Compliance Forum - Febelfin · Compliance Forum 1 A function facing key evolutions ... banking and...

Compliance ForumEvolution de la fonction compliance au travers des développements de la réglementation et du marché

Evolutie van de compliance functie door de reglementaire en marktontwikkelingen

7 June 2016

PwC

7 June 2016

Introduction 3

1 A function facing key evolutions 4

Regulatory-driven evolution 5

2 A look back 6

3 The control functions 9

4 Increasing expectations 11

5 Reporting lines 14

6 Resources 18

7 Risk management 21

Future perspectives 27

8 Top areas of compliance-related risks 28

9 Market-driven changes 30

10 Compliance culture 32

11 Culture & strategy 36

Conclusion 40

Contents

2Compliance Forum

ConclusionFuture perspectivesRegulatory-driven evolutionIntroductionContents

PwC

7 June 2016

Introduction

3Compliance Forum

1


PwC

7 June 2016

IntroductionA function facing key evolutions

4

It is important to be able to make a clearbusiness case for why compliance shouldstep up the value chain.

Compliance Officers are becoming increasingly important advisers to boards

Building a strong bank cultureas a form of risk reduction.

This more strategic role requires to rethinkthe approach to performance management,recruitment and career development.

50% of COs believe their teams aretoo small to carry out theirresponsibilities effectively.

PwC Banking Compliance Survey 2016

Technology is critical in improving the speed, scope and accuracy of compliance monitoring, but also freeing up compliance to take on a more strategic role

Bank CEOs continue to see over-regulation as the by far biggestthreat to growth they face.

PwC 19th Annual Global CEO Survey

Compliance function is key to protect thebusiness from regulatory censure andprotect brand and reputation.

4Compliance Forum

1 A function facing key evolutions ConclusionFuture perspectivesRegulatory-driven evolutionIntroductionContents

PwC

7 June 2016

Regulatory-driven evolution

5Compliance Forum

2


PwC

7 June 2016

10/05/2007

27/03/1995

06/04/1995

2 A look back

Regulatory-driven evolutionLooking back at the regulation – Insurance companies & Financial institutions

6Compliance Forum

Law on the supervision of insurance companies

09/07/1975

Law on organisinga national register of natural persons and the relevant implementing decrees

Law on consumer credit

Law on terrestrial insurance contracts: Compliance with the provisions on the protection of the insurance taker, information to the client and publicity

RD on consumer credit charges, rates, contract duration and repayment terms

Law on the protection of privacy in relation to the processing of personal data

Law on the prevention of the use of the financial system for laundering money and terrorism financing: Compliance with the due diligence obligation towards the clients, the prevention of the use of the financial system for the purposes of laundering money and terrorism financing, and the prevention of the financing of the proliferation of weapons of mass destruction

Law on insurance and reinsurance intermediation and on the distribution of insurance:(provisions on the protection of the insurance taker, information to the client and publicity, rules of conduct)

12/06/1991

08/08/1983

04/08/1992

25/06/1992

08/12/1992

11/01/1993

30/11/2001 (D. 207)

28/04/2003

14/11/2003

06/04/2010

The special mechanisms

Law on supplementary pensions:Compliance with the provisions on the protection of the insurance taker, information to the client and publicity

RD on life insurance activities: Compliance with the provisions on the protection of the insurance taker, information to the client and publicity

Law on combating certain forms of discrimination and the law on combating discrimination between men and women

19/10/2010

(CBFA 2010_22)

Compliance with the provisions on the protection of the insurance taker, information to the client and publicity

04/12/2012

(NBB_2012_14)

Compliance function

01/03/2011 (CBFA_2011_09)

Compliance with the due diligence obligation towards the clients, the prevention of the use of the financial system for the purposes of laundering money and terrorism financing, and the prevention of the financing of the proliferation of weapons of mass destruction

InsuranceCompanies

FinancialInstitutions

Insurance Companies &Financial Institutions

Law on mortgage loans

02/08/2002

Law on the supervision of the financial sector and on financial services

26/11/2009

(CBFA_2009_34)

Compliance with the principles on sound remuneration policy

Law on market practices and consumer protection

17/06/2013

(NBB_2013_02)

Expertise and professional integrity – Fit & Proper

Law on the status and supervision of credit institutions:


22/03/1993

Law on the legal status and supervision of investment firms, rules governing the use of financial instruments

