SlideShare a Scribd company logo

Compliance Risk Assessment Fall 2016 Class 4 Stephen Paine.docx

Download as DOCX, PDF
A
aryan532920

Compliance Risk Assessment Fall 2016 Class 4 Stephen Paine Compliance Risk Assessment Overview Recap of Class 1 Pfizer Case Study and Compliance Risks Legal and Regulatory Incentives/Conflicts of Interest Political Failure of Controls Reputational Recidivism Point of Sale/Distribution Definitions Compliance Risk is the risk of failing to comply with applicable legal or regulatory requirements resulting in a material loss (financial or reputational) or legal/regulatory sanction A Compliance Risk Assessment is a framework to enable the evaluation and analysis of the overall Compliance risk (both inherent risks and control effectiveness) associated with a particular business area Recap of Class 2 The Five Elements of an Effective Compliance Program Tone at the Top Enron Chronology: July 1985 Enron established through merger and by November 2006 entire senior management team has either been indicted or convicted with Enron and Arthur Andersen no longer operating Corporate Culture and Communication Codes of Conduct set the values for employees to follow and those values are based on Compliance Risk. 3. Compliance Risk Assessment 4. Testing and Monitoring 5. Chief Compliance Officer Case Study: HSBC Financing drug cartels Permitting sanctioned regimes to process dollar payments Claw back of compensation (including Compliance Officers) Criminal charges for “failure to maintain an effective AML program” Recap of Class 3 Compliance Tools/Controls Advisory Function Coverage of Front Office and Technology, Finance and Operations Conflicts of Interest -- A Deep Dive Conflicts of interest are inherent in the financial services business Historical success of the industry has been managing these conflicts by eliminating or disclosing them Top to bottom review of business operations to address conflicts of interest of every kind Risk Assessments Follow-Up Policies and Procedures Education and Training Compliance Surveillance and Business Unit Review and Testing ‹#› In the News This Week The Wells Fargo Cross-Selling Matter Consent Order Unauthorized Deposit Accounts and Simulated Funding Unauthorized Credit Cards Unauthorized Enrollments into Online Banking Unauthorized Debit Cards Independent Consultant’s Remit Pay Redress Costs to Customers $185 Million in Civil Penalties and Fines Compliance Monitoring (page 23) John Stumpf, Wells Fargo CEO, Appears before Senate Committee on Banking http://www.cnn.com/videos/cnnmoney/2016/09/21/elizabeth-warren-wells-fargo-ceo-cnnmoney.cnn ‹#› Our Journey So Far Class 1 Class 2 Class 3 Tonight . . . finally Compliance Risk Compliance Program Compliance Controls Compliance Risk Assessment Compliance Risk Assessment A Compliance Risk Assessment is a framework to enable the evaluation and analysis of the overall Compliance risk (both inherent ri ...

