Prioritizing Regulatory Compliance in the Financial Services Industry

Transcription

1 Prioritizing Regulatory Compliance in the Financial Services Industry 1185 Sanctuary Parkway Suite 250 Alpharetta, GA Tel:

2 A Regulatory Perfect Storm What do these have in common? The U.S. Sarbanes-Oxley Act. The Securities and Exchange Commission Broker Dealer Regulations. The U.S. Patriot Act/Bank Secrecy Act. The Gramm-Leach- Bliley Act. The UK Proceeds of Crime Act and Money Laundering Regulations. The Basel II Capital Accord. The European Union Directives. Canada s Proceeds of Crime and Terrorist Financing Act. Canada s Personal Information Protection and Electronic Documents Act. Yes, they are all elements of legislative and regulatory compliance requirements faced by financial institutions today. And yes, they are all documentation intensive. But most important to every C-level executive today, they come with the promise of severe penalties to you personally and to your organization for failure to comply if your organization cannot provide adequate proof that you had proper safeguards in place against fraud. Responsibility and accountability for all compliance measures have been elevated from the departmental level to the executive level. It used to be that CEOs, CFOs, CCOs and members of the Board of Directors needed only to hire trustworthy and dependable directors and managers. Executives now have to certify all financial reports and all controls or procedures guarding against something like this, and sign a formal document at the close of every quarter confirming that he or she has personally reviewed the financial statements, verified their accuracy and agreed to take responsibility should a discrepancy later be found. Essentially this changes the CFO s job description from focusing on improving efficiency and reducing costs to both reducing the risks associated with non-compliance and ensuring that everything that has been signed has also been done to the letter of the law and that all the books across every business unit and product line are in order. CFOs facing this challenge are doing so at a risk to the organization and to themselves. Driving a Sea Change of Liability For the first time in history executives now have to certify all financial reports and certify that all controls or procedures are in place to guard against fraud and abuse. And only intensifying the pressure, the audit committee is asserting more oversight on all compliance and risk activities. This situation combined with the fact that the federal and state legislative bodies have passed numerous laws directly impacting the business practices of financial institutions, and the results become overwhelmingly challenging to manage without a compliance partner that understands your business and can provide meaningful, necessary solutions today. Some of the concerns facing your business may include: Compliance 360, Inc. 2

3 Compliance Management Concerns Determining who is ultimately responsible for adherence to a given task Measuring risk on an enterprise-wide basis as well as operating risk associated with a wide variety of laws and regulations Preparing for your next audit, financial or otherwise Evaluating if a liability is being attended to in the most expedient and least risky fashion, and in a manner that demonstrates an environment of compliance Observing when one of your competitors has a regulatory filing against them Focusing on the right set of audits, i.e., expectations for the coming year rather than what was required over the past few years Complying with all the laws at the federal and state levels that are applicable to your divisions and product lines The Challenge is Significant Meeting governance and compliance requirements has become a top priority for C-level executives within the financial services industry. The challenge within the financial industry in particular is the combination of the volume of governing regulations along with the large number of product lines generally offered by today s financial institutions. Like so many financial services companies, your organization may offer some combination of banking business, bonds, mutual funds, brokerage products, real estate, commercial lending and other services each with its own set of federal laws and in some cases state or province laws or product regulations. And now, by law, your company s executive team is responsible and accountable for compliance across the business, in every region, state and country where business is conducted. If one manager in one region or one product line or business entity fails to abide by mandatory regulations, your entire organization will be at risk. The sheer weight of the privacy and financial controls regulations and penalties associated with fraud, holds the executive team unequivocally accountable for an organization amiss with disparate rules across the enterprise. How can a CFO or CEO certify the financial statements unless he or she is assured that every manager is following mandatory laws in an often decentralized organization? And how can a CFO or CEO be assured every manager is following every mandatory law and regulation without a fail-proof compliance solution? Compliance 360, Inc. 3

