Assignment 8: Successful Compliance Strategy

What is compliance?

adhering to internal and external standards and requirements

How can compliance issues be categorized?

external or internal

mandatory or voluntary

What are governmental entities that enforce acts and standards?

• US Department of Labor enforces Fair Labor Standards Act

• Foreign Corrupt Practices Act (FCPA)

• Alternative Investment Fund Managers Directive (AIFMD)

• Cyber Security Law of Peoples’s Republic of China

What is Cyber Security Law of Peoples’s Republic of China?

requires companies that operate their own online networks to take steps to safeguard networks and user data

What is Alternative Investment Fund Managers Directive (AIFMD)?

EU directive that places hedge funds and private equity funds under supervision of EU regulatory body

establishes transparency requirements

What is Foreign Corrupt Practices Act (FCPA)?

prohibits bribery of foreign government officials in effort to obtain or retain business

applies to US and foreign organizations that make or facilitate prohibited payments within territory of US

What is US Department of Labor enforces Fair Labor Standards Act?

establishes minimum wage and overtime pay requirements by which employers in US must abide

also dictates when hourly employees have to be compensated

What is voluntary standards?

designed to help organizations meet organizational goals

complying is important because franchise value is affected by how perceived

What is Committee of Sponsoring Organization of Treadway Commission (COSO)?

establish controls to monitor and measure their compliance efforts

published guidelines for design, implementation, and evaluation of internal control system to ensure compliance with mandatory and voluntary requirements

What are compliance drivers?

• senior managers/ board of directors being held to higher standard of accountability

• stakeholders making more demands on management and requiring increased transparency

• compliance programs help organizations address their business risk and the events or actions that present risk

What is Chief Compliance Officer?

individual tasked with ensuring organization’s compliance with external requirements and with internal policies

What is the role of CCO?

must work with other members of organization to coordinate compliance efforts, monitor the compliance program, act as liaison on compliance issues, and promote education and awareness of existing and emerging compliance requirements

What are the types of bases of regulatory compliance?

rules based

principles based

risk based

evidence based

What is principles based regulation?

regulatory approach that identifies outcome that must be achieved and then allows regulated entities broad latitude to determine how to achieve that ouctome

What is rules based regulation?

regulatory approach in which regulators define specific rules that regulated entities are required to follow to achieve specified outcome

What are the differences between rules based and principles based regulation?

principles based:

• states desired outcome but leaves unstated manner in which outcome can be achieved

• requires more interpretation by both regulator and regulated entity

• regulated entity must demonstrate that it’s taking appropriate steps to achieve regulatory goal

rules based:

• stagnant and may slow to evolve to meet changing conditions

• tends to use one-size-fits-all approach to rule making

• conflicts can arise between standards set by different regulators

• create opportunity to evade intent of rules by following them precisely

What is regulatory arbitrage?

practice of circumventing unfavorable regulations by exploiting gaps and inconsistencies in competing regulatory system

What is risk based regulation?

farmework for identifying an addressing risks with available resources in way that will achieve greatest good

principles based approach: focuses on desired outcomes and not on steps taken

emphasizes efficiency, flexibility, and creativity in crafting solutions

What is evidence based regulation?

uses measurable indicators to create effective policies and regulations

What are the steps for developing risk-based regulatory framework?

• identify goals that need to be achieved and regulatory requirements to do so

• establish and communicate the regulatory risk appetite and level of acceptable risk tolerance for achieving goals

• employ risk managemnet techniques to formulate structure, policies, tools and approaches to be used to achieve goals

• create performance indicators to measure effectiveness of regulatory structure

• implement new regulatory systems

• review and revise regulatory systems

What is solvency II and Basel?

government regulatory standards that provide risk management guidelines for financial organizations

goal is a global financial system that is sustainable, resilient, and transparent

What are 3 pillars of solvency II?

qualitative financial requirements

risk management standards

reporting requirements

What is Solvency II?

governs EU insurers and empowers EU regulators to apply its requirements to worldwide operations of foreign insurers operating

requires insurer to have effective risk management systems, conduct own risk and solvency assessments, and establish effective internal control, audit, actuarial systesm

also required to meet solvency capital requirement

What are the Basel standards (Basel III)?

aim to strengthen the capital requirements of banks to guard against financial risks

How should financial institutions who adhere to Basel manage risk ?

• identify risk

• measuring exposures to those risks where possible

• ensuring that effective capital planning and monitoring program is in place

• monitoring risk exposures and corresponding capital needs on an ongoing basis

• controlling or mitigating risk exposures

• reporting to senior management and its board on institution’s risk exposures and capital positions

What are the objectives of compliance program?

• protect organization from liability, fines, penalties and losing customer confidence resulting from failure to comply with laws, regulations, internal policies

• provide assurance to key stakeholders that organization is in compliance with all laws

• receive benefits from external soruces for having effective compliance program

• create culture that encourages compliance

What are the 2 fundamental concepts of an effective compliance program?

using due diligence to prevent and detect criminal behavior

creating organizational culture that encourages legal compliance and ethical conduct

What is US Setencing Commission’s Guidelines Manual?

provides detailed guidance for corporations and other business entities on what commission consdiers effective compliance and ethics program

What are the departments responsible for maintaining compliance?

human resources

internal audit

operations

safety or facilities

What is HR?

complying with employment laws

What is internal audit?

oversight of financial compliance

What is operations?

product safety and environmental control

What is safety or facilities?

employee health and safety