Education
1 of 25
Compliance Risk Assessment Fall 2016 Class 4 Stephen Paine Compliance Risk Assessment Overview Recap of Class 1 Pfizer Case Study and Compliance Risks Legal and Regulatory Incentives/Conflicts of Interest Political Failure of Controls Reputational Recidivism Point of Sale/Distribution Definitions Compliance Risk is the risk of failing to comply with applicable legal or regulatory requirements resulting in a material loss (financial or reputational) or legal/regulatory sanction A Compliance Risk Assessment is a framework to enable the evaluation and analysis of the overall Compliance risk (both inherent risks and control effectiveness) associated with a particular business area
Recap of Class 2 The Five Elements of an Effective Compliance Program Tone at the Top Enron Chronology: July 1985 Enron established through merger and by November 2006 entire senior management team has either been indicted or convicted with Enron and Arthur Andersen no longer operating Corporate Culture and Communication Codes of Conduct set the values for employees to follow and those values are based on Compliance Risk. 3. Compliance Risk Assessment 4. Testing and Monitoring 5. Chief Compliance Officer Case Study: HSBC Financing drug cartels Permitting sanctioned regimes to process dollar payments Claw back of compensation (including Compliance Officers) Criminal charges for “failure to maintain an effective AML program”
Recap of Class 3 Compliance Tools/Controls Advisory Function Coverage of Front Office and Technology, Finance and Operations Conflicts of Interest -- A Deep Dive Conflicts of interest are inherent in the financial services business Historical success of the industry has been managing these conflicts by eliminating or disclosing them Top to bottom review of business operations to address conflicts of interest of every kind Risk Assessments Follow-Up Policies and Procedures Education and Training Compliance Surveillance and Business Unit Review and Testing ‹#› In the News This Week The Wells Fargo Cross-Selling Matter Consent Order Unauthorized Deposit Accounts and Simulated Funding Unauthorized Credit Cards Unauthorized Enrollments into Online Banking Unauthorized Debit Cards
Independent Consultant’s Remit Pay Redress Costs to Customers $185 Million in Civil Penalties and Fines Compliance Monitoring (page 23) John Stumpf, Wells Fargo CEO, Appears before Senate Committee on Banking http://www.cnn.com/videos/cnnmoney/2016/09/21/elizabeth- warren-wells-fargo-ceo-cnnmoney.cnn ‹#› Our Journey So Far Class 1 Class 2 Class 3 Tonight . . . finally Compliance Risk Compliance Program
Compliance Controls Compliance Risk Assessment Compliance Risk Assessment A Compliance Risk Assessment is a framework to enable the evaluation and analysis of the overall Compliance risk (both inherent risks and control effectiveness) associated with a particular business area 1. Identifying Business Area(s) and Metrics 2. Mapping Applicable Rules 3. Identifying Key Compliance Risks and Themes 4. Defining a Controls Inventory 5. Rating Control Effectiveness 6. Determining Residual Risks 7. Scoring, Rating and Reporting
Compliance Risk Assessment Steps Identify Business Area and Metrics Map Applicable Rules Identify Key Compliance Risks & Themes Define Controls Inventory Rate Controls Effectiveness Determine Residual Risk Score, Rate and Report Identifying Business Areas: The Challenge
Compliance Risk Assessment: Business Areas The Compliance Risk Assessment seeks to provide senior management/BoD with an assessment of risk ACROSS THE ENTIRE ORGANIZATION But risks can be local . . . both local by business area and by geography CRA results need to be consistent as possible to promote “read across” opportunities Identifying Business Areas: The Approach List the business areas and primary regional geographies to be assessed Conduct individual assessments that can then roll-up into one global, organizational-wide risk assessment Pharmaceuticals Financial Services Compliance Risk Assessment: Business Areas MS Investment Banking & Capital Markets Wealth Management Sales and Trading
Research Investment Management Merck Biopharmaceuticals Consumer Health (OTC) Allergopharma Biosimilars Life Science (R&D) Performance Materials (LCD, Effect pigments) UBS Wealth Management Asset Management Investment Bank Financial Intermediaries Novartis Pharmaceuticals Alcon (Eye Care) Sandoz (Generics) Consumer Health All four have a global scope across the Americas, EMEA and APAC Pharmaceuticals
Financial Services Compliance Risk Assessment: Business Areas MS Investment Banking & Capital Markets Wealth Management Sales and Trading Research Investment Management Digging Deeper: What’s under Sales and Trading? Equity Fixed Income New York Equity Desk London Equity Desk Hong Kong Equity Desk Merck Biopharmaceuticals Consumer Health (OTC) Allergopharma Biosimilars Life Science (R&D) Performance Materials (LCD, Effect pigments) Digging Deeper: What’s under Biopharmaceuticals? Research & Development Manufacturing Distribution
US Manufacturing European Manufacturing APAC Manufacturing Compliance Risk Assessment: Business Area Metrics DO Metrics Laboratory Inherent Risk: The risk to an entity that in absence of any actions management might take to alter either the risk’s likelihood or impact. Quantitative Metrics about a business area can provide the first component of the inherent risk profile What are some categories of quantitative metrics? Governance and Management Performance Client/Distribution Base Other Assessments/Evaluations Case Study: Morgan Stanley Morgan Stanley’s Wealth Management business in the US has been identified as under evaluation for a compliance risk assessment. This business has over 17,000 Financial Advisors providing investment advice to individual clients in all 50 states of the US for their investment accounts held at Morgan Stanley. Develop a set of metrics to use in a Compliance Risk Assessment for this business area Rate the Inherent Risk as Low, Medium or High Discuss the lines between quantitative and qualitative in the metrics Purpose of Business Area Metrics: Inherent Risk Business Area and Metrics Class Discussion
How do you go about getting the metrics? Business Area? Financial Accounting? HR? Dedicated Unit? Does it matter where and how those metrics are obtained? Automated in preferred Objective provider (Financial Accounting, Operations, Compliance) ‹#› Compliance Risk Assessment Steps Identify Business Area and Metrics Map Applicable Rules Identify Key Compliance Risks & Themes Define Controls Inventory Rate Controls Effectiveness Determine Residual Risk
Score, Rate and Report Compliance Risk Assessment: Rule Mapping What is Rule Mapping? Sources for the Rules Definition: Rule mapping is the process by which applicable legal and regulatory requirements are mapped to the appropriate business lines and areas Scope of Rule Mapping Focus is on Compliance Risk; therefore: Compliance Rules The rules in scope are typically the rules of the local regulator that are relevant to compliance and therefore do not always include rules relating to corporate governance and subjects such as accounting etc. (as these are covered by Finance and Risk rather than by Compliance) Class Discussion on Compliance Risk and Other Types of Risk: Back to Enron FERC versus GAAP Rule sources include: Laws and Codes Regulatory Authorities External Content Providers New Rules
Rules and Compliance Risk Themes Format and Systems Rule Mapping: Rule 10b-5 § 240.10b-5 Employment of manipulative and deceptive devices. It shall be unlawful for any person, directly or indirectly, by the use of any means or instrumentality of interstate commerce, or of the mails or of any facility of any national securities exchange, (a) To employ any device, scheme, or artifice to defraud, (b) To make any untrue statement of a material fact or to omit to state a material fact necessary in order to make the statements made, in the light of the circumstances under which they were made, not misleading, or (c) To engage in any act, practice, or course of business which operates or would operate as a fraud or deceit upon any person, in connection with the purchase or sale of any security. Sec. 10; 48 Stat. 891; 15 U.S.C. 78j Compliance Risk Assessment: Rule Mapping What do we want to know about Rule 10b-5?
Rule Mapping: Return to Morgan Stanley Case Study What rules would be mapped to Morgan Stanley’s Wealth Management business? US Securities and Exchange Commission Financial Regulatory Authority Stock Exchanges US Commodity Futures Trading Commission The Federal Reserve Rule Mapping Class Discussion Once all rules are mapped to a business area, what other analysis can be done? Volume/Number of Rules Complexity of Rules Could this be rated/scored? What is the interplay between rules and controls? ‹#› Compliance Risk Assessment Steps
Identify Business Area and Metrics Map Applicable Rules Identify Key Compliance Risks & Themes Define Controls Inventory Rate Controls Effectiveness Determine Residual Risk Score, Rate and Report Compliance Risk Assessment: Compliance Risks Legal and Regulatory Political Reputational
Point of Sale/Distribution Integrating these Compliance Risks into the Assessment Class 1 Key Category is Legal and Regulatory Risk Rule Mapping is critical to this exercise Developing Compliance Risk Themes also assists Compliance Risk Themes are based on applicable rules Compliance Risk Themes provide universal risks for businesses within the organization Examples of Compliance Risk Themes for Legal and Regulatory Risks Anti-Money Laundering Anti-Corruption Data Protection and Privacy Conflicts of Interest Anti-Fraud Business/Regulatory Complexity Industry Specific: Food, Drug and Cosmetic Act; Securities and Exchange Act Class Discussion: How do the other risks above (from Class 1) fit in? The results of the questionnaire are the second component of inherent risk Incentives/Conflicts of Interest Failure of Controls Recidivism Non-RM FTEs: 470 to 460, reflects 32 RIFs, offset by 10 FTE increase in branch support, 10 FTE transfer from Operations, and 2 pending net hires 21
Compliance Risk Assessment: Compliance Risks Assessing these Compliance Risks against a specific business area How do we do it? Quantitative Analysis Qualitative Analysis Questionnaire as Analysis Tool Assessment Conducting these analyses is at the heart of a Compliance Risk Assessment Develop a Questionnaire for Quantitative Input Develop a Questionnaire for Qualitative Input HSBC Case Study as an example Compliance Risk Theme: Anti-Money Laundering Qualitative Questionnaire How are fund transfers handled? Are automated filters used to screen for sanctioned countries Qualitative Questionnaire How many fund transfers per year? How many incidents of payments being made to sanctioned countries? Later assignments and discussions will center on these questionnaires Non-RM FTEs: 470 to 460, reflects 32 RIFs, offset by 10 FTE
increase in branch support, 10 FTE transfer from Operations, and 2 pending net hires 22 Identify Compliance Risk Themes Class Discussion One of the “critical path” elements of the CRA is identifying and assessing the compliance risks of the business area and it is based on questionnaires. Does that surprise you? Who drafts the questionnaires? Who answers the questionnaires? How automated and systematic can this process be? ‹#› Compliance Risk Assessment Steps Identify Business Area and Metrics Map Applicable Rules Identify Key Compliance Risks & Themes
Define Controls Inventory Rate Controls Effectiveness Determine Residual Risk Score, Rate and Report Compliance Risk Assessment: Controls Inventory Controls Laboratory Controls breakdown into 5 broad categories: Advisory Function Communication, Training and Awareness Policies and Procedures Supervision and Controls Monitoring and Surveillance Then identify which are in place for the compliance risk noted for the business area Are there qualitative and quantitative components to each of these control categories ? Develop examples of quantitative indicators of controls Controls Inventory
Compliance Risk Assessment Steps Identify Business Area and Metrics Map Applicable Rules Identify Key Compliance Risks & Themes Define Controls Inventory Rate Controls Effectiveness Determine Residual Risk Score, Rate and Report Compliance Risk Assessment: Rate Control Effectiveness Control Effectiveness Laboratory Using Business Metrics and Quantitative Control Indicators,
rate the effectiveness of the control for the business area Advisory Function - Ratio of Compliance Staff to Business Area employees Supervision and Controls – Ratio of supervisors to Business Area employees Monitoring and Surveillance – How many alerts generated? How many were “false positives Qualitative Control Indicators also are used Develop a qualitative questionnaire to evaluate the effectiveness of controls Adopt a scoring methodology Evaluating the effectiveness of controls in a business area Compliance Risk Assessment Steps Identify Business Area and Metrics Map Applicable Rules Identify Key Compliance Risks & Themes Define Controls Inventory Rate Controls Effectiveness Determine Residual Risk
Score, Rate and Report Compliance Risk Assessment: Rate Control Effectiveness Residual Risk Laboratory INHERENT RISK Develop a list factors to be reviewed in determining residual risk What types of data is needed to evaluate residual risk? How do you think residual risk should be rated or scored? Residual Risk CONTROLS RESIDUAL RISK Compliance Risk Assessment Steps Identify Business Area and Metrics Map Applicable Rules Identify Key Compliance Risks & Themes
Define Controls Inventory Rate Controls Effectiveness Determine Residual Risk Score, Rate and Report Assignment 2 Feedback Use a formal, memorandum writing style for these assignments and avoid a casual or informal style No contractions No first person Colloquial expressions and cliches Generally avoid subjective adjectives Examples: Huge, Great, Good, Big Avoid overstatements and generalizations Think carefully before using “Never” or “All” Number 1 Rule for Writing: Make It EASY (For your Reader) Page numbers
Headings Introductions that provide foundation Short but meaty sentences Grading Scale and Distribution E = Excellent 2 G = Good 7 S = Satisfactory 12 P = Poor 0 ‹#› Assignment 3 Due at the start of class on September 28 Develop a breakdown of businesses to be assessed for one regional area of your company. Consider the volume and complexity of the rules that apply to each of the businesses and provide volume and complexity ratings (1-5 with 5 being the highest.) Include a list of suggested questions to interview the head of one of the businesses as part of the assessment. Include information categories that you would obtain to make the assessment and note whether the information is qualitative or quantitative Consider yourself taking the role of a Compliance Professional responsible for conducting the CRA of this particular region. Format can be a list of the businesses within the region and then
note the volume and complexity of the rules that would apply by rating each. Then, select one business area and set the stage as to who the title of the person you are interviewing (e.g., “Head of Wealth Management APAC” or Head of Fixed Income Desk London”) and list the categories or topics of information you would want to obtain and note whether the information is qualitative or quantitative. 2-3 pages ‹#›