4 The Solution is Clear Why are compliance officers at financial institutions choosing Compliance 360? Because they know that it is critical to their organization and themselves to partner with a solutions provider that handles their challenges with ease. They understand the value of a solution that will give them peace of mind and proof of an environment of compliance. Do you have a fail-proof system that provides this same level of compliance security? Are you certain your system can meet the following mandatory requirements? Benefi ts Include Organize Laws and Regulations into a centralized repository Link all Policies, Contracts, and other evidentiary documentation to relevant Federal and State Regulations Real-time access and visibility to all Evidence of Compliance Sort and Segment Regulations with corresponding Policies by Business Entity and Product Line Standardize all Policies and Procedures Centralize and automate the tracking and management of Contracts and Projects Automate Surveys to educate employees and collect data Compliance 360 organizes relevant statutes and regulations essentially all the laws applicable to your organization and ties them to the corresponding policy and procedure. The system then links that data into all evidence of compliance documentation in any format that demonstrated the policy is compliant and finally associates that documentation back to the business owner or person responsible for the policy. The data is then maintained in a centralized repository. The first critical aspect of this process is having the law and the policy stored together in one central area. It only makes sense that the most effective way to manage a policy is to have the regulations or laws governing this policy together, in one place with the evidence of compliance, where they can be easily accessed and managed. Every place in the organization where there is a system, process or audit team that works to maintain compliance has immediate, direct access to the evidence or proof that all policy requirements have been kept current and alerts satisfied, stored in one place with the policy. This information is then tied directly back to the business owner or manager so that when a law changes or is updated, proper notification can be immediately sent to the person who is responsible for managing the change. What this means to the organization s executive team is that the information the CEO or CFO is certifying is backed up by a compliance audit trail. Without Compliance 360, a financial services company may not have the controls in place to enforce proper activity. Compliance 360, Inc. 4

5 A Direct Comparison is Key To determine the value of a solution, let s look at two scenarios. Scenario One: Without Compliance 360 Scenario Two: With Compliance 360 The general counsel of a bank has been told by a long-time manager in a highly successful, revenue-producing New York branch that everything is in fine working order. And based on the trust developed over years of working together, the general counsel certifies to the audit committee that there are no improper actions or legal issues at this branch, but something goes wrong. It is discovered that money laundering has taken place in the branch. Having enjoyed large revenue returns from overseas wire transfers, some more than $10,000 each, the bank turned a blind eye. Unfortunately, the FinCEN and OCC didn t. New York s attorney general, backed by the FinCEN and OCC, goes straight to the CEO with subpoenas. How is the CEO to know exactly what happened? The CEO and other related officers are now responsible. Things are looking really bad for the CEO and the company. The first par t stays the same. The management team is served a subpoena for violating the state and federal anti-money laundering laws. Only this time the general counsel has a single on-demand view of all evidence of compliance across the enterprise. The general counsel pulls up the portion of compliance dealing with money laundering and the system shows six or seven different attachments in the evidence room that prove systematic corporate compliance. The attorney s general office accesses audits done in the past, the results of physical tests, a workflow diagram, and copies of suspicious activity reports attached to the policy. The system shows who was notified, who that person notified and what was done. There is a complete audit trail immediately available for the general counsel to provide to the attorney s general office proving corporate compliance with the law. The attorney general reviews it and sees there was a program and policies in place, acceptable escalation management and most importantly the company can provide evidence of proof to reduce liability from the AML allegation. If a risk assessment proves that the controls were tested, judged effective and in place and working, and that the organization demonstrates a culture of compliance, the bank will have significantly reduced liability. And that is why today s most savvy and conscientious executives use Compliance 360 in their heavily regulated environment. Compliance 360, Inc. 5

6 The Benefits are Vast The changes to legislative and regulator y compliance that the financial industry has undergone in the past few years mirrors the requirements imposed upon the healthcare industry over the past decade. Compliance 360 began providing compliance solutions to regulated industries more than six years ago. So when significant laws such as SOX, the U.S. Patriot Act, GLB and AML were enacted, and financial institutions were faced with an increasing number of complex and sometimes overlapping local, state, national and international compliance requirements, financial institutionbased compliance officers turned to Compliance 360. We understand that disorganized and outdated information can be more dangerous than no information. Through established partnerships which provide constant research and interpretation of all compliance-related laws and regulations throughout the world, Compliance 360 ensures that you have access to the most up-to-date policies organized to provide you one-touch access to your policies and complete evidence of compliance at any given time. Customized sets of relevant regulations are imported into the system, filtered, ordered, segmented and linked to the policies that affect your business, with updates to regulations and laws routed to the responsible party at your organization. The cost of developing and maintaining a proprietary system that could manage this information in an equivalent manner would cost millions of dollars. For a fraction of the cost Compliance 360 provides a flexible solution that ensures your business-critical trail of data is captured, secured and available when and how you need it. By linking this data to the regulation that requires it, your policy, evidence of compliance and tying it back to the person responsible for managing the business, your executives can rest easy knowing that the documents they certify have been verified, audited and proved. Why should your organization seriously consider Compliance 360 today? Because signing your name to the company s financial statements under any other conditions just isn t worth the salary and benefits you re taking home. About Compliance 360 Compliance 360 helps companies in regulated industries address the most important facets of a comprehensive governance, risk and compliance management program reducing risks, reducing costs, improving efficiencies and enhancing global visibility of compliance activities. Compliance 360 has headquarters in Atlanta, GA and serves over 200 customers in healthcare, financial services, managed care, life sciences, pharmaceuticals and other complex business environments. For more information, visit Compliance 360 at www. compliance360.com. Compliance 360, Inc. 6