managing Consultant - DMJ
www.dmj...
• Good managers attract talent, drive performance, engagement and retention
• Learning and development is very important t...
6. Network, Network, Network
David Press, Managing Director – DMJ
Rory Strong, Managing Consultant - DMJ
www.dmjrecruitmen...
• Professional network is invaluable to developing your career
• Cultivate relationships with colleagues, mentors, contemp...
7. EQ versus IQ
David Press, Managing Director – DMJ
Rory Strong, Managing Consultant - DMJ
www.dmjrecruitment.com
• Understand the language around the board table
• Think about behaviour, how you execute your job and your impact on othe...
8. Balance Work, Education and Fun
David Press, Managing Director – DMJ
Rory Strong, Managing Consultant - DMJ
www.dmjrecr...
• Keep energy levels up – create fun!
• Encourage fresh thinking – is there a better way?
David Press, Managing Director –...
Networking lunch
Dysfunctional leadership in
organisations
Dennis Tourish, Professor of Leadership and
Organisation Studies, University of ...
Dennis Tourish
Professor of Leadership
Sussex University
Co-editor of ‘Leadership’
Email:
D.J.Tourish@sussex.ac.uk
DYSFUNC...
Amazon April 2017 -180,007 books with ‘Leadership’ in their
title. If you read one every day including weekends it would
t...
SOME ASSUMPTIONS
• Followers should
conform – mostly, do
what they are told
• Leaders know best
(but do they always?)
• Di...
KEY LEADERSHIP INSIGHT
The norm of
reciprocity
‘I’m not going to Ted’s funeral.
He won’t be coming to mine.’
INVOLVEMENT…
AND POWER
WHAT ABOUT TRUST?
• Survey of 33,000 people in 28
countries
• CEO credibility dropped worldwide,
by 12% from previous year...
‘You’re an evil bastard, Gilroy. I like that.’
A MAJOR SOURCE
OF ERROR???
‘The temptation to tell a
Chief in a great position
the things he most likes
to hear is one of ...
EFFECTS OF FLATTERY
• A study of 451 CEOs looked at the impact on them of more
intense and frequent flattery (e.g., offeri...
EFFECTS OF NARCISSISM
• Highly narcissistic CEOs less responsive to
whether recent firm performance was good or
bad - cont...
IRRATIONAL BIAS–
ILLUSORY SUPERIORITY
• 69% of drivers consciously worry about being
killed when driving
• Only 1% believe...
MEA CULPA
• More than 90% of professors think
they are in the top half of their
profession!
Trivers, 2011
People are especially sensitive to negative
input – the ‘automatic vigilance effect’
Which
of these
movies
would
you
prefe...
HOW WE TREAT
CRITICAL FEEDBACK
• Subjecting critical
feedback to criticism/
accepting positive
feedback
• ‘I DON’T BELIEVE...
WHAT CAN BE DONE?
• Seek out formal and informal
contact with people as often as
possible
WHAT CAN BE DONE?
• Scrutinise positive
feedback more rigorously
than negative feedback
• Institutionalise dissent
into th...
A CLIMATE WHERE THE
TRUTH IS HEARD
Lead with questions,
not answers
Practice saying:
• ‘I don’t know’
• ‘What do you think...
A CLIMATE WHERE THE
TRUTH IS HEARD
Engage in debate, not coercion
• Have chaotic meetings
• Loud debate
• Heated discussio...
Local update: Beneficial
Ownership Register
Alan Bougourd, Registrar, Guernsey Registry
Current International Framework
“A beneficial owner in respect of a company means the natural person(s)
who directly or in...
FATF Recommendation
R.24:
Countries to ensure that there is adequate, accurate and timely information on BO
and control of...
Why are we doing this?
European Commission View
Help business to know who they are doing business with
Help businesses and...
What is the EU doing?
Current EU Framework 4th AML / CTF Directive
Directive (EU) 2015/849 on the prevention of the use of...
International Landscape *Source: UK Govt press release, “PM hosts major summit as part of global drive to
expose, punish a...
Transparency Versus Privacy
The Deal
UK view is that the benefit of limited liability is worth the price of transparency
H...
What have we done?
Agreement with the UK
In July 2016 there was an Exchange of Notes signed with the Government
confirming...
Legislative developments
Legislation
Following consultation with industry, in February 2017 the States voted in favour of
...
What are we doing?
Definition of Beneficial ownership
Following publication of the legislation, a consultation took place ...
Who will have access?
Access is restricted to:
The Economic Crime Division of Law enforcement
Nominated individuals within...
Timeline
What we need you to do
Prepare
From 01 July any legal entity formed (N.b. LPs are not currently part of the
legislation) w...
What do we need you to do for your existing legal entities?
Prepare
From 01 July 2017 it will be possible for you to popul...
Keeping the Register up-to-date
Maintenance
As soon as an entry appears on the BO Register there will be an obligation, wi...
Enforcement
Penalties
Criminal penalties
Criminal Liabilities
Civil penalties
Disqualification Orders
Private Reprimands
P...
Fees and Guidance
Fees
There will be no cost for the initial population of the Register
Subject to consultation, it is pro...