18/12/1997(D1 97/9 & D4 79/4)


30/12/1997(D1 97/10)

The fiscal prevention policy

22/03/2006

Law on intermediation in banking and investment services and the distribution of financial instruments:Compliance with the rules of conduct

05/06/2007

CBFA regulation on organisational requirements for institutions that provide investment services

20/07/2004

Law on certain forms of collective management of investment portfolios: Compliance with the rules on publicity

16/06/2006

Law concerning public offers of investment instruments: Compliance with the rules on publicity

14/02/2011(CBFA_2011_09)

Compliance with the principles on sound remuneration policy: overview of the relevant legal provisions

14/02/2011(CBFA_2011_05)

CBFA regulation on sound remuneration policies in credit institutions

25/04/2014

Law on the legal status and supervision of credit institutions

13/03/2016

Law on the legal status and supervision of insurance or reinsurance institutions

04/04/2014

Law on insurance

03/08/2012

Law concerning institutions for collective investments according to the conditions set out in Guideline 2009/65/EG and for debt investment institutions

18/12/2013

NBB_2013_20

18/12/2013

NBB_2013_20

30/12/2013

Law on market practices and consumer protection

Requirements with regard to the governance system in the context of preparatory measures for Solvency II

Recent developments concerning money laundering

07/12/2015

NBB_2015_29

Introduction of a governance manual for the banking sector

13/07/2015

NBB_2015_21

The internal control system and the internal audit function

Principle of the compliance function

18/12/2001(D1 2001/13)

Definition of the internal controlsfunction, the internalaudit and the compliance function

14/11/2002(D1/EB/2002/6)


PwC

7 June 2016

Fit & proper

Sound remuneration policy

Anti-discrimination

Intermediation: rules of conduct

Investment portfolios: rules on publicity

Supervision of the financial sector and financial services:- MiFID rules of conduct- Rules on market abuse- Honest, fair and professional

treatment of the stakeholders- Rules of publicity

Status and supervision of investment firms: asset protection

Status and supervision of credit institutions: special mechanisms

AML

Data privacy

2 A look back

Regulatory-driven evolutionLooking back at the regulation – Financial institutions

7Compliance Forum

92 93 94 95 … 02 03 04 05 06 07 08 09 10 11 12 13

Law of 8 December 1992

Law of 11 January 1993

Law of 22 March 1993

Law of 6 April 1995

Law of 2 August 2002

Law of 20 July 2004


Law of 10 May 2007

Circular CBFA_2011_05 & CBFA_2011_09 of 14 February 2011

Circular NBB_2013_02 of 17 June 2013

14 15 16


PwC

7 June 2016

2 A look back

Regulatory-driven evolutionLooking back at the regulation – Insurance companies

8Compliance Forum

91 92 93 94 95 … 01 02 03 04 05 06 07 08 09 10 11 12 13

Governance requirements Solvency II

AssurMiFID

Fit & proper

Market practices and consumer protection

Sound remuneration policy

Anti-discrimination

The supervision of the financial sector and financial services


Intermediation: rules of conduct

AML

Data privacy

Protection to the insurance taker, information to the client and publicity

Law of 25 June 1992

Law of 8 December 1992

Law of 11 January 1993


Circular D. 207 of 30 November 2001

Law of 2 August 2002

Law of 10 May 2007

Circular CBFA_2009_34 of 26 November 2009

Law of 6 April 2010

Circular NBB_2013_02 of 17 June 2013

Circular NBB_2013_20 of 18 December 2013

14 15 16

Law of 30 July 2013


PwC

7 June 2016

3 The control functions

Regulatory-driven evolutionThe controls functions

9Compliance Forum

ResponsibilitiesExecution

Internal AuditVerification of the effective functioning and of the efficiency of internal controls (including

compliance and risk functions).

ComplianceVerification of the effective application of the regulations and procedures ensuring the integrity of the service delivered.

Risk ManagementVerification that the procedures are

appropriate to mitigate the risks identified and monitoring of the various reporting.

BoardRegularly verifies the institution

benefits from an adequate internal control environment. Analyses the internal controls report provided

by the Executive Committee.

Executive CommitteeTakes all required measures to

ensure that the institution permanently benefits from an

adequate internal controls function. Analyses the results of

Internal Audit work.

