More Related Content
Similar to Chapter 8 financial compliance programme (20)
Chapter 8 financial compliance programme
- 1. Chapter 8
Financial Compliance
Programme
The Presentation Slides for Teaching
Financial Regulations and Compliance Practices
Website : https://sites.google.com/site/quanrisk
E-mail : quanrisk@gmail.com
Copyright © 2016 CapitaLogic Limited
- 2. Declaration
Copyright © 2016 CapitaLogic Limited.
All rights reserved. No part of this presentation file may be
reproduced, in any form or by any means, without written
permission from CapitaLogic Limited.
Authored by Dr. LAM Yat-fai (林日辉林日辉林日辉林日辉),
Principal, Structured Products Analytics, CapitaLogic Limited,
Adjunct Professor of Finance, City University of Hong Kong,
Doctor of Business Administration (Finance),
CFA, CAIA, CAMS, FRM, PRM.
Copyright © 2016 CapitaLogic Limited 2
- 5. Financial compliance streams
General compliance
Deposits, loans and mortgages
Securities brokerage
Licensing
Regulatory reporting
Others
Specialist compliance
Anti-money launder and counter-terrorist financing
Private banking and wealth management
Derivative securities and treasury products
Internet banking
Electronic payment
Copyright © 2016 CapitaLogic Limited 5
- 6. Compliance function
Large financial institution
A separate function under the board of directors
Medium and small financial institution
Compliance department
Risk management and compliance department
Legal and compliance department
Dedicated private banking compliance
Directly under the board of directors
Copyright © 2016 CapitaLogic Limited 6
- 8. Compliance duties
Internal
Ensure a financial institutions’operations inline with statutory and
regulatory standards
Design and implement compliance programmes
Develop general compliance templates for policies and procedures
Review and comment policies and procedures
Drive training and awareness initiatives
Conduct regular and ad-hoc compliance check
Interpret ordinances and regulatory documents in simple language to
colleagues
External
The official communications channel with regulators and police force
Review and approve documents to be submitted to regulators and police
force
Clarify ordinances and regulatory documents with lawyers and regulators
Co-ordinate compliance activities with other external parties
Copyright © 2016 CapitaLogic Limited 8
- 9. Expectations from
financial institution operations
Say “Yes, please go ahead.”
Compliance officer should tell
What can be done?
What cannot be done?
Why?
Who said so?
Most important
How can it be done?
Copyright © 2016 CapitaLogic Limited 9
- 11. A general compliance programne
Senior management
oversight
Policies
Procedures
IT systems
MIS reports
Training and awareness
Compliance check
Independent assessment
Internal audit
+
Subject specific
elements
Copyright © 2016 CapitaLogic Limited 11
- 12. AML specific elements
Professionals
AML compliance officer
ML reporting officer
Customer onboarding
Customer due diligence
Risk assessment
Know your customer
Record keeping
Transaction enquires
Counterparty due
diligence
Transaction screening
Transaction monitoring
STR
Record keeping
Specialist topics
Private banking
Correspondent banking
Wire transfer
Copyright © 2016 CapitaLogic Limited 12
- 13. Senior management oversight
Subject committee
Directors as members
Terms of reference
Regular meeting
Meeting agendas
Meeting minutes
Copyright © 2016 CapitaLogic Limited 13
- 14. Policy
General template prepared by compliance function
Policy prepared by senior management of functional
department in accordance with the general template
Approved by the subject committee
Reviewed and updated annually
Principle base
Cannot be used directly for financial institution
operations
Coverage and detail match the guidelines from
regulators
Copyright © 2016 CapitaLogic Limited 14
- 15. Procedure
General template prepared by compliance function
Procedure prepared by middle management of
functional department in accordance with the general
template
Reviewed by compliance function
Approved by department head
Include documents, checklists, templates and forms
Reviewed and updated whenever there are any
regulatory and/or operational changes
Copyright © 2016 CapitaLogic Limited 15
- 17. MIS reports
Key performance indicators
Key risk indicators
Exception reports
Outstanding incidents
Departmental comparisons
