Regulatory Insight: Ten Regulatory risk insights for Asia in 2015
By Niall Coburn
2015 will be the year that marks the end of major international regulatory reforms designed to
lessen the occurrence of another financial meltdown and a renewed emphasis on ethics and
customer responsibility. This article presents my ten regulatory risk insights for the Asia/Pacific
region for this year, which include, culture, conduct risk, lines of management responsibility and
accountability, customer disclosure, staff training and competency, AML (beneficial ownership),
cyber security governance, anti - corruption, terrorist financing with particular emphasis on
transactions in relation to ISIS, regulatory implementation and planning for final global reforms
arising from the G20 summit.
The year 2014 was a watershed for enforcement fines by regulators achieving mile stone
penalties that reigned in the activities of some of the most well known financial names on the
globe. This year regulators will shift emphasis towards prudential compliance and focus on
consumer protection. Emphasis will be on ensuring ethical conduct and implementing policy
recommendations in line with International standards such as capital adequacy and management
accountability.
Light at the end of the tunnel ending major regulatory implementation
2015 will be the year when Governments in the Asia pacific region and the rest of world are
perceived to have drawn a line in the sand about introducing more major regulation following the
G20 Summit. Governments have a renewed emphasis on creating positive economies for
businesses to flourish. There are remaining regulatory rules to be implemented to improve banks’
capital and liquidity positions and to make derivatives markets safer to reduce risks in the
financial system. There are also final policy measures being drafted to dampen risk channels
between banks and non-banks and strengthen the orderliness and predictability of the sovereign
debt restructuring process.
Finally firms can see the light at the end of the tunnel in terms of these major reforms that are on
the table. The new theme for the region is that regulators want firms to improve culture and
heighten ethical standards so that the interests of firms are aligned with customers.
However, current international Libor investigations remind us that firms are not of the woods yet
and there is still a lot room for improvement in terms of how firms do business and the need to
improve their perception in the market. Banks in particular, are looking introspectively to ensure
they are concentrating on strengthening their own resilience to deal with unforseen risks in the
market.
1. Improving Culture
The culture within a firm is a barometer that dictates the need and intensity of the amount of
regulation and supervision required. Prudential and financial regulators will increase their
attention on the culture of firms and, in the process, access what supervisory practices are in
place to monitor a firm’s culture. These sentiments are reinforced in the release of the recent
Financial System Inquiry (FSI) report in Australia, where it stated that, “Appropriate firm
culture is critical, but needs to be supported by proactive regulators with the right skills, culture,
powers and funding.”
Firms must concentrate on improving culture and aligning the firm’s interest with those of the
customer in the way business is being done. If there are customer complaints or issues, firms
must have an effective way of handling them, acting in the customer’s interests to fix issues in an
effective way that brings matters to resolution. The culture of a firm must ensure ethical values is
paramount in all its business operations.
The significant scandals by firms, who were fine last year by regulators, clearly indicated a direct
correlation between the lack of ethics in a firm’s operations and its involvement in regulatory
violations in comparison with those firms that were not involved in significant regulatory
breaches. This was more apparent in the US and the UK where significant fines were handed
down to numerous global banks in what was in some instances, intentional violations involving
weak oversight by management. Going forward, regulators will be expecting boards to be a
critical influence in leading from the top and instilling a culture that adheres to strong ethical
values with direct lines of responsibility for senior management in the business.
Additionally, Regulators will continue to come down hard on firms that fail to “self disclose”
material compliance or regulatory breaches in a timely manner. Disclosure with integrity is now
seen to be connected to a firm’s culture.
2. Conduct risk
There is a greater emphasis on “conduct risk”, which refers to the growing need for institutions
to reassess the way they conduct their business and how regulatory risks and expectations are
effectively managed within organisations. This area will continue to be a challenge to firms, not
only having to deal with regulatory obligations, but also increasingly being required to look at
the firm’s approach to monitoring, analysing and managing how they deal with customers. Banks
internationally, have paid billions of dollars in claims for the shortfalls in compliance and the
negligent way they have treated some of their customers. These reflect failure of systems and
oversight.
All governments and regulators are emphasising the fair treatment of customers and will expect
firms to ensure that financial products and services perform in the way that customers expect or
are led to believe. In making improvements in this area, firms will have to look at ways they can
improve customer outcomes in terms of product disclosure, accountability, technology and
improving complaints handling processes.
Firms have to define what good conduct looks like and agree how processes can be improved
frameworks established to assess risks and monitor ongoing work that needs to be done. The
very nature of conduct risk is for firms to continually review and monitor alignments with
customer products and regulatory requirements and seek feedback from the market to assess any
gaps.
2
3. Lines of management responsibility and accountability
Because some firms have such a complex management structure, when things go wrong and it
comes to pointing the finger at who was responsible, individual accountability is often clouded
or confused. This is an unacceptable practice, not only for a firm’s internal accountability but its
ultimate accountability to the board and shareholders. The board of directors should ensure they
understand the chain of accountability and who is ultimately responsible for each function. If
structures are too complex then they need reviewing and simplifying.
The UK are introducing laws that make senior managers and non-executive directors personally
liable for major breaches of compliance or regulatory requirements within their functions of
responsibility. This new framework is intended to focus on a narrower number of senior
individuals in a firm than under the current Approved Persons’ Regime. The changes are