Recommended

Compliance Risk Assessment Fall 2016 Class 7 Stephen Paine .docx
Compliance Risk Assessment Fall 2016 Class 7 Stephen Paine .docx Compliance Risk Assessment Fall 2016 Class 7 Stephen Paine .docx
Compliance Risk Assessment Fall 2016 Class 7 Stephen Paine .docxaryan532920
 
Exploring Relationship Between Risk & Compliance
Exploring Relationship Between Risk & ComplianceExploring Relationship Between Risk & Compliance
Exploring Relationship Between Risk & ComplianceComplianceTrack
 
NY Infragard Presentation Dec 2008
NY Infragard Presentation Dec 2008NY Infragard Presentation Dec 2008
NY Infragard Presentation Dec 2008Ciaran Henry
 
Compliance Risk Assessment Fall 2016 Class 11 Stephen Paine.docx
Compliance Risk Assessment Fall 2016 Class 11 Stephen Paine.docx Compliance Risk Assessment Fall 2016 Class 11 Stephen Paine.docx
Compliance Risk Assessment Fall 2016 Class 11 Stephen Paine.docxaryan532920
 
True Portfolio Diversification
True Portfolio Diversification True Portfolio Diversification
True Portfolio Diversification drewday
 
2. Risk Management.pptx
2. Risk Management.pptx2. Risk Management.pptx
2. Risk Management.pptxSitiKholifatulRizkia1
 
Vendor Management - Compliance Checklist Manifesto Series
Vendor Management - Compliance Checklist Manifesto SeriesVendor Management - Compliance Checklist Manifesto Series
Vendor Management - Compliance Checklist Manifesto SeriesContinuity Control
 
4. op risk and aml
4. op risk and aml4. op risk and aml
4. op risk and amlcrmbasel
 

Recommended

Compliance Risk Assessment Fall 2016 Class 7 Stephen Paine .docx
Compliance Risk Assessment Fall 2016 Class 7 Stephen Paine .docx Compliance Risk Assessment Fall 2016 Class 7 Stephen Paine .docx
Compliance Risk Assessment Fall 2016 Class 7 Stephen Paine .docxaryan532920
 
Exploring Relationship Between Risk & Compliance
Exploring Relationship Between Risk & ComplianceExploring Relationship Between Risk & Compliance
Exploring Relationship Between Risk & ComplianceComplianceTrack
 
NY Infragard Presentation Dec 2008
NY Infragard Presentation Dec 2008NY Infragard Presentation Dec 2008
NY Infragard Presentation Dec 2008Ciaran Henry
 
Compliance Risk Assessment Fall 2016 Class 11 Stephen Paine.docx
Compliance Risk Assessment Fall 2016 Class 11 Stephen Paine.docx Compliance Risk Assessment Fall 2016 Class 11 Stephen Paine.docx
Compliance Risk Assessment Fall 2016 Class 11 Stephen Paine.docxaryan532920
 
True Portfolio Diversification
True Portfolio Diversification True Portfolio Diversification
True Portfolio Diversification drewday
 
2. Risk Management.pptx
2. Risk Management.pptx2. Risk Management.pptx
2. Risk Management.pptxSitiKholifatulRizkia1
 
Vendor Management - Compliance Checklist Manifesto Series
Vendor Management - Compliance Checklist Manifesto SeriesVendor Management - Compliance Checklist Manifesto Series
Vendor Management - Compliance Checklist Manifesto SeriesContinuity Control
 
4. op risk and aml
4. op risk and aml4. op risk and aml
4. op risk and amlcrmbasel
 
Risk Courseware Complete courses for Financier
Risk Courseware Complete courses for FinancierRisk Courseware Complete courses for Financier
Risk Courseware Complete courses for FinancierAmritTiwari12
 
Risk_Courseware.ppt
Risk_Courseware.pptRisk_Courseware.ppt
Risk_Courseware.pptAyidAlmgati
 
5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programme5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programmeSILO Compliance Systems
 
Risk Determination in Export Compliance
Risk Determination in Export ComplianceRisk Determination in Export Compliance
Risk Determination in Export Compliancejasperhelder
 
Thematic compliance
Thematic complianceThematic compliance
Thematic complianceMaryam Hidayatallah CPFA,MIPA,MA,CICA
 
