Governance and Trust Committee Structure
FIRMA 21st National Training Conference
Julia Fredricks, SVP- U.S. Chief Compliance Officer
Harris Financial Corp
April 18, 2007
Agenda
 Purpose and design of board and management committees
 Expectations of regulators
 Committee structure example
 Advantages/disadvantages to different structures
 Key accountabilities, members, and responsibilities of committee
 Useful tools/protocols
 Balancing needs of separate legal entities governed by different
regulatory agencies
1
Governance and Trust Committee Structures
 Strong management and board oversight is a key element to a strong
internal control and risk management structure.
 A strong governance and trust committee structure both at the
management and the board level allows for effective oversight and is
indicative of a commitment to risk management and internal control.
 The Fed, the OCC, and the OTS expect institutions with trust powers to
have active executive management and board involvement. The SEC
expects a strong “culture of compliance”.
 For complex organizations, I believe this is managed most effectively
through a committee structure. This should be customized at each
institution in terms design and activities, lines of businesses and legal
entities.
2
Expectation of Primary Regulator - OCC
 Board and Senior Management have key responsibilities
 Must recognize their responsibility to provide proper oversight of asset
management activities, and the official records of the board should clearly reflect
the proper discharge of that responsibility.
 Must understand the asset management business, how asset management activities
affect the bank’s position and reputation, the bank’s regulatory environment, and
other external market factors.
 Establish the strategic direction, risk tolerance standards, and ethical culture for
asset management activities.
 Adopt and implement an adequate and effective risk management system.
 Monitor the implementation of asset management risk-taking strategies and the
adequacy and effectiveness of the risk management system in achieving the
company’s strategic goals and financial objectives.
 Senior Management responsibility for effective risk management systems
Ensure the development and implementation of an adequate and effective risk
management system composed of risk assessment, control, and monitoring processes.
 Board of Directors and Senior Management Commitment
 Establish and guide the strategic direction for asset management activities by
approving strategic and financial operating plans.
 Create a risk management culture that promotes strong ethics and an environment
of responsibility and accountability that is fully accepted within the banking
organization.
(Asset Management Comptrollers Handbook December 2000)
3
Expectation of Primary Regulator - FED
 Board of Directors key responsibilities
 Approve overall fiduciary business strategies and policies including those related to
identifying, measuring, monitoring and controlling fiduciary risks.
 Understand the nature of the risks significant to their organization and ensure that
management is taking the steps necessary to manage these risks.
 Senior Management key responsibilities
 Implement approved strategies in a way that will limit fiduciary risks and ensure
compliance with laws and regulations
 Fully involved in the fiduciary activities of their institution
 Have sufficient knowledge of all fiduciary business lines to ensure that necessary
policies, controls and risk monitoring systems are in place and that accountability
and lines of authority are clearly set forth
 Ensure that its lines of fiduciary business are managed and staffed by persons with
knowledge, experience, and expertise consistent with the nature and scope of the
organization's fiduciary activities
 Before offering new services or introducing new products, identify fiduciary risks
associated with them and ensures that internal controls are in place to manage the
service or product and the accompanying risk
 Approve appropriate policies, procedures, recordkeeping systems and reporting
systems to support the fiduciary activities and to help measure and monitor risks
 Establish procedures to keep informed about changes in fiduciary activities and the
associated risks
(SR 96-10 (SPE) April 24, 1996 - Risk-Focused Fiduciary Examinations )
4
Expectation of Primary Regulator - OTS
Responsibilities of the Board of Directors and Management
 hiring and retaining competent personnel
 ensuring that adequate management is in place to control risks
 instituting adequate policies, processes and controls that consider the size and
complexity of the savings association’s trust and asset management activities
 establishing effective risk monitoring and management information systems
 Directors are responsible for retaining and performing general supervision over
the exercise of trust powers
 Directors must be sufficiently independent of corporate affiliates and personal
conflicts of interest to properly serve the interests of the savings association
 Directors are responsible for the prudent investment and disposition of
property held in a fiduciary capacity
 ensuring that an annual audit is conducted
 ensuring that a record of pending litigation is kept
 The board should ensure that the trust department’s management information
and data processing systems are adequate to provide the type and quantity of
reports necessary to assess and monitor the trust department’s performance
 The board should ensure that corrective action is effectively implemented
when deficiencies are reported
(OTS Trust and Asset Management Handbook)
5
Expectation of Primary Regulator - SEC

The Advisers Act incorporates an adviser's fiduciary duty under Section 206, and
envisions that, in whatever factual scenario, the adviser will act in the best interests
of his clients. As a fiduciary, an adviser is held to the highest standards of conduct
and must act in the best interests of its clients.