Annual report

Annual report

OperationsEffective application of the procedures defined

to mitigate the risks identified.

1st line of defence

3rd line of defence

2nd line of defence

Legal ?


PwC

7 June 2016

3 The control functions

Regulatory-driven evolutionThe controls functions

10Compliance Forum

Source: PwC State of Compliance 2015 Survey

Polling question 1

Do you feel the boundaries of first and second lines of defence are in practice well established and defined in your organisation?

1. Yes

2. No


PwC

7 June 2016

4 Increasing expectations

Regulatory-driven evolutionIncreasing expectations

11Compliance Forum

Increased regulatory

scrutiny

Misconduct / Fines

Public sentiment

Financial crisis

The top 20 European banks have paid out about $125 billion in fines and lawsuits since the onset of the financial crisis2, as well as incurring significant reputational damage.

Financial Times, 23 August 2015

66% of the banking industry leaders taking part in PwC’s latest global CEO survey see lack of trust as a threat to growth.

19th Annual Global CEO Survey

The financial crisis is a stark reminder that transparency and disclosure are essential in today's marketplace..

US Senator Jack Red, 16 June 2009


PwC

7 June 2016



12Compliance Forum

Regulatory requirements

Inter-dependencies

Multicompe-tencies

Additional responsibilities

Inspections

PressurePRIIPS

MiFID

MAD/MAR

Etc

Administrative / penal

Reporting requirements

Trust

IT

Legal

Business

Staff

Sanctions

Mystery shopping

Sustainable?


PwC

7 June 2016



13Compliance Forum

• Local versus global regulation

The level of detail of the regulation varies from one jurisdiction to another

There are differences in the timing for regulation implementation

A lot depends on the level of interpretation of the supervising authority

• Greater involvement of the ECB

Pressure to increase sanctions for institutions not fulfilling regulatory requirements

Lack of direct relationship with the supervisory authorities


PwC

7 June 2016

5 Reporting lines

Regulatory-driven evolutionReporting lines

14Compliance Forum

Who is your supervisor from a hierarchical perspective, from a functional perspective or in an ideal perspective?

0,00%

10,00%

20,00%

30,00%

40,00%

50,00%

60,00%

70,00%

CEO COO CRO Chairman ofthe Board

Group CO Legal Other

Hierarchical Functional Ideal


PwC

7 June 2016

5 Reporting lines


15Compliance Forum

Source: PwC Banking Compliance Survey 2016

0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50%

CEO

Others

CRO

Legal

Who is the direct reporting line of the Compliance Officer?


PwC

7 June 2016

5 Reporting lines


16Compliance Forum

Polling question 2

How would you assess the Board of Directors receptiveness to Compliance matters?

1. High

2. Low


PwC

7 June 2016

5 Reporting lines


17Compliance Forum

High 64%

How would you assess the Board of Directors receptiveness to Compliance matters?

Low 36%



PwC

7 June 2016

61,54%

6 Resources

Regulatory-driven evolutionResources

18Compliance Forum

Do you think that your department has sufficient staff for the following missions?

38,46%

46,15%

AML

MiFID

Market abuse

Privacy

Rules on advertising

0% 100%

Yes No

53,85%

61,54% 38,46%


61,54%38,46%

61,54% 38,46%

PwC

7 June 2016

21,43%

6 Resources


19Compliance Forum

Do you think that you benefit from sufficient automated monitoring tools for the following missions?

78,57%

35,71%

AML

MiFID

Market abuse

Public offer

0% 100%

Yes No

64,29%

35,71% 64,29%

35,71% 64,29%


PwC

7 June 2016

6 Resources


20Compliance Forum

How do you consider the level of available resources assigned to the Compliance?

0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

100%

Suitable Sufficient Insufficient

29%21%

50% 93% (increase of 14%) of Compliance Officers expect that compliance staff will increase in the next 2 years.

PwC Banking compliance Survey 2016



PwC

7 June 2016

7 Risk management

Regulatory-driven evolutionRisk management

21Compliance Forum

Polling question 3

Given the increase in risk due to these trends, are you of the opinion that there should be a clear and direct link between the Chief Compliance Officer and risk management?

1. Yes

2. No


PwC

7 June 2016

7 Risk management

22Compliance Forum


Strengthening of the regulatory framework.

Increasing pressure from authority for compliance.