Risk review v diagnostic review
Risk review v diagnostic reviewRisk review v diagnostic review
Risk review v diagnostic reviewAdamRice38
 
Implementing, Documenting and Testing Compliance Controls Hernan Huwyler
Implementing, Documenting and Testing Compliance Controls Hernan HuwylerImplementing, Documenting and Testing Compliance Controls Hernan Huwyler
Implementing, Documenting and Testing Compliance Controls Hernan HuwylerHernan Huwyler, MBA CPA
 
Spire Brief - Risk Consulting
Spire Brief - Risk ConsultingSpire Brief - Risk Consulting
Spire Brief - Risk ConsultingPrashant Jain
 
IBANK, EPM, BPM, OBIEE, HYPERION, OFSAA
IBANK, EPM, BPM, OBIEE, HYPERION, OFSAAIBANK, EPM, BPM, OBIEE, HYPERION, OFSAA
IBANK, EPM, BPM, OBIEE, HYPERION, OFSAAibankuk
 
Testing for AML Compliance ( Case Study)
Testing for AML Compliance ( Case Study)Testing for AML Compliance ( Case Study)
Testing for AML Compliance ( Case Study)Thinksoft Global
 
RISK-ACADEMY’s guide on compliance risk in non-financial companies. Free down...
RISK-ACADEMY’s guide on compliance risk in non-financial companies. Free down...RISK-ACADEMY’s guide on compliance risk in non-financial companies. Free down...
RISK-ACADEMY’s guide on compliance risk in non-financial companies. Free down...Alexei Sidorenko, CRMP
 
N6.pdf
N6.pdfN6.pdf
N6.pdfTrungVThnh8
 
Qualitative AnalysisLearning ObjectivesDiscu.docx
Qualitative AnalysisLearning ObjectivesDiscu.docxQualitative AnalysisLearning ObjectivesDiscu.docx
Qualitative AnalysisLearning ObjectivesDiscu.docxamrit47
 
Compliance, Risk Management, Licensing
Compliance, Risk Management, LicensingCompliance, Risk Management, Licensing
Compliance, Risk Management, Licensingicomply
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Eneni Oduwole
 
Iaccm Risk Slides
Iaccm Risk SlidesIaccm Risk Slides
Iaccm Risk Slidesguest49199
 
Risk Technology Strategy, Selection and Implementation
Risk Technology Strategy, Selection and ImplementationRisk Technology Strategy, Selection and Implementation
Risk Technology Strategy, Selection and ImplementationRisk Management Institution of Australasia
 
Chapter 3-4.pdf
Chapter 3-4.pdfChapter 3-4.pdf
Chapter 3-4.pdfChiragJoshi59934
 
Bcu msc cg week 4 risk management
Bcu msc cg week 4 risk managementBcu msc cg week 4 risk management
Bcu msc cg week 4 risk managementStephen Ong
 
IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop Ersoy AKSOY
 
According to the NASW Code of Ethics section 6.04 (NASW, 2008), .docx
According to the NASW Code of Ethics section 6.04 (NASW, 2008), .docxAccording to the NASW Code of Ethics section 6.04 (NASW, 2008), .docx
According to the NASW Code of Ethics section 6.04 (NASW, 2008), .docxaryan532920
 
According to the text, crime has been part of the human condition si.docx
According to the text, crime has been part of the human condition si.docxAccording to the text, crime has been part of the human condition si.docx
According to the text, crime has been part of the human condition si.docxaryan532920
 

More Related Content

Similar to Compliance Risk Assessment Fall 2016 Class 4 Stephen Paine.docx

Risk Courseware Complete courses for Financier
Risk Courseware Complete courses for FinancierRisk Courseware Complete courses for Financier
Risk Courseware Complete courses for FinancierAmritTiwari12
 
Risk_Courseware.ppt
Risk_Courseware.pptRisk_Courseware.ppt
Risk_Courseware.pptAyidAlmgati
 
5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programme5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programmeSILO Compliance Systems
 
Risk Determination in Export Compliance
Risk Determination in Export ComplianceRisk Determination in Export Compliance
Risk Determination in Export Compliancejasperhelder
 
Risk review v diagnostic review
Risk review v diagnostic reviewRisk review v diagnostic review
Risk review v diagnostic reviewAdamRice38
 
Implementing, Documenting and Testing Compliance Controls Hernan Huwyler
Implementing, Documenting and Testing Compliance Controls Hernan HuwylerImplementing, Documenting and Testing Compliance Controls Hernan Huwyler
Implementing, Documenting and Testing Compliance Controls Hernan HuwylerHernan Huwyler, MBA CPA
 
Spire Brief - Risk Consulting
Spire Brief - Risk ConsultingSpire Brief - Risk Consulting
Spire Brief - Risk ConsultingPrashant Jain
 
IBANK, EPM, BPM, OBIEE, HYPERION, OFSAA
IBANK, EPM, BPM, OBIEE, HYPERION, OFSAAIBANK, EPM, BPM, OBIEE, HYPERION, OFSAA
IBANK, EPM, BPM, OBIEE, HYPERION, OFSAAibankuk
 
Testing for AML Compliance ( Case Study)
Testing for AML Compliance ( Case Study)Testing for AML Compliance ( Case Study)
Testing for AML Compliance ( Case Study)Thinksoft Global
 
RISK-ACADEMY’s guide on compliance risk in non-financial companies. Free down...
RISK-ACADEMY’s guide on compliance risk in non-financial companies. Free down...RISK-ACADEMY’s guide on compliance risk in non-financial companies. Free down...
RISK-ACADEMY’s guide on compliance risk in non-financial companies. Free down...Alexei Sidorenko, CRMP
 
Qualitative AnalysisLearning ObjectivesDiscu.docx
Qualitative AnalysisLearning ObjectivesDiscu.docxQualitative AnalysisLearning ObjectivesDiscu.docx
Qualitative AnalysisLearning ObjectivesDiscu.docxamrit47
 
Compliance, Risk Management, Licensing
Compliance, Risk Management, LicensingCompliance, Risk Management, Licensing
Compliance, Risk Management, Licensingicomply
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Eneni Oduwole
 
Iaccm Risk Slides
Iaccm Risk SlidesIaccm Risk Slides
Iaccm Risk Slidesguest49199
 
Bcu msc cg week 4 risk management
Bcu msc cg week 4 risk managementBcu msc cg week 4 risk management
Bcu msc cg week 4 risk managementStephen Ong
 
IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop Ersoy AKSOY
 

Similar to Compliance Risk Assessment Fall 2016 Class 4 Stephen Paine.docx (20)

Risk Courseware Complete courses for Financier
Risk Courseware Complete courses for FinancierRisk Courseware Complete courses for Financier
Risk Courseware Complete courses for Financier
 
Risk_Courseware.ppt
Risk_Courseware.pptRisk_Courseware.ppt
Risk_Courseware.ppt
 
5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programme5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programme
 
Risk Determination in Export Compliance
Risk Determination in Export ComplianceRisk Determination in Export Compliance
Risk Determination in Export Compliance
 