Compliance Program rule, Rule 38a-1, requires board approval of the fund's policies
and procedures and those of each investment adviser, principal underwriter,
administrator, and transfer agent of the fund, and requires an annual report by the
Chief Compliance Officer to the board.

Recent Investment Advisor request letter suggest that active management and Board
involvement is an inherent expectation:




“Registrant’s overall process for and commitment to establishing and
maintaining an effective compliance culture (its “tone at the top”).
“A copy of the minutes of any risk committee meetings that were held
during the inspection period. Please note that advisors are not required to
have a risk committee.”
“Copy of risk management reports that show/illustrate the measures used
to manage risks in client accounts, such as leverage, beta, concentration,
and performance attribution analysis”.
“Copy of investment management committee minutes”.
6
Board and Management Committee Structure – Example
Board of Directors
Directors Trust Committee
Fiduciary and Investment Risk Management Committee
Bank Investment Policy Committee
Subsidiary Investment Policy Committees
Code of Ethics Compliance Committee
Proxy Advisory Committee
7
Board Committee Structure – Example
 Directors Trust Committee responsibility:
 The DTC is responsible for performing duties to enable the Boards of Directors to
fulfill their oversight responsibilities in relation to: oversight, including proper
risk management and control, of the operation of fiduciary activities of
subsidiaries, and oversight, including proper risk management and control of the
operation of non-fiduciary investment related activities of the subsidiaries. In
addition, certain fiduciary and non-fiduciary activities of subsidiaries are
organized and managed in a manner that is closely intertwined with the
activities otherwise within the purview of the Committee. This Committee shall
oversee such activities to the extent of such interrelationship. The DTC is
granted the authority to define the general scope, content, and direction of
fiduciary and non-fiduciary investment-related products and services for the
organization.
 Key reporting items:
 Material Risks
 Emerging Risks
 Significant Events
 Near misses
8
Management Committee Structure – Example
 Fiduciary and Investment Related Activities Risk Management Committee (FRMC)
 The Fiduciary and Investment Related Activities Risk Management Committee is
established to serve as a forum to review, inform, consult, discuss, and approve
significant risk issues and action plans addressing current and emerging risks that
arise in the course of executing the organization’s strategy in trust, probate,
guardianship, conservatorship, and certain investment management, investment
advisory, securities and custody activities. It is established to ensure major risks
arising from these activities are understood, quantified, documented, mitigated
where appropriate, and constrained by policy and directives as necessary in
order to balance risk and return in such activities and businesses.
Key reporting items:
 Material Risks
 Emerging Risks
 Significant Events
 Near misses
9
Management Committee Structure
 Committees can be structured by department, by legal entity, or by holding company.
 By Department or Legal entity:
 Advantages:

Allows for focused discussions on key topics

Allows for open communication

More control over committee dynamics
 Disadvantages:

Lack of independent view or assessment of issues

Limited ability to escalate issues

Lack of tie to board of directors

Potentially significant issues may not receive appropriate level of attention
10
Management Committee Structure (cont’d)
 By holding company - Advantages:
 Particularly in light of “Enterprise-wide Risk Management”, a committee that crosses
legal entities and department boundaries becomes a useful tool
 The risks of one line of business could affect another – open discussion allows for
more complete analysis and assessment
 What may be an acceptable risk at one level may be unacceptable when aggregated
at a higher level
 Exam experiences can be shared across entities
 Can be used as a precursor to the holding company board meeting
 Disadvantages:
 Additional examiner scrutiny and potential scope creep
 Management may not be comfortable holding open and frank discussions in presence
of other LOBs or legal entities
 Meeting dynamics may become difficult to manage
 Potentially opening more information to discovery inquiries in litigation against one
legal entity
11
Key Committee Accountabilities and Responsibilities
 Provide oversight:
 Governance
 Approve policies, directives, standards
 Approve new and modified products, initiatives, services, and distribution
channels
 Review of assessments used to determine adherence to policies, operating
procedures, and strategic initiatives
 Review management reports on operational and performance results
 Cross-enterprise view of topics
 Key elements to be discussed/considered by committee:




Significant risk issues and management strategies;
Significant changes in strategies, products, services, and distribution
channels;
Significant changes in organization, policies, controls, and information
systems; and
External factors that are affecting services.
12
Key Committee Accountabilities and Responsibilities (cont’d)
 Escalate issues:
 Review of material risks, emerging risks, significant events, and near misses
 Committee used as a forum to facilitate the resolution of risk issues. Issues arise
from:
 Risk and Control Self Assessments (“RCSAs”);
 Audits, exams, compliance reviews;
 new or modified product recommendations;
 changes in laws or regulations;
 Code of Ethics;
 Conflicts of Interest; or
 Litigation
 Issues may not be significant at lower level subsidiary or department, but when
viewed in aggregate, trends may emerge or issue becomes more prominent
 Committee assesses the responsiveness to deficiencies and the effectiveness of
corrective action and follow-up activities
 The Committee then escalates to: Board, Executive Management, CEO
13
Key Committee Accountabilities and Responsibilities (cont’d)
 Fix accountabilities
 Each issue raised is assigned an accountable executive. Ensures resolution of
significant items
 Issues are tracked through to resolution
 Report activities that will be escalated to the board committees
 Allows forum to review Board materials to ensure they are appropriate, complete,
accurate
14
Key Members
 Who your key members are is determined by the scope of the committee – some
examples:
 Management of areas with fiduciary risk or asset management responsibilities