Possible Developments
Possible changes on BO registers being considered by the European
Commission
•Lower 25% threshold to...
What can we learn from others?
Lessons from UK Companies House
Forms have taken longer to process
They have had an increas...
Todays Take-Away!
I’d sum up what you need to do in 3 sentences:
• Understand – the obligations on a Resident Agent
• Plan...
Other Registry Initiatives
Limited Partnership, LLP & Foundation AVs
APIs
IP Agents
Any Questions
Beneficial Ownership
Registry
IP
Thank you.
alan.bougourd@guernseyregistry.com
Brexit: what does it mean for
Guernsey?
Jonathan Le Tocq, External Affairs Minister, States of
Guernsey
Advocate Jon McLel...
WHAT #BREXIT MEANS
FOR #GUERNSEY
JONATHAN LE TOCQ
THE ONLY THING
THAT IS CONSTANT IS
CHANGE.
Heraclitus
WHAT #BREXIT MEANS FOR #GUERNSEY
WHAT #BREXIT MEANS FOR #GUERNSEY
TREATY OF ROME, U.K. ACCESSION 1972, PROTOCOL 3
▸“Third Country” status
▸Exception for tr...
WHAT #BREXIT MEANS FOR #GUERNSEY
PRIORITY AREAS IDENTIFIED
▸Financial services
▸Customs
▸Fisheries and Agriculture
▸Free m...
WHAT #BREXIT MEANS FOR #GUERNSEY
THE FUTURE
▸New trading opportunities
▸Enhanced international identity
▸Greater constitut...
[LE] ROCHER
D’HOSPITALITÉ
ET DE
LIBERTÉ...OÙ
VIT LE PETIT
PEUPLE DE LA
MER... L’ÎLE DE
GUERNESEY.
Victor Hugo
Thank you.
ICSA Guernsey Conference 2017, 26 April
ICSA Guernsey Conference 2017, 26 April
ICSA Guernsey Conference 2017, 26 April
ICSA Guernsey Conference 2017, 26 April
ICSA Guernsey Conference 2017, 26 April
ICSA Guernsey Conference 2017, 26 April
ICSA Guernsey Conference 2017, 26 April
ICSA Guernsey Conference 2017, 26 April
ICSA Guernsey Conference 2017, 26 April
Upcoming SlideShare
Loading in …5
×

ICSA Guernsey Conference 2017, 26 April

1,247 views

Published on

Presentation slides from the ICSA Guernsey Conference 2017 which took place on 26 April 2017.

Published in: Government & Nonprofit
  • Be the first to comment

  • Be the first to like this

ICSA Guernsey Conference 2017, 26 April

  1. 1. ICSA Guernsey Conference St Pierre Park Hotel Spa & Golf Resort Wednesday 26 April WiFi Access: Handpicked Password: HPH112233
  2. 2. Join the conversation @ICSA_News #GuernseyConf17
  3. 3. Welcome and introduction Paul Smith, Vice Chairman ICSA Guernsey Branch Council
  4. 4. The art of minute taking: new ICSA guidance Peter Swabey FCIS, Policy and Research Director, ICSA
  5. 5. The minuting of meetings
  6. 6. The minuting of meetings
  7. 7. The minuting of meetings Consultation published 23rd May – closed 24th June 89 responses to 31 questions 2,759 answers Summary of feedback now published on www.icsa.org.uk/minutetaking
  8. 8. So what did we find ? • Good minuting is a deceptively difficult and time consuming task which is often under-valued, notably by directors. It is far more than an administrative formality • An enormous variety of minute taking practices • Many people are absolutely convinced that they take minutes ‘the right way’ BUT…..
  9. 9. So what did we find ? There is no one-size fits all approach for minute- writing and no ‘right way’ to draft minutes • Context is always important and each chairman and each board will have their own preference for minuting style • It is up to each individual organisation to decide how best its meetings should be recorded
  10. 10. What are minutes for? • The purpose of minutes is to provide an accurate, impartial and balanced internal record of the business transacted at a meeting • Minutes should document the reasons for the decision and include sufficient background information for future reference – or, perhaps, for someone not at the meeting to understand why the board has taken the decision that it has. ‘to record key points of discussion, record decisions and the reasons for decisions, and agreed actions’ ‘accurate’, ‘impartial’ ‘balanced’ ‘to demonstrate challenge’
  11. 11. What are minutes for? In simple terms, their purpose is to record what was done, not what was said but with sufficient context to give assurance that it was done properly
  12. 12. What are minutes for? ‘They should be the single source of truth, and should be a complete, self-standing record (together with the papers). They should act as evidence of the meeting and as a record of those matters discussed/noted, concerns raised, decisions made and, where considered helpful, the rationale for those decisions, and demonstrate the directors acting in accordance with their duties under the Companies Act.’ Sectoral variation: • A charity or public sector organisation may focus more on ensuring there is clear accountability visible through the minutes • A regulated financial services company is more likely to focus on providing evidence of robust decision making.