Thematic compliance
Thematic complianceThematic compliance
Thematic compliance
 
Risk review v diagnostic review
Risk review v diagnostic reviewRisk review v diagnostic review
Risk review v diagnostic review
 
Implementing, Documenting and Testing Compliance Controls Hernan Huwyler
Implementing, Documenting and Testing Compliance Controls Hernan HuwylerImplementing, Documenting and Testing Compliance Controls Hernan Huwyler
Implementing, Documenting and Testing Compliance Controls Hernan Huwyler
 
Spire Brief - Risk Consulting
Spire Brief - Risk ConsultingSpire Brief - Risk Consulting
Spire Brief - Risk Consulting
 
IBANK, EPM, BPM, OBIEE, HYPERION, OFSAA
IBANK, EPM, BPM, OBIEE, HYPERION, OFSAAIBANK, EPM, BPM, OBIEE, HYPERION, OFSAA
IBANK, EPM, BPM, OBIEE, HYPERION, OFSAA
 
Testing for AML Compliance ( Case Study)
Testing for AML Compliance ( Case Study)Testing for AML Compliance ( Case Study)
Testing for AML Compliance ( Case Study)
 
RISK-ACADEMY’s guide on compliance risk in non-financial companies. Free down...
RISK-ACADEMY’s guide on compliance risk in non-financial companies. Free down...RISK-ACADEMY’s guide on compliance risk in non-financial companies. Free down...
RISK-ACADEMY’s guide on compliance risk in non-financial companies. Free down...
 
N6.pdf
N6.pdfN6.pdf
N6.pdf
 
Qualitative AnalysisLearning ObjectivesDiscu.docx
Qualitative AnalysisLearning ObjectivesDiscu.docxQualitative AnalysisLearning ObjectivesDiscu.docx
Qualitative AnalysisLearning ObjectivesDiscu.docx
 
Compliance, Risk Management, Licensing
Compliance, Risk Management, LicensingCompliance, Risk Management, Licensing
Compliance, Risk Management, Licensing
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...
 
Iaccm Risk Slides
Iaccm Risk SlidesIaccm Risk Slides
Iaccm Risk Slides
 
Risk Technology Strategy, Selection and Implementation
Risk Technology Strategy, Selection and ImplementationRisk Technology Strategy, Selection and Implementation
Risk Technology Strategy, Selection and Implementation
 
Chapter 3-4.pdf
Chapter 3-4.pdfChapter 3-4.pdf
Chapter 3-4.pdf
 
Bcu msc cg week 4 risk management
Bcu msc cg week 4 risk managementBcu msc cg week 4 risk management
Bcu msc cg week 4 risk management
 
IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop IIA Facilitated Risk Workshop
IIA Facilitated Risk Workshop
 

More from aryan532920

According to the NASW Code of Ethics section 6.04 (NASW, 2008), .docx
According to the NASW Code of Ethics section 6.04 (NASW, 2008), .docxAccording to the NASW Code of Ethics section 6.04 (NASW, 2008), .docx
According to the NASW Code of Ethics section 6.04 (NASW, 2008), .docxaryan532920
 
According to the text, crime has been part of the human condition si.docx
According to the text, crime has been part of the human condition si.docxAccording to the text, crime has been part of the human condition si.docx
According to the text, crime has been part of the human condition si.docxaryan532920
 
According to Ronald Story and Bruce Laurie, The dozen years between.docx
According to Ronald Story and Bruce Laurie, The dozen years between.docxAccording to Ronald Story and Bruce Laurie, The dozen years between.docx
According to Ronald Story and Bruce Laurie, The dozen years between.docxaryan532920
 
According to Kirk (2016), most of your time will be spent work with .docx
According to Kirk (2016), most of your time will be spent work with .docxAccording to Kirk (2016), most of your time will be spent work with .docx
According to Kirk (2016), most of your time will be spent work with .docxaryan532920
 
According to the Council on Social Work Education, Competency 5 Eng.docx
According to the Council on Social Work Education, Competency 5 Eng.docxAccording to the Council on Social Work Education, Competency 5 Eng.docx
According to the Council on Social Work Education, Competency 5 Eng.docxaryan532920
 
According to Kirk (2016), most of our time will be spent working.docx
According to Kirk (2016), most of our time will be spent working.docxAccording to Kirk (2016), most of our time will be spent working.docx
According to Kirk (2016), most of our time will be spent working.docxaryan532920
 
According to Kirk (2016), most of your time will be spent working wi.docx
According to Kirk (2016), most of your time will be spent working wi.docxAccording to Kirk (2016), most of your time will be spent working wi.docx
According to Kirk (2016), most of your time will be spent working wi.docxaryan532920
 
According to Davenport (2014) the organizational value of healthcare.docx
According to Davenport (2014) the organizational value of healthcare.docxAccording to Davenport (2014) the organizational value of healthcare.docx
According to Davenport (2014) the organizational value of healthcare.docxaryan532920
 
According to the authors, privacy and security go hand in hand; .docx
According to the authors, privacy and security go hand in hand; .docxAccording to the authors, privacy and security go hand in hand; .docx
According to the authors, privacy and security go hand in hand; .docxaryan532920
 
According to Gilbert and Troitzsch (2005), Foundations of Simula.docx
According to Gilbert and Troitzsch (2005), Foundations of Simula.docxAccording to Gilbert and Troitzsch (2005), Foundations of Simula.docx
According to Gilbert and Troitzsch (2005), Foundations of Simula.docxaryan532920
 
According to Klein (2016), using ethical absolutism and ethical .docx
According to Klein (2016), using ethical absolutism and ethical .docxAccording to Klein (2016), using ethical absolutism and ethical .docx
According to Klein (2016), using ethical absolutism and ethical .docxaryan532920
 
According to Franks and Smallwood (2013), information has become.docx
According to Franks and Smallwood (2013), information has become.docxAccording to Franks and Smallwood (2013), information has become.docx
According to Franks and Smallwood (2013), information has become.docxaryan532920
 
According to the Council on Social Work Education, Competency 5.docx
According to the Council on Social Work Education, Competency 5.docxAccording to the Council on Social Work Education, Competency 5.docx
According to the Council on Social Work Education, Competency 5.docxaryan532920
 
According to the authors, privacy and security go hand in hand; and .docx
According to the authors, privacy and security go hand in hand; and .docxAccording to the authors, privacy and security go hand in hand; and .docx
According to the authors, privacy and security go hand in hand; and .docxaryan532920
 
According to recent surveys, China, India, and the Philippines are t.docx
According to recent surveys, China, India, and the Philippines are t.docxAccording to recent surveys, China, India, and the Philippines are t.docx
According to recent surveys, China, India, and the Philippines are t.docxaryan532920
 
According to the authors, countries that lag behind the rest of the .docx
According to the authors, countries that lag behind the rest of the .docxAccording to the authors, countries that lag behind the rest of the .docx
According to the authors, countries that lag behind the rest of the .docxaryan532920
 