Institutional Trust
Custody
Land Trust
Personal Trust
Employee Benefit Plan area
Insurance
Safekeeping
Retail broker/dealer
Investment advisor
Proprietary mutual funds
Operations
 Management of Corporate Support Areas




Fiduciary Risk Management
Fiduciary Counsel
Compliance
Audit – key “permanent guest”
15
Useful Tools/Protocols
 Timing of meetings: Useful to be 1-2 weeks prior to Holding Company board and
committee meetings
 Materials provided to members no less than 3 days prior to meeting to allow for
review
 Open items list
 Reports to be presented to provide status on outstanding items
 Outstanding audit, RCSA, exam, compliance issues
 Calendar/Standing agenda including, at a minimum periodic reports from:
 Corporate Audit
 Corporate Compliance
 Legal
 Risk Management
 Operations – operational risk issues
 Line of Business – performance issues/status
 Attendance list, reports of attendance
 Minutes
16
Open Items List Example
Date of
Meeting
Individual
Responsible
for Item
Original
Date Due
Revised
Due Date
Source of Item
(Audit, Exam,
Compliance
monitor, RCSA,
other (specify))
Action Item
Status of Item
02/15/07
J. Smith,
Fiduciary
Counsel
05/17/07
n/a
Regulatory
Development
Assess impact of
Regulation R – Broker
Push Out Rules and
assign responsibility for
each unit impacted
Meetings have
begun. Update
to be provided
11/15/06
F. Jones,
COO XYZ
Subsidiary
02/15/07
5/17/07
Exam Issue (SEC
Exam of XYZ
subsidiary dated
10/31/06)
Ability to readily retrieve
emails of employees
criticized. Automated
solution to be
implemented.
Implementation
more time
consuming than
anticipated.
Extension to
05/17/07
requested.
17
Annual Calendar Example
FRMC -- 2007 PLANNER
AGENDA ITEMS
15-Feb-07
17-May-07
16-Aug-07
15-Nov-07
Approval of Minutes
X
X
X
X
Review of sub-Committee minutes
X
X
X
X
Emerging Issues (as required)
X
X
X
X
Report of Chief Auditor
X
X
X
X
Report of General Counsel
X
X
X
X
Report of Chief Compliance Officer
X
X
X
X
Report of Chief Risk Officer
X
X
X
X
Review of 90 Day Write-Off and Recovery Report
X
X
X
X
Quarterly Differences and Losses
X
X
X
X
REVIEW OF MINUTES
STANDARD AGENDA ITEMS
AGENDA ITEMS UNIQUE TO A PARTICULAR MEETING(S)
Business Unit Report of Activities
- Personal Trust
X
- Investment Advisor Subsidiary
X
- Broker/Dealer sub
X
Policies and Procedures Update
Assessment of New Products and/or Services
X
As Needed
As Needed
As Needed
As Needed
18
Sample Report – Report of Chief Compliance Officer
 Chief Compliance Officer utilizes this as a precursor to reporting to the Audit
Committee. Information is provided in slightly more detail, discussions are more
detailed, and focus for this committee is fiduciary activity only.
 Top 3 issues identified or being monitored
 Results of compliance monitor activities
 Information on Compliance training
 Legislative and Regulatory Developments
 Communication with Regulators – Exam activities
 Summary of Corporate Audit and RCSA reports impacting Compliance
19
Balancing needs of separate legal entities governed by
different regulatory agencies
 In large complex banking organizations, it is not uncommon to have subsidiaries
governed by the OCC, Fed, SEC, NYSE, NASD, and potentially others.
 Can be managed through dual reporting structures – one line to the corporate
group, one line to the legal entity executive
 Assess issues and risks at the entity level, then secondarily assess their impact on
the line of business and organization as a whole
 Utilize knowledge gained from exams and audits in one subsidiary to perform an
assessment of other subsidiaries prior to their own exam or audit.
 Ensure there is strong communication and reporting between the entities and the
corporate area consolidating the information – impress upon the subsidiary the
usefulness of being part of a larger organization
 Be cautious/wary of subsidiaries that wish to operate autonomously, who are not
forthcoming, who do not recognize that they are part of a larger organization
20