Record fines have been imposed to financial institutions

Compliance issues could be considered as a risk category

There are areas of overlap between risk and compliance

Non-compliance is a risk….

Chief Risk Officers must understand the risk of non-compliance and assess the consequences for the firm as compliance is now part of the risk management framework.

…but Compliance remains mainly independent.

79% of participants to the PwC Banking Compliance Survey 2016 say that compliance is now a standalone function and none plan to merge it with other functions if it is currently separate.

Risk managers are trying to understand compliance issues not because they want to run compliance, but they want to understand what risks they’re taking.

Rodney Nelsestuen, senior research director at the CEB TowerGroup


PwC

7 June 2016

7 Risk management

23Compliance Forum

Polling question 4

Does the Compliance function use a dedicated Governance, Risk management and Compliance (GRC) technology tool (e.g. not a learning management or training tool)?

1. Yes

2. No

3. Don’t know



PwC

7 June 2016

7 Risk management

24Compliance Forum

23%

51%

26%

Does the Compliance function use a dedicated GRC technology tool?

Yes No Don't know


79% of Compliance Officers consider that additional tools should be deployed.



• A GRC tool is a very strong asset for

• However, some key attention points must be considered:

Documentation and reporting of the risk management and compliance activities

Performance of self-assessments and remediation of the processes / procedures

Balance the interests of the business and the compliance risks.

It is just a tool and not an objective

The GRC tools are often more sophisticated than the organisation

It requires a lot of work beforehand

It must be embedded in all the processes of the organisation

It must be part of all the future projects, developments or initiatives


PwC

7 June 2016

7 Risk management

25Compliance Forum

Polling question 5

Who “owns” the GRC technology tool used by your Compliance function?

1. Internal Audit

2. Risk Management

3. Compliance

4. No use of a GRC technology tool

5. Don’t know



PwC

7 June 2016

7 Risk management

26Compliance Forum


0% 5% 10% 15% 20% 25% 30% 35% 40%

Corporate Compliance function

Risk Management

Other

Internal Audit

Don't know

Who "owns" the GRC technology tool used by your Compliance function?



PwC

7 June 2016

Future perspectives

27Compliance Forum

3


PwC

7 June 2016

8 Top areas of compliance-related risks

Future perspectivesTop areas of compliance-related risks

28Compliance Forum

Polling question 6

What do you think will be the key compliance risks in the next 2 years?

1. AML & CFT

2. Banking secrecy & data privacy

3. Conflicts of interest

4. Consumer protection

5. Customer litigation

6. Future changes in regulation

7. Inconsistent implementation of regulation across business

lines and geographies

8. Internal organizational issues

9. KYC


PwC

7 June 2016

8 Top areas of compliance-related risks

Future perspectivesTop areas of compliance-related risks

29Compliance Forum

What do you think will be the key compliance risks in the next 2 years?

Compliance risks in 2 years

80% Consumer protection

60% KYC

60% AML & CFT

30% Banking secrecy & data privacy

20% Customer litigation

20% Conflicts of interest

10% Future changes in regulation

10%Inconsistent implementation of regulation across business lines

0% Internal organizational issues


Current main compliance risks

KYC 70%

Consumer protection 60%

AML & CFT 60%

Future changes in regulation 40%

Inconsistent implementation of regulation across business lines

20%

Conflicts of interest 20%

Customer litigation 10%

Banking secrecy & data privacy 10%

Internal organizational issues 10%


PwC

7 June 2016

9 Market-driven changes

Future perspectivesMarket-driven changes

30Compliance Forum

• Big data,

• Data analytics

• Data security

• In-Memory Database

• Technological breakthroughs

• New payment solution

• Mobile banking

• Personal finance management tools

• Multi-Tenant Cloud Applications

Mainly for insurance companies

• Climate change should result in an increase of the natural disasters

• Development of a demand for new insurance coverage

• Need for new risk modelling and insurance coverage compliant with existing and future regulation

• Increase the level of risk (legal, financial and reputational)

• Lack of maturity of the internal controls functions and more specifically the compliance

• Lack of experience of Belgian institution in exotic regulations

• Globalised economy and increase of non-resident customers

• Increase of international mobility

• Development of new b2b clients (e.g. new type of entities active in payment services)

There are a number of market trends impacting the compliance

function


PwC

7 June 2016

9 Market-driven changes

Future perspectivesMarket-driven changes

31Compliance Forum

Polling question 7

What trend do you believe will be the greatest market driver for change in compliance risk management over the next 10 years?

