It’s no secret that it has become increasingly difficult for multinational banks to manage their compliance programs, and this is largely due to the fact that they are engaged in so many business and service lines. Since 2004, regulatory updates have increased from around 10 a day to nearly 200. One might expect this regulatory burden to have hampered banks from retaining their spirit of innovation. However, they continue to identify profitable new jurisdictions (Thailand, Chile, etc.) and potential new business lines (mobile banking, blockchain) without neglecting the new statutes, codes, regulations and guidance documents.
The increase in regulations has exposed several challenges within financial institutions – from a lack of understanding as to which regulations apply to which functions and people within the organization, and the disparities of regulations across jurisdictions, to how exactly financial institutions should structure their compliance programs.
A successful regulatory compliance program begins with a solid foundation, where employees participate in the necessary training to fully understand the meaning of strong ethics and integrity, and in return apply these values to their work. If the Bank Secrecy Act stipulates that depository institutions must keep certain records that have a “high degree of usefulness in criminal, tax, or regulatory investigations and proceedings,” an employee should be able to exercise such values and point to the relevant training manual if questioned.
Deutsche Bank recently paid out an immense $258 million to US state and federal regulators to settle charges for business committed on behalf of entities in US-sanctioned countries, such as Iran and Syria. There are actually no sanctions compliance programs required by any regulations, although one might argue that Deutsche Bank should have known and implemented a written OFAC (Office of Foreign Assets Control) program. This may be an unwritten rule, but if employees were able to apply strong business morals and ethics, this incident may have been avoided.
In another case, ABN AMRO Bank N.V. paid out a smaller sum of $640,000 to the Dubai Financial Services Authority for failing to adequately supervise their private banking international staff around deficiencies in their anti-money-laundering systems and controls. Again, an understanding and application of ethics and principles may have helped to catch this failing.
Seven banks (Barclays, Commerzbank, Credit Suisse, Deutsche Bank, Merrill Lynch International, Royal Bank of Scotland, and Société Générale) have been fined by the Financial Conduct Authority (its predecessor being the Financial Services Authority) for MiFID (Markets in Financial Instruments Directive) transaction reporting failures. UBS is set to receive the largest-ever fine (over $18M) for the same oversight. This is a clear indication that regulatory compliance programs are still in disarray and that in practice lessons have not translated into necessary change.
The solution contains two components – one on a foundational level and one on a practical level:
Developing a regulatory compliance program requires time, resources and expertise. Even with a solution in mind, banks might not have the means to begin execution. For example, Thomson Reuters has assisted in executing a successful regulatory compliance program with a basic 5-step implementation plan.
Clients who have implemented this 5-step plan have observed key benefits – a greater understanding of changing regulatory requirements and their impact on the bank’s specific business lines; more efficient allocation of human and financial resources; and a superior ability to gather, prioritize and assess risk – all of which contribute to immensely improved interactions with regulatory bodies.
Exchange Magazine provides a robust forum for dialogue where ideas, insights, and information are shared across the global financial ecosystem. Experience Exchange for yourself and engage with us to drive and shape its future.