  13. 13. Who is responsible for the minutes? • The Company Secretary … or other governance professional is responsible to the chairman for the preparation and retention of minutes • The chairman and the other members of the board are responsible for confirming their accuracy • The person taking minutes should be properly qualified to do so – i.e. they should have the necessary knowledge and skills • Too often minuting a meeting is left (at short notice) to a junior member of staff without the appropriate experience or training
  14. 14. The accuracy of minutes is the responsibility of the full board
  15. 15. Who is responsible for the minutes? Key skills of a good minute taker include being able to: • listen to multiple voices at the same time and capture both their arguments and tone • summarise an argument accurately and record decisions taken and action points on which to follow up • identify which parts of the discussion are material and should be recorded • have the confidence to stand firm when someone asks them to deviate from what they believe to be an accurate record • have the confidence to ask for clarification
  16. 16. Listen to multiple voices
  17. 17. Listen to multiple voices ……
  18. 18. Who is responsible for the minutes? • Wherever possible, the company secretary should be supported at the meeting by a suitably skilled minute taker if one with the necessary skills is available • It is generally a good idea for the company secretary to discuss with the chairman before the meeting any relevant procedural issues and, perhaps most importantly, how they can best support the chairman
  19. 19. Drafting minutes • It can take at least as long, often twice as long, to draft minutes as the meeting itself took • It may be helpful to develop a minute taking policy or style guide to set the house style and conventions. This could be approved by the board • Minutes are normally written in ‘reported speech’ style; they should not be a verbatim record of the meeting • The minutes should be clear, concise and free from any ambiguity as they will serve as a source of contemporaneous evidence in any judicial or regulatory proceedings
  20. 20. Drafting minutes – preliminary information • The infrastructure of the meeting • Who, where, when, what, how etc • Quorum • Directors’ duties • Conflicts of interest ‘These items are not legal boilerplate and are important. The wording of the guidance should be revised.’
  21. 21. Drafting minutes – preliminary information
  22. 22. Drafting minutes – preliminary information Quorum • A matter for each individual organisation • Probably only need be mentioned if there were a lot of absences, or a high quorum requirement such that there might be doubt • For example, if one or more directors have to absent themselves owing to a conflict of interest • Of course, if the chairman does mention quorum it should be minuted • It is the responsibility of the company secretary to be aware whether the meeting is quorate at all times, and advise the chairman should this not be the case
  23. 23. Drafting minutes – preliminary information Conflict of interests • Legal, regulatory and constitutional requirements must be observed • Unless the sectoral regulator requires otherwise, it is reasonable only to refer to conflicts of interest in the minutes where: • the chairman or another board member raises the issue, which they might do if there is a perceived risk of a conflict arising • a potential or actual conflict of interest is declared by one or more of those present • a conflicts register is circulated, tabled or reviewed as part of the business of the meeting • it is necessary to amend the conflicts register.
  24. 24. Drafting minutes – level of detail • The degree of detail recorded will depend to a large extent on: • the needs of the organization • the sector in which it operates and the requirements of any regulator • the working practices of the chairman, the board and the company secretary. • As a minimum, however, we would expect minutes to include: • the key points of discussion • decisions made and, where appropriate, the reasons for them • agreed actions, including a record of any delegated authority to act on behalf of the company
  25. 25. Drafting minutes – naming names • Individual contributions should not normally be attributed by name, but this will be appropriate in some cases. Practice is changing in this area, particularly in the corporate sector • Demonstrate individual director participation and challenge • Equally it became clear that the charity and public sectors have very different practice whereby individual contributions are often attributed. • Once again this is a matter for individual organisations • Guidance includes suggestions on where it will usually or may be appropriate
  26. 26. Drafting minutes – naming names • Some strongly held views against recording detail “The purpose of the minute is to record the decision. The minute should not replicate what is in the board paper. The reason for the decision is unnecessary detail, the paper could be referenced instead.”
  27. 27. Drafting minutes – naming names
  28. 28. Drafting minutes – dissent
  29. 29. Drafting minutes – dissent • Most board decisions are reached by consensus • However, in exceptional circumstances, where the whole board cannot reach agreement, individual directors may request that their dissenting view be recorded in the minutes. It is normal to comply with such requests • The question of how dissent is recorded will be a matter of organisational preference. • One suggestion for specimen wording might be: ‘There was a robust discussion about x, with considerable challenge around a, b, c and d. The board agreed to y, with Mr z requesting that his dissent be recorded.’
  30. 30. Drafting minutes – other matters • If board papers are received for noting and no decision is required, then unless there is material discussion that needs to be recorded, minutes should indicate that the relevant report was ‘received (or reviewed, if that is what happened) and its contents noted’ • Conflicts of interest • Legal professional privilege • Offshore companies • “not for the minutes”
  31. 31. Drafting minutes – the regulator • Minutes are increasingly used to demonstrate that the directors have fulfilled their statutory duties • evidencing appropriate challenge in order to hold the executive to account • showing that issues of risk and both shareholder and stakeholder impact have been properly considered • Minutes should facilitate regulatory oversight, but this is not their primary purpose • Nonetheless, those drafting minutes should be mindful of regulatory needs • The well-written minutes of an effective board meeting should convey all the assurance that a regulator requires
  32. 32. Review and approval of draft minutes • Draft minutes should be clearly marked as such and amendments to the draft minutes should be thought of as ‘enhancements’ rather than ‘corrections’ “Editing by board members who are ultimately responsible for the accuracy should not be regarded as a failing on the part of the person drafting the minutes but a sign that responsibilities are understood and taken seriously.” • Need to guard against attempts to rewrite history • The audio recording of board meetings or the publication of board minutes is not, generally, recommended • Treatment of ‘post-meeting events’ • To redact or not to redact …..
