Compliance & Risk Management
In any large organisation, particularly within the financial services and banking industry, the Compliance & Risk Management department is responsible for ensuring that the company meets its regulatory and statutory obligations in all jurisdictions through identifying, monitoring and assessment of compliance risks. Generally, the department is in charge of overseeing and managing compliance issues within an organization, ensuring, for example, that a company is complying with regulatory requirements, that the company and its employees are complying with internal policies and procedures, managing audits and investigations into regulatory and compliance issues; and responding to requests for information from regulatory bodies. The rash of recent accounting scandals, the Sarbanes-Oxley Act, notable changes in international legislation such as the Basel Accords and the Turnbull Report and the heightened global effort to combat terrorist funding and criminal money laundering activities have significantly raised the profile and importance of this growing profession.
The Basel Accord(s)
The Basel Accord(s) refers to the banking supervision Accords (recommendations on banking laws and regulations), Basel I and Basel II issued by the Basel Committee on Banking Supervision (BCBS). They are called the Basel Accords as the BCBS maintains its secretariat at the Bank of International Settlements in Basel, Switzerland and the committee normally meets there.
The Basel Committee consists of representatives from central banks and regulatory authorities of the Group of Ten (economic) countries, plus others (specifically Luxembourg and Spain). The committee does not have the authority to enforce recommendations, although most member countries (and others) tend to implement the Committee's policies. This means that recommendations are enforced through national (or EU-wide) laws and regulations, rather than as a result of the committee's recommendations - thus some time may pass between recommendations and implementation as law at the national level.
Sarbanes-Oxley (SOX)
The Sarbanes-Oxley Act of 2002 (Pub.L. 107-204, 116 Stat. 745, enacted 2002-07-30), also known as the Public Company Accounting Reform and Investor Protection Act of 2002 and commonly called SOX or Sarbox; is a United States federal law enacted on July 30, 2002 in response to a number of major corporate and accounting scandals including those affecting Enron, Tyco International, Adelphia, Peregrine Systems and WorldCom. These scandals, which cost investors billions of dollars when the share prices of the affected companies collapsed, shook public confidence in the US's securities markets. Named after sponsors Senator Paul Sarbanes (D-MD) and Representative Michael G. Oxley (R-OH), the Act was approved by the House by a vote of 334-90 and by the Senate 99-0. President George W. Bush signed it into law, stating it included "the most far-reaching reforms of American business practices since the time of Franklin D. Roosevelt."
The legislation established new or enhanced standards for all U.S. public company boards, management, and public accounting firms. It does not apply to privately held companies. The Act contains 11 titles, or sections, ranging from additional Corporate Board responsibilities to criminal penalties, and requires the Securities and Exchange Commission (SEC) to implement rulings on requirements to comply with the new law.
Turnbull Report
Internal Control: Guidance for Directors on the Combined Code (1999) also known as the "Turnbull Report" is a report drawn up with the London Stock Exchange for listed companies. The committee which wrote the report was chaired by Nigel Turnbull of The Rank Group plc. The report informs directors of their obligations under the Combined Code with regard to keeping good "internal controls" in their companies, or having good audits and checks to ensure the quality of financial reporting and catch any fraud before it becomes a problem. Revised guidance was issued in 2005.
Know your customer (KYC)
Know your customer (KYC) is the due diligence and bank regulation that financial institutions and other regulated companies must perform to identify their clients and ascertain relevant information pertinent to doing financial business with them. Know your customer policies have become increasingly important globally to prevent identity theft fraud, money laundering and terrorist financing. In a simple form these rules may equate to answering twelve questions, but this is the tip of the iceberg and regulators now expect much more. KYC should not be thought of as a form to be filled - it is a process to be undergone from the start of a customer relationship to the end.
Banks doing KYC monitoring for anti-money laundering (AML) and Counter-Terrorism Financing (CTF) purposes increasingly use specialised transaction monitoring software, particularly names analysis software and trend monitoring software. The generated alerts identify unusual activity which is then subject to due diligence or enhanced due diligence (EDD) processes that use internal and external sources of information on the subject, including the internet. This helps to determine whether a transaction or activity is suspicious and requires reporting to the authorities. In the US it would require Suspicious Activity Reporting (SAR) filing to Financial Crimes Enforcement Network (FinCEN). In the UK it would require a report to Serious Organised Crime Agency (SOCA).
Anti-money laundering (AML)
Today, all financial institutions globally are required to monitor, investigate and report transactions of a suspicious nature to the financial intelligence unit of the central bank in the respective country. For example, a bank must perform due diligence by having proof of a customer's identity and that the use, source and destination of funds do not involve money laundering. Financial institutions face penalties for failing to properly file CTR (Cash Transaction Report) and SAR (Suspicious Activity Report) reports, including heavy fines and regulatory restrictions.
Risk Qualifications
FRM – Financial Risk Manager (The Financial Risk Manager (FRM) qualification is a guarantee that an individual has strong knowledge of independent risk management analysis and decision-making. The FRM Examination takes place once a year in November, with tests in multiple cities around the world. Registration begins in March and continues until October.)
PRM – Professional Risk Manager (The PRM program is designed to aid professional risk managers’ development. It was formed by a coalition of PRMIA members, all of which are industry leaders. The course can be taken as a six-hour exam in one day or as four exams, each of which varies in length from one to two hours. The latter can be taken over a period of two years in any order.)
CFA – Chartered Financial Analyst (The CFA is awarded to Financial Analysts who have taken and passed three examinations set by the CFA Institute over the course of three years. Three years’ of professional investment experience is required for a student to take on the course of study. Many firms consider the CFA qualification to be a prerequisite before an investment professional can look to gain progression within their firm. The entry requirement for this qualification is a four-year degree, ideally in a financial discipline, or four years’ experience of working as a qualified financial professional. It is also possible to study for the course with four years of combined college study and work experience.)
Compliance Qualifications
Certificate in Anti-Money Laundering (Awarded by the International Compliance Association,the Certificate in Anti Money Laundering Awareness (the Certificate) is designed to equip employees within the financial services sector with a high level of awareness and practical understanding of the vulnerabilities of different industry sectors to the threat of money laundering and terrorist financing. The average delegate studying for the programme should be able to complete the Certificate in 1-3 months.)
Diploma in Anti-Money Laundering (Awarded by the International Compliance Association, the Anti Money Laundering Diploma consists of 10 modules. The average delegate who spends six hours per week studying for the programme should be able to complete a diploma in 9-12 months. Delegates who can dedicate more time can complete the programme in a shorter period.)
Certificate in Compliance (Awarded by the International Compliance Association,this programme should take students between six and nine months to complete and will focus on core compliance competencies, including anti-money laundering skills, before specialising into industry specific modules.)
Diploma in Compliance (Awarded by the International Compliance Association, the Diploma in Compliance consists of 4 core modules and several specialist modules and s a recognised indicator of professional competence for compliance professionals within the financial services sector.)
Diploma in Financial Crime Prevention (Awarded by the International Compliance Association, the Diploma consists of 4 modules: An Introduction to Financial Crime, Financial Crime – The UK Framework, The Prevention and Detection of Specific Financial Crime Risks and Investigation, Prosecution and Recovery.)