According to Peskin et al. (2013) in our course reader, Studies on .docx
According to Peskin et al. (2013) in our course reader, Studies on .docxAccording to Peskin et al. (2013) in our course reader, Studies on .docx
According to Peskin et al. (2013) in our course reader, Studies on .docxaryan532920
 
According to Franks and Smallwood (2013), information has become the.docx
According to Franks and Smallwood (2013), information has become the.docxAccording to Franks and Smallwood (2013), information has become the.docx
According to Franks and Smallwood (2013), information has become the.docxaryan532920
 
According to Ang (2011), how is Social Media management differen.docx
According to Ang (2011), how is Social Media management differen.docxAccording to Ang (2011), how is Social Media management differen.docx
According to Ang (2011), how is Social Media management differen.docxaryan532920
 
According to (Alsaidi & Kausar (2018), It is expected that by 2020,.docx
According to (Alsaidi & Kausar (2018), It is expected that by 2020,.docxAccording to (Alsaidi & Kausar (2018), It is expected that by 2020,.docx
According to (Alsaidi & Kausar (2018), It is expected that by 2020,.docxaryan532920
 

More from aryan532920 (20)

According to the NASW Code of Ethics section 6.04 (NASW, 2008), .docx
According to the NASW Code of Ethics section 6.04 (NASW, 2008), .docxAccording to the NASW Code of Ethics section 6.04 (NASW, 2008), .docx
According to the NASW Code of Ethics section 6.04 (NASW, 2008), .docx
 
According to the text, crime has been part of the human condition si.docx
According to the text, crime has been part of the human condition si.docxAccording to the text, crime has been part of the human condition si.docx
According to the text, crime has been part of the human condition si.docx
 
According to Ronald Story and Bruce Laurie, The dozen years between.docx
According to Ronald Story and Bruce Laurie, The dozen years between.docxAccording to Ronald Story and Bruce Laurie, The dozen years between.docx
According to Ronald Story and Bruce Laurie, The dozen years between.docx
 
According to Kirk (2016), most of your time will be spent work with .docx
According to Kirk (2016), most of your time will be spent work with .docxAccording to Kirk (2016), most of your time will be spent work with .docx
According to Kirk (2016), most of your time will be spent work with .docx
 
According to the Council on Social Work Education, Competency 5 Eng.docx
According to the Council on Social Work Education, Competency 5 Eng.docxAccording to the Council on Social Work Education, Competency 5 Eng.docx
According to the Council on Social Work Education, Competency 5 Eng.docx
 
According to Kirk (2016), most of our time will be spent working.docx
According to Kirk (2016), most of our time will be spent working.docxAccording to Kirk (2016), most of our time will be spent working.docx
According to Kirk (2016), most of our time will be spent working.docx
 
According to Kirk (2016), most of your time will be spent working wi.docx
According to Kirk (2016), most of your time will be spent working wi.docxAccording to Kirk (2016), most of your time will be spent working wi.docx
According to Kirk (2016), most of your time will be spent working wi.docx
 
According to Davenport (2014) the organizational value of healthcare.docx
According to Davenport (2014) the organizational value of healthcare.docxAccording to Davenport (2014) the organizational value of healthcare.docx
According to Davenport (2014) the organizational value of healthcare.docx
 
According to the authors, privacy and security go hand in hand; .docx
According to the authors, privacy and security go hand in hand; .docxAccording to the authors, privacy and security go hand in hand; .docx
According to the authors, privacy and security go hand in hand; .docx
 
According to Gilbert and Troitzsch (2005), Foundations of Simula.docx
According to Gilbert and Troitzsch (2005), Foundations of Simula.docxAccording to Gilbert and Troitzsch (2005), Foundations of Simula.docx
According to Gilbert and Troitzsch (2005), Foundations of Simula.docx
 
According to Klein (2016), using ethical absolutism and ethical .docx
According to Klein (2016), using ethical absolutism and ethical .docxAccording to Klein (2016), using ethical absolutism and ethical .docx
According to Klein (2016), using ethical absolutism and ethical .docx
 
According to Franks and Smallwood (2013), information has become.docx
According to Franks and Smallwood (2013), information has become.docxAccording to Franks and Smallwood (2013), information has become.docx
According to Franks and Smallwood (2013), information has become.docx
 
According to the Council on Social Work Education, Competency 5.docx
According to the Council on Social Work Education, Competency 5.docxAccording to the Council on Social Work Education, Competency 5.docx
According to the Council on Social Work Education, Competency 5.docx
 
According to the authors, privacy and security go hand in hand; and .docx
According to the authors, privacy and security go hand in hand; and .docxAccording to the authors, privacy and security go hand in hand; and .docx
According to the authors, privacy and security go hand in hand; and .docx
 
According to recent surveys, China, India, and the Philippines are t.docx
According to recent surveys, China, India, and the Philippines are t.docxAccording to recent surveys, China, India, and the Philippines are t.docx
According to recent surveys, China, India, and the Philippines are t.docx
 
According to the authors, countries that lag behind the rest of the .docx
According to the authors, countries that lag behind the rest of the .docxAccording to the authors, countries that lag behind the rest of the .docx
According to the authors, countries that lag behind the rest of the .docx
 
According to Peskin et al. (2013) in our course reader, Studies on .docx
According to Peskin et al. (2013) in our course reader, Studies on .docxAccording to Peskin et al. (2013) in our course reader, Studies on .docx
According to Peskin et al. (2013) in our course reader, Studies on .docx
 
According to Franks and Smallwood (2013), information has become the.docx
According to Franks and Smallwood (2013), information has become the.docxAccording to Franks and Smallwood (2013), information has become the.docx
According to Franks and Smallwood (2013), information has become the.docx
 
According to Ang (2011), how is Social Media management differen.docx
According to Ang (2011), how is Social Media management differen.docxAccording to Ang (2011), how is Social Media management differen.docx
According to Ang (2011), how is Social Media management differen.docx
 
According to (Alsaidi & Kausar (2018), It is expected that by 2020,.docx
According to (Alsaidi & Kausar (2018), It is expected that by 2020,.docxAccording to (Alsaidi & Kausar (2018), It is expected that by 2020,.docx
According to (Alsaidi & Kausar (2018), It is expected that by 2020,.docx
 

Recently uploaded

The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfSumit Tiwari
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfUmakantAnnand
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...M56BOOKSTORE PRODUCT/SERVICE
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfakmcokerachita
 

Recently uploaded (20)

The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdfEnzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
Enzyme, Pharmaceutical Aids, Miscellaneous Last Part of Chapter no 5th.pdf
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.Compdf
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
 