  33. 33. Access to the minutes • Who – auditors, regulators and other third parties • For example, as a board responsibility, minutes should be included as part of the board evaluation process • What – unrestricted / restricted (e.g. senior audit partner) / view-only / redacted • How – electronically / minute book / electronic portal • Publication of minutes • Retention of minutes
  34. 34. Company secretary’s notes • Great care should be taken with the company secretary’s notes of the meeting, both in terms of content and retention. We recommend that they are destroyed once the minutes to which they relate have been approved • Wide variety of practices • Retention periods ranged from as soon as they were written up to pretty much forever ‘only one version of the truth is required’
  35. 35. The minuting of meetings – only record of the meeting
  36. 36. Conclusion • A very interesting and rewarding process • 89 responses to a consultation – isn’t it great that there are so many people with such strongly held views? • All this may suggest that minute taking is a necessary yet thankless task, but as one respondent to our consultation asked, how many other people in an organisation get their work in front of the board as frequently and consistently as company secretaries? • Thanks to everyone who shared with us their wisdom and experience gained from minuting literally countless meetings and, in particular, to Colin Passmore at Simmons & Simmons and Carol Shutkever at Herbert Smith Freehills for their guidance and support.
  37. 37. Further information www.icsa.org.uk/minutetaking
  38. 38. Thought leadership from ICSA
  39. 39. The Future of AGMs Peter Swabey FCIS, Policy and Research Director, ICSA Chris Hodge, Policy Consultant, ICSA and former Director of Corporate Governance, FRC Susan Swabey FCIS, Company Secretary, Smith and Nephew plc
  40. 40. Practical workshop: Cyber security Rob Shapland, Principal Cyber Security Consultant, First Base Technologies LLP
  41. 41. Rob Shapland, First Base Technologies LLP Cyber Workshop © First Base Technologies LLP 2017
  42. 42. Penetration Tester and Social Engineer at First Base Technologies since 2008 • Offensive Security Certified Professional – 24 hour exam • Social Engineer – trained by Chris Hadnagy, world-renowned social engineering expert • Trained in Kidnap Escape and Evasion • Published technical writer • Media and conference speaker • Fire jumper Who is Rob Shapland? © First Base Technologies LLP 2017
  43. 43. Agenda © First Base Technologies LLP 2017 • Basic Cyber Security Requirements • Secure the Human • Secure the Technology • Understanding the threat
  44. 44. • Understand that cyber security is not just a job for IT, it needs to be embedded in the entire firm • The board needs to take ownership and responsibility for cyber security • This needs to be filtered down to all staff by continual training and awareness • Understand your key information assets and assess their vulnerability to attack • Has responsibility for cyber risk been allocated? Is it on the risk register? • Understand the impact if a data breach occurs (reputation, financial impact), and have a plan • Understand who might attack – regular briefings to the board from CISO or industry experts • Encourage information sharing with other firms Basic Requirements © First Base Technologies LLP 2017
  45. 45. • Regular security awareness training, covering at a minimum:  Email Phishing  Social engineering  Safe use of social media  Passwords • Email phishing testing • Social engineering testing – telephone and building security Step 1: Secure the Human © First Base Technologies LLP 2017
  46. 46. • Understand where your sensitive data is and who has access, then lock it down. This includes in the cloud • Think about who might attack you and the methods they would use • Enforce strong passwords on all interfaces (including the wifi network) • All external interfaces protected by two-factor authentication • Regular patching on ALL devices • Regular penetration testing of external and internal devices, and applications • Email filters, endpoint protection Step 2: Secure the Technology © First Base Technologies LLP 2017
  47. 47. Understanding the Threat © First Base Technologies LLP 2017
  48. 48. Consequences of an Incident … © First Base Technologies LLP 2017 • Reputational damage • Loss of client confidence • Reduction in market share • Forfeit of competitive edge • Loss of jobs • Organisational failure • Fines
  49. 49. Cyber Threat Actors © First Base Technologies LLP 2017 Nation States Global competition, national security, fraud Organised Crime Illicit profit, fraud, identity theft Actor Motivation Activists Ideological, political, disenfranchised, malicious havoc Terrorists Ideological, political Insiders Personal advantage, monetary gain, revenge, ideological Individual Hackers Ego and peer approval, curiosity, ideological Competitors Competitive advantage, damage to competitor Loss of intellectual property, disruption of systems, financial loss, regulatory issues Loss of IP, financial loss, privacy issues, regulatory issues, damage to brand Impact Data destruction, disruption of systems, regulatory issues, damage to brand Data destruction, disruption to systems, regulatory issues Loss of intellectual property, disruption of systems, financial loss, regulatory issues Data destruction, disruption of systems, regulatory issues, damage to brand Loss of intellectual property, regulatory issues, damage to brand