1. Data

2. Technology

3. Emerging markets

4. New customers

5. Natural disasters

6. Other


PwC

7 June 2016

10 Compliance culture

Future perspectivesCompliance culture

32Compliance Forum

Polling question 8

Overall, to what extent would you agree or disagree that the value of compliance is fully embraced across your organisation?

1. Strongly agree

2. Agree

3. Neither agree nor disagree

4. Disagree

5. Strongly disagree


PwC

7 June 2016



33Compliance Forum


0% 10% 20% 30% 40% 50% 60%

Strongly agree

Agree

Neither agree nor disagree

Disagree

Strongly disagree

Overall, to what extent would you agree or disagree that the value of compliance is fully embraced across your organisation?


PwC

7 June 2016



34Compliance Forum

Source: Thomson Reuter Accelus: Conduct Risk Report 2014/15

54% of Compliance Officers believe they should be focusing more on the development of a compliance culture in the business.



PwC

7 June 2016


Future perspectives Compliance culture

35Compliance Forum

“Weaknesses in risk culture are often considered a root cause of the global financial crisis, headline risk and compliance events.”

Sources: FSB “Guidance on Supervisory Interaction with Financial Institutions on Risk Culture” and G30 “Banking

Conduct and Culture – A Call for Sustained and Comprehensive Reform”

“Poor cultural foundations and significant cultural failures were major drivers of the recent financial crisis, and continue to be factors in the scandals since then, exacerbated by staff with questionable conduct and values who move from bank to bank with impunity.”


PwC

7 June 2016

11 Culture & strategy

Future perspectives Culture & strategy

36Compliance Forum

Polling question 9

Are you of the opinion that the Chief Compliance Officer should be more involved in strategic decision-making in the future?

1. Yes

2. No


PwC

7 June 2016



37Compliance Forum


Polling question 10

Are you of the opinion that involvement in the setting of the corporate strategy would pose issues for the independence around the Chief Compliance Officer?

1. Yes

2. No


PwC

7 June 2016



38Compliance Forum

Building a strong bank culture can be thought of as a form of risk reduction. With a weak culture comes high governance risk, but with a strong culture comes lower governance risk.

Banking conduct and culture: A call for sustained

and comprehensive reform, Group of 30, 2015


PwC

7 June 2016

Capabilities and effectiveness contributing to the strategy



39Compliance Forum

Expanded skill set and experience within the Compliance function through multi-disciplinary teams (e.g.: data analysis experience, technology acumen, business operations experience, industry experience, …)

Increased knowledge in managing all compliance obligations and issues through regular discussions with the sector and the regulators

Proactivity progressively replacing reactivity:

Risk identification and assessment – integrated risk assessments

Compliance monitoring and testing

Technology solutions


PwC

7 June 2016

Conclusion

40Compliance Forum

4


PwC

7 June 2016

ConclusionFuture components of a well-balanced Compliance function?

41Compliance Forum

8 principles to strengthen the Compliance function

and be prepared for future challenges.

Close relationships with key business leaders through the company.

01 Efficiency initiatives to improve the effectiveness of the compliance function.

02

Development and recognition of the strategic value delivered by compliance.

04

Multi-disciplinarity of the skills of the compliance officers, especially in technology and data analytics.

07

Efficient and close cooperation with Risk Management.

05

Building up on and balancing resiliency and agility to help driving growth.

08

Redefinition/ confirmation of the scope and role of compliance across the organisation.

03

Implementation of automated monitoring tools and use of integrated GRC platforms.

06


© 2016 PwC Belgium. All rights reserved.

PwC firms help organisations and individuals create the value they’re looking for. We’re a network of firms in 157 countries with close to 195,433 people who are committed to delivering quality in assurance, tax and advisory services. Tell us what matters to you and find out more by visiting us at www.pwc.comPwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity.

Please see www.pwc.com/structure for further details.

http://www.pwc.com/

http://www.pwc.com/structure

Date post:	07-Sep-2018
Category:	Documents
Upload:	trankhue
View:	216 times
Download:	0 times

Compliance Forum - Febelfin · Compliance Forum 1 A function facing key evolutions ... banking and...

Documents