Compliance Risk Assessment Fall 2016 Class 4 Stephen Paine.docx

  • 1. Compliance Risk Assessment Fall 2016 Class 4 Stephen Paine Compliance Risk Assessment Overview Recap of Class 1 Pfizer Case Study and Compliance Risks Legal and Regulatory Incentives/Conflicts of Interest Political Failure of Controls Reputational Recidivism Point of Sale/Distribution Definitions Compliance Risk is the risk of failing to comply with applicable legal or regulatory requirements resulting in a material loss (financial or reputational) or legal/regulatory sanction A Compliance Risk Assessment is a framework to enable the evaluation and analysis of the overall Compliance risk (both inherent risks and control effectiveness) associated with a particular business area
  • 2. Recap of Class 2 The Five Elements of an Effective Compliance Program Tone at the Top Enron Chronology: July 1985 Enron established through merger and by November 2006 entire senior management team has either been indicted or convicted with Enron and Arthur Andersen no longer operating Corporate Culture and Communication Codes of Conduct set the values for employees to follow and those values are based on Compliance Risk. 3. Compliance Risk Assessment 4. Testing and Monitoring 5. Chief Compliance Officer Case Study: HSBC Financing drug cartels Permitting sanctioned regimes to process dollar payments Claw back of compensation (including Compliance Officers) Criminal charges for “failure to maintain an effective AML program”
  • 3. Recap of Class 3 Compliance Tools/Controls Advisory Function Coverage of Front Office and Technology, Finance and Operations Conflicts of Interest -- A Deep Dive Conflicts of interest are inherent in the financial services business Historical success of the industry has been managing these conflicts by eliminating or disclosing them Top to bottom review of business operations to address conflicts of interest of every kind Risk Assessments Follow-Up Policies and Procedures Education and Training Compliance Surveillance and Business Unit Review and Testing ‹#› In the News This Week The Wells Fargo Cross-Selling Matter Consent Order Unauthorized Deposit Accounts and Simulated Funding Unauthorized Credit Cards Unauthorized Enrollments into Online Banking Unauthorized Debit Cards
  • 4. Independent Consultant’s Remit Pay Redress Costs to Customers $185 Million in Civil Penalties and Fines Compliance Monitoring (page 23) John Stumpf, Wells Fargo CEO, Appears before Senate Committee on Banking http://www.cnn.com/videos/cnnmoney/2016/09/21/elizabeth- warren-wells-fargo-ceo-cnnmoney.cnn ‹#› Our Journey So Far Class 1 Class 2 Class 3 Tonight . . . finally Compliance Risk Compliance Program
  • 5. Compliance Controls Compliance Risk Assessment Compliance Risk Assessment A Compliance Risk Assessment is a framework to enable the evaluation and analysis of the overall Compliance risk (both inherent risks and control effectiveness) associated with a particular business area 1. Identifying Business Area(s) and Metrics 2. Mapping Applicable Rules 3. Identifying Key Compliance Risks and Themes 4. Defining a Controls Inventory 5. Rating Control Effectiveness 6. Determining Residual Risks 7. Scoring, Rating and Reporting
  • 6. Compliance Risk Assessment Steps Identify Business Area and Metrics Map Applicable Rules Identify Key Compliance Risks & Themes Define Controls Inventory Rate Controls Effectiveness Determine Residual Risk Score, Rate and Report Identifying Business Areas: The Challenge
  • 7. Compliance Risk Assessment: Business Areas The Compliance Risk Assessment seeks to provide senior management/BoD with an assessment of risk ACROSS THE ENTIRE ORGANIZATION But risks can be local . . . both local by business area and by geography CRA results need to be consistent as possible to promote “read across” opportunities Identifying Business Areas: The Approach List the business areas and primary regional geographies to be assessed Conduct individual assessments that can then roll-up into one global, organizational-wide risk assessment Pharmaceuticals Financial Services Compliance Risk Assessment: Business Areas MS Investment Banking & Capital Markets Wealth Management Sales and Trading
  • 8. Research Investment Management Merck Biopharmaceuticals Consumer Health (OTC) Allergopharma Biosimilars Life Science (R&D) Performance Materials (LCD, Effect pigments) UBS Wealth Management Asset Management Investment Bank Financial Intermediaries Novartis Pharmaceuticals Alcon (Eye Care) Sandoz (Generics) Consumer Health All four have a global scope across the Americas, EMEA and APAC Pharmaceuticals
  • 9. Financial Services Compliance Risk Assessment: Business Areas MS Investment Banking & Capital Markets Wealth Management Sales and Trading Research Investment Management Digging Deeper: What’s under Sales and Trading? Equity Fixed Income New York Equity Desk London Equity Desk Hong Kong Equity Desk Merck Biopharmaceuticals Consumer Health (OTC) Allergopharma Biosimilars Life Science (R&D) Performance Materials (LCD, Effect pigments) Digging Deeper: What’s under Biopharmaceuticals? Research & Development Manufacturing Distribution
  • 10. US Manufacturing European Manufacturing APAC Manufacturing Compliance Risk Assessment: Business Area Metrics DO Metrics Laboratory Inherent Risk: The risk to an entity that in absence of any actions management might take to alter either the risk’s likelihood or impact. Quantitative Metrics about a business area can provide the first component of the inherent risk profile What are some categories of quantitative metrics? Governance and Management Performance Client/Distribution Base Other Assessments/Evaluations Case Study: Morgan Stanley Morgan Stanley’s Wealth Management business in the US has been identified as under evaluation for a compliance risk assessment. This business has over 17,000 Financial Advisors providing investment advice to individual clients in all 50 states of the US for their investment accounts held at Morgan Stanley. Develop a set of metrics to use in a Compliance Risk Assessment for this business area Rate the Inherent Risk as Low, Medium or High Discuss the lines between quantitative and qualitative in the metrics Purpose of Business Area Metrics: Inherent Risk Business Area and Metrics Class Discussion
  • 11. How do you go about getting the metrics? Business Area? Financial Accounting? HR? Dedicated Unit? Does it matter where and how those metrics are obtained? Automated in preferred Objective provider (Financial Accounting, Operations, Compliance) ‹#› Compliance Risk Assessment Steps Identify Business Area and Metrics Map Applicable Rules Identify Key Compliance Risks & Themes Define Controls Inventory Rate Controls Effectiveness Determine Residual Risk
  • 12. Score, Rate and Report Compliance Risk Assessment: Rule Mapping What is Rule Mapping? Sources for the Rules Definition: Rule mapping is the process by which applicable legal and regulatory requirements are mapped to the appropriate business lines and areas Scope of Rule Mapping Focus is on Compliance Risk; therefore: Compliance Rules The rules in scope are typically the rules of the local regulator that are relevant to compliance and therefore do not always include rules relating to corporate governance and subjects such as accounting etc. (as these are covered by Finance and Risk rather than by Compliance) Class Discussion on Compliance Risk and Other Types of Risk: Back to Enron FERC versus GAAP Rule sources include: Laws and Codes Regulatory Authorities External Content Providers New Rules