  50. 50. What do these Threats have in Common? Social Engineering Obtaining something by exploiting trust or the ignorance or naivety of others It works on the human factor … frequently called “the weakest link”! © First Base Technologies LLP 2017
  51. 51. More Information? © First Base Technologies LLP 2017 Email: rob.shapland@firstbase.co.uk Twitter: @rdshapland LinkedIn: Rob Shapland
  52. 52. Join the conversation @ICSA_News #GuernseyConf17
  53. 53. Client Due Diligence Tim Andrews, Director, Ipes
  54. 54. 54 Tim Andrews The ID Register, Ipes
  55. 55. Welcome to the ID Register Connect to Create Profile Counterparties DD Anyone anywhere Risks Self Control Screening FATCA & CRS Relax & keep updated. Continuously screened Validation & evidence alerts 55
  56. 56. The ID Register 56
  57. 57. The ID Register 57
  58. 58. The ID Register 58
  59. 59. Due Diligence Pack 59
  60. 60. 01/01/2014 31/12/2016 01/04/2014 01/07/2014 01/10/2014 01/01/2015 01/04/2015 01/07/2015 01/10/2015 01/01/2016 01/04/2016 01/07/2016 01/10/2016 30/06/2014 FATCA Goes Live 01/03/2015 Online DD Requested 30/04/2015 5/6ths Responses Received 31/05/2015 FATCA 2014 Reporting Submitted 01/10/2015 ID Register Begun 01/09/2016 Official Launch 22/07/2016 ID Register Live 01/04/2016 Panama Papers Our Story 60 • We certified 8,500 investors for FATCA in 2014 and needed an efficient solution. • 5/6ths of investors responded online. • FATCA and CRS information is a subset of KYC requirements. • The ID Register is live with 10,500 investors and over 100 Fund groups
  61. 61. FAQs 61 Is this outsourcing? No. Your firm is not delegating any services or responsibilities to The ID Register. Your firm is entering into a contract for services, these being the access to an independent data source of Customer Due Diligence. How does content comply with AML/CFT requirements? The standards within The ID Register are driven from the FATF Recommendations with specific consideration being given to the AML/CFT requirements applicable to UK and Channel Islands regulated businesses. a. Certification Certification can be undertaken by two methods. The first is through the digital certification method built into the system where the profile owner uploads a document and requests a suitably qualified person to certify the document. This document will have certification wording digitally imprinted into the document. The second is through the uploading and validation of previously certified documents where the profile owner will upload documents that have previously been certified in wet ink. How secure is the site? No site is immune from attack, but in important respects The ID Register is even more secure than popular social platforms: • Fully encrypted database • Penetration tested software • Hosted on Azure • Full SSL encryption from servers to browser An improvement from paper, email and Excel.
  62. 62. FAQs 62
  63. 63. E-KYC has not come yet – why not?  What does the Regulator say?  Yes – in Guernsey from November 2015.  Can we outsource MLRO responsibility too?  Yes – Handbook & Thematic Review June 2016 with suitable training.  Incomplete, tech-heavy products  Document sharing, individuals only, in-house software, focussed on banks.  Someone else try it first  www.ipes.com/investorservices  My client list is private & cross contamination fears  Own your own data 63
  64. 64. GRC professionals: increasing your value in the workplace David Press, Managing Director, DMJ Recruitment Rory Strong, Managing Consultant, DMJ Recruitment Sharon Spruce, Learning and Development Specialist, Skills Solutions Hayley Tanguy, Director, Aztec Group
  65. 65. Maximising your skills in the workplace How to climb the business ladder by increasing your value as an employee within your company David Press, Managing Director – DMJ Rory Strong, Managing Consultant - DMJ www.dmjrecruitment.com
  66. 66. 1. Be clear about your long term career objectives Pursue this with intent David Press, Managing Director – DMJ Rory Strong, Managing Consultant - DMJ www.dmjrecruitment.com
  67. 67. • Recognise your talents • Understand your work and what it takes to do it well • Be open-minded and flexible around what you are trying to do • Plan ahead – what else could you be doing to shape out your skills. David Press, Managing Director – DMJ Rory Strong, Managing Consultant - DMJ www.dmjrecruitment.com
  68. 68. 2. Ask for more responsibility David Press, Managing Director – DMJ Rory Strong, Managing Consultant - DMJ www.dmjrecruitment.com
  69. 69. • Manage your boss – take work of their hands, they will be grateful • Ask to get involved in areas outside your remit to broaden your skills David Press, Managing Director – DMJ Rory Strong, Managing Consultant - DMJ www.dmjrecruitment.com
  70. 70. 3. Take Some Career Development Risks David Press, Managing Director – DMJ Rory Strong, Managing Consultant - DMJ www.dmjrecruitment.com
  71. 71. • Chart a career path and involve management and HR in the process • Speak your mind – voice opinions to show you are invested David Press, Managing Director – DMJ Rory Strong, Managing Consultant - DMJ www.dmjrecruitment.com
