Introduction to IT compliance program and Discuss the challenges IT .pdf
Control Regulatory Compliance
1. TORI supports its clients in the specific interpretation of
new and changing regulatory initiatives and in embedding
and evidencing the procedures and controls to comply with
these. Once we have helped you unpack and understand
the underlying rules, our efforts will focus on the practical
application of controls needed to comply. Our approach is
pre-emptive and will help put you in the position where you
are able to flag potential gaps or breaches to the regulators
before having to respond to forced investigations by them.
The range of regulations being finalised and implemented
by regulating bodies (e.g. MiFID2/MiFR, BCBS 239, IFRS9)
brings with it the need for further change. This is in addition
to the ongoing activities required to remediate or implement
the regulations that have already been enforced (e.g. EMIR,
Dodd Frank, KYC and AML policies).
Implementing regulations for your institution means
operating model changes which impact people, process and
technology. Along with this comes a real need for training
and education to ensure that policies and best practices do
not collapse once implemented. In addition, with more direct
responsibility for appropriate conduct being placed on senior
managers, the attestation of controls and compliance with
policies that support regulated activities, will be paramount
for financial institutions, their leadership teams, and
employees at all levels of the organisation
CONTROL
experience. the difference.
REGULATORY COMPLIANCE
Regulatory Compliance
Control Health Checks
Operating Model Definition
Operating Model Remediation
Training & Education
Policy Definition & Roll-out
2. experience. the difference.
CONTACT US
London +44 20 7025 5555
New York +1 212 461 2145
www.toriglobal.com
TORI practitioners will work with you to implement the changes needed to empower
your institution to operate in a manner compliant with regulations. We will help you
enforce the controls you need to be confident your ‘business as usual’ activities will not
fall foul of regulating bodies.
We will partner with your organisation to understand regulatory impacts and define the resulting actionable
changes that are required to meet existing, updated and newly released regulations. Our service offering includes:
OUR APPROACH
• Regulatory Compliance and Control Health Checks
TORI will perform both high-level and in-depth risk
assessments of your core business processes to quickly
derive a view of the efficiency and cost effectiveness of
your existing control capabilities and the extent to which
you are compliant with regulation and industry standards.
• Operating Model Definition and Remediation
We will review the effectiveness of your existing operating
model, identify gaps and inefficiencies against optimal
models and advise / support you on delivering the
enhancements and upgrades needed.
• Training and Education Across Your Institution
TORI will review current training plans, assess
appropriateness against the current regulations and the
extent to which these are embedded in your people.
We will identify any proposed improvements required,
establish tracking to the training plans, and assist you in
attesting to proper requirements.
• Policy Definition and Rollout
We will help you evolve policies into ‘living documents’
that are familiar to and understood by the people
responsible for ensuring compliance with them. A key
part of this is deconstructing your risk and control policies
into individual line items and building the mechanisms for
reporting periodically on how these are being adhered to.
Practitioners apply a proactive and sustainable approach to monitoring emerging regulatory changes across
the industry. All consultants receive regular industry updates regarding new and changing regulations,
initiatives and themes, and engage early with clients to help them remain ‘future proofed’. This manifests itself
on client sites in the form of:
• Pre-emptive monitoring of regulatory changes
• Regulatory change action lists
• Detailed gap analysis
• ‘Path to Green’ roadmaps (with the delivery of realistic, achievable target plans for attainment of agreed
levels of control)
• Customisation of internal performance tolerances
Whether or not we support you in the practical buildout of controls to comply with these changes, we will
ensure that you are always informed. Some of the regulations and standards TORI Global can help your
institution implement are highlighted below;
• Records Management
• Financial Crime (AML/KYC)
• MiFID II/MiFR
• Senior Managers & Certification Regime
• Dodd Frank
• European Market Infrastructure Regulation (EMIR)
• Retail Distribution Review
• BCBS 239
• IFRS 9
• ISO 27001
• HKMA Regulations
• MAS Regulations
• FCA Regulations
• ESMA Regulations
• FED & SEC Regulations