  • 13. Rules and Compliance Risk Themes Format and Systems Rule Mapping: Rule 10b-5 § 240.10b-5 Employment of manipulative and deceptive devices. It shall be unlawful for any person, directly or indirectly, by the use of any means or instrumentality of interstate commerce, or of the mails or of any facility of any national securities exchange, (a) To employ any device, scheme, or artifice to defraud, (b) To make any untrue statement of a material fact or to omit to state a material fact necessary in order to make the statements made, in the light of the circumstances under which they were made, not misleading, or (c) To engage in any act, practice, or course of business which operates or would operate as a fraud or deceit upon any person, in connection with the purchase or sale of any security. Sec. 10; 48 Stat. 891; 15 U.S.C. 78j Compliance Risk Assessment: Rule Mapping What do we want to know about Rule 10b-5?
  • 14. Rule Mapping: Return to Morgan Stanley Case Study What rules would be mapped to Morgan Stanley’s Wealth Management business? US Securities and Exchange Commission Financial Regulatory Authority Stock Exchanges US Commodity Futures Trading Commission The Federal Reserve Rule Mapping Class Discussion Once all rules are mapped to a business area, what other analysis can be done? Volume/Number of Rules Complexity of Rules Could this be rated/scored? What is the interplay between rules and controls? ‹#› Compliance Risk Assessment Steps
  • 15. Identify Business Area and Metrics Map Applicable Rules Identify Key Compliance Risks & Themes Define Controls Inventory Rate Controls Effectiveness Determine Residual Risk Score, Rate and Report Compliance Risk Assessment: Compliance Risks Legal and Regulatory Political Reputational
  • 16. Point of Sale/Distribution Integrating these Compliance Risks into the Assessment Class 1 Key Category is Legal and Regulatory Risk Rule Mapping is critical to this exercise Developing Compliance Risk Themes also assists Compliance Risk Themes are based on applicable rules Compliance Risk Themes provide universal risks for businesses within the organization Examples of Compliance Risk Themes for Legal and Regulatory Risks Anti-Money Laundering Anti-Corruption Data Protection and Privacy Conflicts of Interest Anti-Fraud Business/Regulatory Complexity Industry Specific: Food, Drug and Cosmetic Act; Securities and Exchange Act Class Discussion: How do the other risks above (from Class 1) fit in? The results of the questionnaire are the second component of inherent risk Incentives/Conflicts of Interest Failure of Controls Recidivism Non-RM FTEs: 470 to 460, reflects 32 RIFs, offset by 10 FTE increase in branch support, 10 FTE transfer from Operations, and 2 pending net hires 21
  • 17. Compliance Risk Assessment: Compliance Risks Assessing these Compliance Risks against a specific business area How do we do it? Quantitative Analysis Qualitative Analysis Questionnaire as Analysis Tool Assessment Conducting these analyses is at the heart of a Compliance Risk Assessment Develop a Questionnaire for Quantitative Input Develop a Questionnaire for Qualitative Input HSBC Case Study as an example Compliance Risk Theme: Anti-Money Laundering Qualitative Questionnaire How are fund transfers handled? Are automated filters used to screen for sanctioned countries Qualitative Questionnaire How many fund transfers per year? How many incidents of payments being made to sanctioned countries? Later assignments and discussions will center on these questionnaires Non-RM FTEs: 470 to 460, reflects 32 RIFs, offset by 10 FTE
  • 18. increase in branch support, 10 FTE transfer from Operations, and 2 pending net hires 22 Identify Compliance Risk Themes Class Discussion One of the “critical path” elements of the CRA is identifying and assessing the compliance risks of the business area and it is based on questionnaires. Does that surprise you? Who drafts the questionnaires? Who answers the questionnaires? How automated and systematic can this process be? ‹#› Compliance Risk Assessment Steps Identify Business Area and Metrics Map Applicable Rules Identify Key Compliance Risks & Themes
  • 19. Define Controls Inventory Rate Controls Effectiveness Determine Residual Risk Score, Rate and Report Compliance Risk Assessment: Controls Inventory Controls Laboratory Controls breakdown into 5 broad categories: Advisory Function Communication, Training and Awareness Policies and Procedures Supervision and Controls Monitoring and Surveillance Then identify which are in place for the compliance risk noted for the business area Are there qualitative and quantitative components to each of these control categories ? Develop examples of quantitative indicators of controls Controls Inventory
  • 20. Compliance Risk Assessment Steps Identify Business Area and Metrics Map Applicable Rules Identify Key Compliance Risks & Themes Define Controls Inventory Rate Controls Effectiveness Determine Residual Risk Score, Rate and Report Compliance Risk Assessment: Rate Control Effectiveness Control Effectiveness Laboratory Using Business Metrics and Quantitative Control Indicators,
  • 21. rate the effectiveness of the control for the business area Advisory Function - Ratio of Compliance Staff to Business Area employees Supervision and Controls – Ratio of supervisors to Business Area employees Monitoring and Surveillance – How many alerts generated? How many were “false positives Qualitative Control Indicators also are used Develop a qualitative questionnaire to evaluate the effectiveness of controls Adopt a scoring methodology Evaluating the effectiveness of controls in a business area Compliance Risk Assessment Steps Identify Business Area and Metrics Map Applicable Rules Identify Key Compliance Risks & Themes Define Controls Inventory Rate Controls Effectiveness Determine Residual Risk
  • 22. Score, Rate and Report Compliance Risk Assessment: Rate Control Effectiveness Residual Risk Laboratory INHERENT RISK Develop a list factors to be reviewed in determining residual risk What types of data is needed to evaluate residual risk? How do you think residual risk should be rated or scored? Residual Risk CONTROLS RESIDUAL RISK Compliance Risk Assessment Steps Identify Business Area and Metrics Map Applicable Rules Identify Key Compliance Risks & Themes
  • 23. Define Controls Inventory Rate Controls Effectiveness Determine Residual Risk Score, Rate and Report Assignment 2 Feedback Use a formal, memorandum writing style for these assignments and avoid a casual or informal style No contractions No first person Colloquial expressions and cliches Generally avoid subjective adjectives Examples: Huge, Great, Good, Big Avoid overstatements and generalizations Think carefully before using “Never” or “All” Number 1 Rule for Writing: Make It EASY (For your Reader) Page numbers
  • 24. Headings Introductions that provide foundation Short but meaty sentences Grading Scale and Distribution E = Excellent 2 G = Good 7 S = Satisfactory 12 P = Poor 0 ‹#› Assignment 3 Due at the start of class on September 28 Develop a breakdown of businesses to be assessed for one regional area of your company. Consider the volume and complexity of the rules that apply to each of the businesses and provide volume and complexity ratings (1-5 with 5 being the highest.) Include a list of suggested questions to interview the head of one of the businesses as part of the assessment. Include information categories that you would obtain to make the assessment and note whether the information is qualitative or quantitative Consider yourself taking the role of a Compliance Professional responsible for conducting the CRA of this particular region. Format can be a list of the businesses within the region and then
  • 25. note the volume and complexity of the rules that would apply by rating each. Then, select one business area and set the stage as to who the title of the person you are interviewing (e.g., “Head of Wealth Management APAC” or Head of Fixed Income Desk London”) and list the categories or topics of information you would want to obtain and note whether the information is qualitative or quantitative. 2-3 pages ‹#›