  72. 72. 4. Continual Professional Development David Press, Managing Director – DMJ Rory Strong, Managing Consultant - DMJ www.dmjrecruitment.com
  73. 73. • The more skilled you are, the easier it will be for you to advance • Become the ‘Go To’ person for specific matters • Public speaking marks you out as an expert and a leader David Press, Managing Director – DMJ Rory Strong, Managing Consultant - DMJ www.dmjrecruitment.com
  74. 74. 5. Play Your Part in Developing Others David Press, Managing Director – DMJ Rory Strong, Managing Consultant - DMJ www.dmjrecruitment.com
  75. 75. • Good managers attract talent, drive performance, engagement and retention • Learning and development is very important to those early on in their career David Press, Managing Director – DMJ Rory Strong, Managing Consultant - DMJ www.dmjrecruitment.com
  76. 76. 6. Network, Network, Network David Press, Managing Director – DMJ Rory Strong, Managing Consultant - DMJ www.dmjrecruitment.com
  77. 77. • Professional network is invaluable to developing your career • Cultivate relationships with colleagues, mentors, contemporaries • Great place to evaluate opportunities and problems David Press, Managing Director – DMJ Rory Strong, Managing Consultant - DMJ www.dmjrecruitment.com
  78. 78. 7. EQ versus IQ David Press, Managing Director – DMJ Rory Strong, Managing Consultant - DMJ www.dmjrecruitment.com
  79. 79. • Understand the language around the board table • Think about behaviour, how you execute your job and your impact on others. • Be politically astute but non-political in how you do it. Remain neutral David Press, Managing Director – DMJ Rory Strong, Managing Consultant - DMJ www.dmjrecruitment.com
  80. 80. 8. Balance Work, Education and Fun David Press, Managing Director – DMJ Rory Strong, Managing Consultant - DMJ www.dmjrecruitment.com
  81. 81. • Keep energy levels up – create fun! • Encourage fresh thinking – is there a better way? David Press, Managing Director – DMJ Rory Strong, Managing Consultant - DMJ www.dmjrecruitment.com
  82. 82. Networking lunch
  83. 83. Dysfunctional leadership in organisations Dennis Tourish, Professor of Leadership and Organisation Studies, University of Sussex
  84. 84. Dennis Tourish Professor of Leadership Sussex University Co-editor of ‘Leadership’ Email: D.J.Tourish@sussex.ac.uk DYSFUNCTIONAL LEADERSHIP IN CORPORATIONS Ken Lay AKA ‘Kenny Boy’ Jeffrey Skilling
  85. 85. Amazon April 2017 -180,007 books with ‘Leadership’ in their title. If you read one every day including weekends it would take you 493 years…. BUT – there are only 168 books with ‘Followership’ in their title We have a fixation on leadership, though without followers there are no leaders…
  86. 86. SOME ASSUMPTIONS • Followers should conform – mostly, do what they are told • Leaders know best (but do they always?) • Dissent is resistance to be overcome Who’s the boss BBC 2 March 2016
  87. 87. KEY LEADERSHIP INSIGHT The norm of reciprocity ‘I’m not going to Ted’s funeral. He won’t be coming to mine.’
  88. 88. INVOLVEMENT… AND POWER
  89. 89. WHAT ABOUT TRUST? • Survey of 33,000 people in 28 countries • CEO credibility dropped worldwide, by 12% from previous year • At an all time low of 37% who say CEOs are ‘credible’ Edelman Trust Survey, 2017
  90. 90. ‘You’re an evil bastard, Gilroy. I like that.’
  91. 91. A MAJOR SOURCE OF ERROR??? ‘The temptation to tell a Chief in a great position the things he most likes to hear is one of the commonest explanations of mistaken policy. Thus the outlook of the leader on whose decision fateful events depend is usually far more sanguine than the brutal facts admit.’ Winston Churchill (1931) INGRATIATION...
  92. 92. EFFECTS OF FLATTERY • A study of 451 CEOs looked at the impact on them of more intense and frequent flattery (e.g., offering exaggerated compliments) and opinion conformity (e.g., expression of agreement even when people don't agree). • Flattery and opinion conformity linked to CEOs having more favourable evaluations of their own strategic judgments and leadership skills, being less likely to make strategic changes when firm performance suffered, and more prone to lead firms that suffered persistently poor performance. Hyuan Park, Westphal and Stern, ASQ, 2011
  93. 93. EFFECTS OF NARCISSISM • Highly narcissistic CEOs less responsive to whether recent firm performance was good or bad - continued to make equally risky investments (e.g. acquisitions of new companies) regardless of recent performance. Their less narcissistic peers more cautious in bad times and tended to take bigger risks during good times. Chatterjee and Hambrick, ASQ, 2011
  94. 94. IRRATIONAL BIAS– ILLUSORY SUPERIORITY • 69% of drivers consciously worry about being killed when driving • Only 1% believe they drive worse than average • 98% think they are safer than, or as safe, as the average driver. Brake (Road Safety Charity) Survey of 800 UK adults, March 2011
  95. 95. MEA CULPA • More than 90% of professors think they are in the top half of their profession! Trivers, 2011
  96. 96. People are especially sensitive to negative input – the ‘automatic vigilance effect’ Which of these movies would you prefer to see?
  97. 97. HOW WE TREAT CRITICAL FEEDBACK • Subjecting critical feedback to criticism/ accepting positive feedback • ‘I DON’T BELIEVE IT’ • Deny failure • Alternative facts??