Trend analysis
Copyright © 2016 CapitaLogic Limited 17
- 18. Training and awareness
All staff / new staff
Front office
Back office
Senior management and internal audit
Compliance function
Copyright © 2016 CapitaLogic Limited 18
- 19. Compliance check
Regular
Once every year, comprehensive coverage in a few
selected departments
Once every quarter, thematic coverage for major
departments on selected subject
Event driven
Regulatory initiatives
Triggered by media reports
Triggered by incidents
Copyright © 2016 CapitaLogic Limited 19
- 20. Independent assessment
To review, comment and suggest
improvements to a compliance programme by
an independent expert
Independent expert
Big 4 accounting firms
Solicitor firms
University professors
Copyright © 2016 CapitaLogic Limited 20
- 21. Audit and examination
Internal audit
Local office
Regional office
Global office
External audit
Big 4 accounting firms
Regulatory examination
HKMA
SFC
Copyright © 2016 CapitaLogic Limited 21
- 22. Challenges facing compliance function
External
Regulatory requirements keep on changing and
tightening
Regulatory documents are not written in human
language
Internal
Compliance function is a cost centre
Limited budget
Lacking manpower
Compliance activities impacts directly customer
relationship
High staff turn over rate
Copyright © 2016 CapitaLogic Limited 22
- 23. Major issues of regulatory documents
Most guidelines, guidance papers, circulars,
codes and best practices have no legal power
Principle base
Full of “suitable”, “adequate”, “appropriate”,
“necessary”, “sufficient”, etc.
Most written by somebody totally without
financial institution experience
Copyright © 2016 CapitaLogic Limited 23
- 24. Myth of regulatory documents
Basel documents
Banking policy
Banking supervision
Bank operations
Bank compliance
Copyright © 2016 CapitaLogic Limited 24
- 25. Compliance function
as a difficult middle man
Pressure from financial institution operations
As relax as possible
Pressure from regulators
As stringent as possible
Pressure from police force
As accurate as possible
Pressure from senior management
Profits + Good compliance records
Copyright © 2016 CapitaLogic Limited 25
- 26. Compliance function not an easy job
High professional requirements
Long working hours
Everything in a financial institution may subject
to compliance review
All bad things happening in a financial institution
must be handled by the compliance function
Confrontation with other colleagues
Confrontation with regulators
Copyright © 2016 CapitaLogic Limited 26
- 27. Common issues
Doing too much daily operations
Lacking financial institution operations experience
Lacking professional inputs
How not to do business by following the regulations?
How to make profit without violating regulations?
Overlook the backdoors
Neglect the words between the lines
Copyright © 2016 CapitaLogic Limited 27
- 28. Sound practices
Never get into daily operations
Willing to be pin pointed by regulators
Design strategically imperfect compliance
programme
Streamline the schedule of internal audits, external
audits and regulatory examinations
Maintain a compliance professional network
Maintain GOOD relationship with regulators
Use of professional firms and academic scholars
skillfully
Use compliance automation tools
Copyright © 2016 CapitaLogic Limited 28
- 29. Strategies to regulators
Expectation management
Demonstrate improvement instead of perfection
Show action plan instead of corrective action results
Prioritize corrective actions
Relationship management
Handle regulators as peers instead of superiors
Senior management never entertain front line regulators directly
Use e-mail as the primary communications channel with regulators
Keep all communications records with regulators
Ask regulator “Yes” or “No” instead of open end questions
Never commit in written support of any regulatory initiatives
Copyright © 2016 CapitaLogic Limited 29
- 30. Compliance tool box
Ordinance
Subsidiary legislations
Guidelines
Guidance papers
Circulars
Codes
Best practices
Exam study manuals
Reports from
professional firms
FATF documents
MAS, OCC, SEC, FSA
and APRA documents
Academic researches
Copyright © 2016 CapitaLogic Limited 30
- 32. Control self-assessment
A business unit assesses its operations and
activities against a menu of control procedures
extracted from a procedural document