designed to restore trust in financial services industry and clearly impose more personal risk on
senior managers and directors. The proposed framework has an extra territorial dimension in that
the laws will apply to individuals performing senior management functions whether physically
based in the UK or overseas and so will apply to some executives of global firms in Asia.
Although it is not the law in Asia, or even on the table, it may be helpful for firms to review their
senior manager framework and ensure that there is a clear line of responsibity for each function
of the business and that the structure is not overly complex. This will encourage senior
executives to take greater responsibility for their actions and will make it easier for both firms
and regulators to pin point individual responsibility and hold individuals to account for serious
internal compliance and regulatory failures.
4. Customer disclosure
Europe is leading the way in terms of pronouncements on product governance and Australia has
just released the Financial System Inquiry report (FSI) with recommendations on product
innovation and disclosure that may be wise for firms in the Asia Pacific region to consider.
Firms can improve processes by strengthening product issuer and distributor accountability. Poor
product design and distribution practices have disregarded consumer interests and contributed to
financial losses. Product accountability is a theme that regulators may be monitoring carefully
this year. For example, many customers in the past five years were sold units in managed
investment schemes or other financial products without the full risk and restrictions on exit
requirements being disclosed.
The FSI report emphasises that firms should consider producing less complex disclosure
documents and place more emphasis on the type of consumer who would be interested in buying
the product. Many disclosure documents tend to only emphasise high yields while playing down
3
the risk. Regulators in the region will be focusing on consumer protection with particular
emphasis being paid to representations and product information distributed to consumers.
Firms can alleviate these risks by putting in place a framework that concentrates on the type of
customers who would most benefit from the product to ensure that products match consumer
needs. Firms that promote fair treatment of customers by designing and distributing financial
products that suit customers are bound to have happier customers and less regulatory oversight.
5. Training of staff to ensure competence
Firms can raise ethical awareness and competencies especially of financial advisers, traders and
other staff by ensuring competencies and standards of compliance. Traders in particular came
under heightened scrutiny last year from the fall out in benchmark rigging. Firms appear to have
come under the most regulatory attention in Australia, UK, USA, Singapore and Japan. These
investigations are currently on going and will doubtless cause the institutions involved in
substantial legal costs and fines not to mention increased scrutiny from regulators.
Compliance with professional standards and ethical approaches to circumstances needs to be
actively monitored. Ongoing professional development – including technical skills, relationship
skills, compliance and ethical requirements need to be monitored to ensure that the firms
standards of conduct and professionalism are maintained. Firms should consider placing far
greater focus in the areas ethical training and education competancies. Compliance with
standards should be reviewed regularly and monitored.
6. Sanctions and beneficial ownership
Since 2009, there have been 24 global banks that have failed to disclose to US regulators that
they were knowingly dealing with sanctioned countries, such as Myanmar (Burma), Cuba, Iran,
Libya and Sudan. Most of this conduct was known to senior executives and senior compliance
individuals who chose to “turn a blind eye” to the activity because it was profitable for the bank
to do so. For this lapse in integrity, some global banks have paid billion dollar fines. There are a
number of banks who are requesting prosecution agreements with regulators in relation to
sanction violations.
The issues regarding money laundering, know-your-client, ultimate beneficial owners and
sanctions, have become so important with the down side of getting it wrong possibly ending up
in multi-million dollar fines. This important compliance area has to be appropriately resourced
with the right skill mix of individuals. Comprehensive reports must be produced and maintained
to establish compliance due diligence.
The actions by regulators have sent a clear warning message to firms around the world whose
strategy has been only to pay lip service to US sanction regulatory requirements. The extent of
these violations emphasise that banks in the Asian Pacific region have to be careful in taking
sanctions seriously and implement proper frameworks and if required, immediately disclose to
the regulator any material compliance issues.
4
AML – Beneficial ownership
There is greater emphasis by FATF on banks identifying the beneficial ownership of client
accounts or assets. The use of sham corporations as nominal account holders adds another layer
of secrecy between an account and its beneficial owner. These types of accounts make it
impossible for government authorities to determine the ultimate beneficiary of funds.
FATF has emphasised the need of banks to determine the ultimate beneficiary of accounts.
Regulators will place greater emphasis on firms to maintain relevant information, as they are
required by anti-money laundering regulations to know at all times who are ultimate owners of
the assets they manage.
7. Improved governance of cyber security
Cybercrime has developed over the past five years from interfering with systems to online fraud,
industrial espionage, theft of data, destruction of information and disruption of systems. In a
recent New York State, Department of Financial Services report on cyber security in the banking
industry, it was stated that “Cyber attacks against financial services institutions are becoming
more frequent, more sophisticated and more widespread”.
Three main risks for banks to understand the scope of the threat, are industry interconnection and
the compliance costs for preparing for an attack. Banks will need to start to collaborate in order
to deal with this growing threat, as the answers will not only come from government resources.
The rapid change of pace of technology makes it more crucial than ever for boards of directors
and senior management within institutions, to ensure that all functions are aligned and
sufficiently resourced. Executive management should be more involved in identifying the
institutions top cyber risks and understand how the organisation can combat them. A sound
understanding of cyber protection procedures are important, so that the board understands the
institution’s readiness to deal with cyber risks relevant to that firm. Executive management must
have an understanding of the following:

An agreed approach of the board towards the unique risk profile of the organisation;

Sound knowledge of IT management and governance ensuring the alignment of all
necessary functions to deal with cyber risks;

Procedures for incident response and event management;

Understanding of access controls and network security;

Procedures for vendor management;

Procedures for disaster recovery.
5
8. Anti-corruption
Firms must continue to place emphasis on fighting corruption and have the area properly
resourced within the firm and ensure those they do businesses with have a similar approach.
Corruption continues to remain one of the major themes in Asia and if not tackled head on will
thwart economic and financial prosperity in developing the region. Without out any doubt, China
has placed more emphasis on this area than any other country in the region. Since 2012,
President Xi Jinping has deepened China’s anti-corruption campaign – the question on
everyone’s mind is, “has it been effective”? The anti-corruption drive has been one of the
central policy stamps of his administration and its severity and duration appears to be surprising
everyone both within and outside China.
Other countries such as Australia, Malaysia, Indonesia and Thailand will have to start ramp up
their regulatory approach and take a more transparent heavy handed approach to fight corruption
in their respective jurisdictions. There is much firms can do in fighting corruption, including
having effective policies in place, vetting third party vendors and ensuring that compliance
procedures are robust and cases are actively pursued.
At the G20 last year, an anti-corruption plan was endorsed including enhanced mutual assistance
between jurisdictions and recovering the proceeds of corruption and the denial of safe havens to
corrupt officials. Further reforms are on the way that may affect firms and the approach of
regulatory agencies.
9. Anti terrorist financing with particular emphasis on transactions in relation to ISIS
Coalition forces have stepped up military action against ISIL in Syria and Iraq, which is
beginning to slow down its sources of its revenue. US Treasury Department estimates that the
organisation is continuing to obtain approximately US$1 million each day through illegal oil
sales mostly through Turkey. The FATF has stressed that more insight needs to be gained by
member countries into how ISIL is funded and transferring funds internationally.
Given recent terrorist attacks in Australia and Europe, firms will have to continue to be vigilant
and maintain scrutiny on suspect customers, money transfers to Turkey, Lebanon, Qatar and
Kuwait. Regulators are paying attention to money transfer business operators and especially
those operators who are informal currency transmitters such as Hawala operations.
10. Planning for overreaching financial global reforms and capital requirements
Regulators around the world know that another crisis will happen, and when its does, financial
institutions must be better prepared and stronger to face then they were in 2007/08.
.
Financial institutions will have to plan and prepare to implement the final set of policies that are
aimed at ensuring that globally systemically important banks have additional loss absorbing
capacity that will further protect tax payers and themselves in a crisis market. Other reforms that
are on the table are in relation to reducing cross border risks concerning derivatives, anti -
6
corruption, prudential supervision, disclosure, and the control of capital flows between banks
and non banks. Financial institutions need to ensure that they are prepared for implement the
next round of policy requirements and are resourced to do so.
Conclusion
2015 is about returning to basics - good service, honesty and integrity. This year will see the
finality of major regulatory reforms internationally intended to make financial institutions more
resilient, and it is the year where culture, ethics and conduct risk will form a central focus.
Although firms will have to implement compliance changes this year, the good news is that
governments have drawn a line in the sand on major international regulatory reforms and firms
can get on with doing business. At the end of the day ethics culture is paramount in ensuring
customer’s interests remain cenral, after all, these are the true internal guardians of a firm to
ensure its longevity.
7