  98. 98. WHAT CAN BE DONE? • Seek out formal and informal contact with people as often as possible
  99. 99. WHAT CAN BE DONE? • Scrutinise positive feedback more rigorously than negative feedback • Institutionalise dissent into the decision-making process – e.g. promote/ cherish/ reward contrarians • Create a culture that confronts ‘the brutal facts of reality’ – i.e. where the truth is heard
  100. 100. A CLIMATE WHERE THE TRUTH IS HEARD Lead with questions, not answers Practice saying: • ‘I don’t know’ • ‘What do you think?’ • ‘Where have we gone wrong?’ • ‘What could we do better?’
  101. 101. A CLIMATE WHERE THE TRUTH IS HEARD Engage in debate, not coercion • Have chaotic meetings • Loud debate • Heated discussions • Healthy conflict D.J.Tourish@sussex.ac.uk
  102. 102. Local update: Beneficial Ownership Register Alan Bougourd, Registrar, Guernsey Registry
  103. 103. Current International Framework “A beneficial owner in respect of a company means the natural person(s) who directly or indirectly ultimately owns or controls the corporate entity” - G8 Action Plan Principles (2013) - G20 high-level principles (2014) - World Bank / UNODC StAR Initiative (The Puppet Masters, 2011) - OECD taxation initiatives: Global Forum on Transparency and the Common Reporting Standard - FATF 2014 Guidance on Transparency and Beneficial Ownership Source – presentation by Alexandra Jour-Schroeder of the EC to Corporate Registers Forum 2017
  104. 104. FATF Recommendation R.24: Countries to ensure that there is adequate, accurate and timely information on BO and control of legal persons that can be obtained or accessed in a timely fashion by competent authorities IO.5: To ensure that legal persons and arrangements are prevented from misuse for ML/FT, and BO information is available to competent authorities without impediments Source – presentation by Mr Kenneth Yap – ACRA Singapore to Corporate Registers Forum 2017
  105. 105. Why are we doing this? European Commission View Help business to know who they are doing business with Help businesses and consumers protect themselves Protect civil and environmental rights Save money Level the playing field Detect crime Source – presentation by Alexandra Jour-Schroeder of the EC to Corporate Registers Forum 2017
  106. 106. What is the EU doing? Current EU Framework 4th AML / CTF Directive Directive (EU) 2015/849 on the prevention of the use of the financial system for the purpose of money laundering and terrorist financing (4th AML Directive) •adopted on 20 May 2015; •Transposition by EU – Member States on 26 June 2017. Article 3(6): "[…] any natural person(s) who ultimately owns or controls the customer and/or the natural person(s) on whose behalf a transaction or activity is being conducted […]: (a)corporate entities and (b) trusts. Source – presentation by Alexandra Jour-Schroeder of the EC to Corporate Registers Forum 2017
  107. 107. International Landscape *Source: UK Govt press release, “PM hosts major summit as part of global drive to expose, punish and drive out corruption” (12 May 2016) As presented to Corporate Registers Forum 2017 by Mr Kenneth Yap
  108. 108. Transparency Versus Privacy The Deal UK view is that the benefit of limited liability is worth the price of transparency Have they gone too far? They currently only offer protection when the activities of certain companies can place their directors and PSCs 2, or someone who lives with them, at serious risk of violence or intimidation. This could be due to their involvement in a particular sector of commerce or industry. e.g. business licenced under the Animal (Scientific Procedures) Act 1986, a director or PSC of a company active in the defence industry including a readily traceable supplier to, or partner of an organisation in the above categories. A company that has been targeted by activists or a member of a particular religious community where company activities conflict with the principles of that religion. This isn’t an exhaustive list, and making an application to restrict access to residential addresses or to all information will depend on individual circumstances.