Internally driven and often incorporates
checklists and/or workshops to identify the
potential risk facing the business unit
Copyright © 2016 CapitaLogic Limited 32
- 33. Self-assessment of control procedures
Compliance level
Control procedure Full Partial Not N/A
The dept. should do this *
The dept. should do that *
The dept. should not do this *
The dept. should not do that *
The dept. should … *
The dept. should not … *
Copyright © 2016 CapitaLogic Limited 33
- 35. For partially or not compliant
control procedures
Corrective action plan
Action items
Completion date
Justification of not to compliant
Cost out weight materially the benefit
Alternative control procedure in placed already
Copyright © 2016 CapitaLogic Limited 35
- 36. CSA summary by subsidiary banks
Copyright © 2016 CapitaLogic Limited 36
- 37. CSA summary by control procedures
Copyright © 2016 CapitaLogic Limited 37
- 38. CSA summary by subsidiary banks
and control procedures
Copyright © 2016 CapitaLogic Limited 38
- 42. Overall training contents
Staff should be made aware of
Their financial institution’s and their own personal statutory obligations
and the possible consequences for failure to report suspicious
transactions under the DTROP, the OSCO and the UNATMO
Any other statutory and regulatory obligations that concern their
financial institutions and themselves under the DTROP, the OSCO, the
UNATMO, the UNSO and the AMLO, and the possible consequences
of breaches of these obligations
The financial institution’s policies and procedures relating to AML,
including suspicious transaction identification and reporting
Any new and emerging techniques, methods and trends in ML/TF to
the extent that such information is needed by the staff to carry out their
particular roles in the financial institution with respect to AML
Copyright © 2016 CapitaLogic Limited 42
- 43. For all and new staff
An introduction to the background of ML/TF
The importance placed on AML by the
financial institution
The offence of “tipping-off”
The need for identifying and reporting of any
suspicious transactions to the ML reporting
officer
Copyright © 2016 CapitaLogic Limited 43
- 44. Front office staff
The importance of their role in the financial
institution’s AML compliance programme as the first
point of contact with potential money launderers
The financial institution’s policies and procedures in
relation to CDD and record keeping requirements that
are relevant to their job responsibilities
Circumstances that may give rise to suspicion, and
relevant policies and procedures, for example, lines of
reporting and when extra vigilance might be required
Copyright © 2016 CapitaLogic Limited 44
- 45. Back office staff
Customer identity and verification
How to recognize unusual activities including
abnormal settlements, payments and/or
delivery instructions
Copyright © 2016 CapitaLogic Limited 45
- 46. Management and internal audit
Statutory and regulatory requirements of an
AML compliance programme
Contemporary focuses and annual updates
Recent case studies
Luncheons and speeches from
Government officials
Financial regulators
Practising lawyers
University professors
Copyright © 2016 CapitaLogic Limited 46
- 47. Compliance officer and
ML reporting officer
Briefings by financial regulators
Seminars by AML professional organizations
Conferences on AML
Networking among AML professionals
Copyright © 2016 CapitaLogic Limited 47
- 49. Training record
Whom have been trained?
What have been trained?
When was the training event?
Test results
Records to be kept for at least 3 years
Copyright © 2016 CapitaLogic Limited 49
- 50. Training effectiveness
Test staff’s understanding of the financial
institution’s AML policies and procedures, their
statutory and regulatory requirements and also
their ability to recognize suspicious transactions
Monitor the compliance of staff with the financial
institution’s AML systems as well as the quality
and quantity of internal reports so that further
training needs may be identified and appropriate
action can be taken
Copyright © 2016 CapitaLogic Limited 50
- 51. Remarks
Continuous professional education
Training classes meeting certain requirements may
qualify for the CPD of some professional
organizations
Teaching
A staff teaching a class is equivalent to a student
attending a class
Copyright © 2016 CapitaLogic Limited 51