  109. 109. What have we done? Agreement with the UK In July 2016 there was an Exchange of Notes signed with the Government confirming that Guernsey will establish a central Guernsey database of beneficial ownership information Project Board The Project Board established in Dec 2016 with representatives from Government, Industry, the GFSC, the Registry and Law Enforcement which continues to meet regularly to progress the successful and secure implementation of the Register
  110. 110. Legislative developments Legislation Following consultation with industry, in February 2017 the States voted in favour of a joint Policy Letter from the Policy & Resources Committee and the Committee for Economic Development for the establishment of a Register of Beneficial Ownership In March 2017 The Beneficial Ownership of Legal Persons (Guernsey) Law, 2017 was lodged for future debate
  111. 111. What are we doing? Definition of Beneficial ownership Following publication of the legislation, a consultation took place on the regulations to define Beneficial Ownership Where any right or interest comprises the property of an express trust, the trustee or trustees of the trust are to be treated as having the benefit of that interest Three Tier Test • Ownership • Control Through Other Means • Position Held within the Legal Entity Exemptions 25% Threshold Resident Agent Exempt Companies
  112. 112. Who will have access? Access is restricted to: The Economic Crime Division of Law enforcement Nominated individuals within the GFSC Nominated individuals within the Registry The Registrar can only disclose information for the purposes of: Prevention, detection, investigation or prosecution of criminal conduct or non- criminal penalties, intelligence services, Commission activities, income tax, civil forfeiture, sanctions, gambling control, charity & not for profit obligations
  113. 113. Timeline
  114. 114. What we need you to do Prepare From 01 July any legal entity formed (N.b. LPs are not currently part of the legislation) will need the following Beneficial Ownership to be included: • Name • Nationality • Date of birth • Principal residential address • The date on which they became a BO (if post 01 July 2017) • The basis on which the BO exists
  115. 115. What do we need you to do for your existing legal entities? Prepare From 01 July 2017 it will be possible for you to populate the BO Register with information on existing legal entities Identify the entities you consider will fall below the 25% threshold on a risk basis We are considering the establishment of a Bulk Upload facility to be available in Autumn 2017 and would appreciate your input on whether this would be of interest to you From January 2018 the BO Register will need to be fully populated and up-to-date to enable the Annual Validation of the company to be filed We are proposing that the AV period will be extended to the end of February 2018
  116. 116. Keeping the Register up-to-date Maintenance As soon as an entry appears on the BO Register there will be an obligation, within 14 days of the Resident Agent having been obliged to update the record of beneficial owners, to file that update with the Registry Sanctions The sanctions applicable need to be persuasive so as to ensure compliance The Registry will be responsible for Resident Agents that are not licensed and the GFSC will be ensuring that Licensed Resident Agents are complying You will need to provide evidence of the filings made
  117. 117. Enforcement Penalties Criminal penalties Criminal Liabilities Civil penalties Disqualification Orders Private Reprimands Public Statements
  118. 118. Fees and Guidance Fees There will be no cost for the initial population of the Register Subject to consultation, it is proposed that maintenance of the Register will incur a filing fee, in a similar way as fees for updating directors are currently applied Guidance We will be issuing detailed guidance to presenters as the project develops There is an obligation on you to ensure your Presenter Groups are up-to-date and permissions are appropriate for your organisation Visit www.guernseyregistry.com for guidance
  119. 119. Possible Developments Possible changes on BO registers being considered by the European Commission •Lower 25% threshold to 10% (in certain circumstances?) •Replace access based on legitimate interest with free public access for profit making entities (not "family- trusts") •Registration of all trusts and public access to BO info of business-like trusts -where the trustee is established -Binding for EU Member States, including those who do not recognise trusts in their national law •Interconnection of national registers via the EU Business Registers Interconnection System (BRIS) Source – presentation by Alexandra Jour-Schroeder of the EC to Corporate Registers Forum 2017
  120. 120. What can we learn from others? Lessons from UK Companies House Forms have taken longer to process They have had an increase in incorrect and incomplete filings Customer contact has increased Concern that it goes against general Government policy on deregulation Filers become “tick box happy” Source Presentation by UK Companies House to Corporate Registers Forum 2017
  121. 121. Todays Take-Away! I’d sum up what you need to do in 3 sentences: • Understand – the obligations on a Resident Agent • Plan – for how you will assess what data needs to be provided and how you intend to achieve this • Test – your systems will make it easy for the GFSC / Registrar to check compliance and for you to keep the Register up to date If the Registry can offer any help whatsoever please do get in touch!
  122. 122. Other Registry Initiatives Limited Partnership, LLP & Foundation AVs APIs IP Agents
  123. 123. Any Questions Beneficial Ownership Registry IP
  124. 124. Thank you. alan.bougourd@guernseyregistry.com
  125. 125. Brexit: what does it mean for Guernsey? Jonathan Le Tocq, External Affairs Minister, States of Guernsey Advocate Jon McLellan, Director of Legislative Drafting, Law Officers of the Crown, Guernsey Dr Andy Sloan, Director of Financial Stability, Guernsey Financial Services Commission
  126. 126. WHAT #BREXIT MEANS FOR #GUERNSEY JONATHAN LE TOCQ
  127. 127. THE ONLY THING THAT IS CONSTANT IS CHANGE. Heraclitus WHAT #BREXIT MEANS FOR #GUERNSEY
  128. 128. WHAT #BREXIT MEANS FOR #GUERNSEY TREATY OF ROME, U.K. ACCESSION 1972, PROTOCOL 3 ▸“Third Country” status ▸Exception for trade in goods ▸Responsibility regarding rights of EU citizens ▸As a Third Country we have... ‣ negotiated access to financial markets ‣ voluntarily enacted sanctions where appropriate ‣ obtained equivalence status in regulatory matters
  129. 129. WHAT #BREXIT MEANS FOR #GUERNSEY PRIORITY AREAS IDENTIFIED ▸Financial services ▸Customs ▸Fisheries and Agriculture ▸Free movement of people
  130. 130. WHAT #BREXIT MEANS FOR #GUERNSEY THE FUTURE ▸New trading opportunities ▸Enhanced international identity ▸Greater constitutional autonomy ▸Making the most of our acquired skills, innovation, legal system, secure & appropriate regulatory framework ▸Building on reputation of stability as a "safe haven"
  131. 131. [LE] ROCHER D’HOSPITALITÉ ET DE LIBERTÉ...OÙ VIT LE PETIT PEUPLE DE LA MER... L’ÎLE DE GUERNESEY. Victor Hugo
  132. 132. Thank you.

×