Compliance & Corporate Governance

What is Compliance & Corporate Governance?

Below and on the additional pages in the side bar menu is an introduction to Compliance and Governance.  This may be useful if you are new to recruiting in this area.

In general, compliance means conforming to a rule, such as a specification, policy, standard or law. Regulatory compliance describes the goal that corporations or public agencies aspire to in their efforts to ensure that personnel are aware of and take steps to comply with relevant laws and regulations.


Due to the increasing number of regulations and need for operational transparency, organizations are increasingly adopting the use of consolidated and harmonized sets of compliance controls. This approach is used to ensure that all necessary governance requirements can be met without the unnecessary duplication of effort and activity from resources. Some examples of areas that Financial Service firms must comply include:
Risk and Compliance


The above demonstrates the varied risks and these are more relevant in some sectors than others leading to greater controls/regulations/Compliance.  Various sectors have both the same and unique risks and areas of compliance and this is where our specialisms overlap.  Risks have led to legislations, regulation and standards which many companies have to now comply with as shown above with main recent ones outlined below.

The legislative Landscape.

We have always had Compliance and Corporate Governance in one form or another, particularly in highly regulated sectors  e.g. Financial Services.

Compliance requirements are growing and after the causes of the financial meltdown or Credit Crunch were assessed we saw various legislation passed most influential are the Basel Accords created by the Basel Committee on Banking Supervision (BCBS) and led to CRD IV (Capital Requirements Directive 4). 

These focussed on many financial institutions capital adequacy and liquidity; their ability to absorb the risks they were taking under stress (stress testing), i.e. adverse market conditions.  They had to assess their Capital/Assets and these had to be broken down into tiers based on how risky they were considered to be with the institutions obligated to carry a specific amount of lower risk assets i.e. tier 1 capital so each risk was bucketed; weighted: (RWA) Risk Weighted Assets. 

Main Legislative Landscape affecting Financial Services since 2002:

2002     Sarbanes-Oxley Act (SOX)

2007     Money Laundering Regulations
 
AML/KYC (Anti Money laundering and Know Your Client) who are you dealing with? This gives rise to other acronyms e.g. PEPs (Politically exposed Persons) SARS (Suspicious Activity Reports and various bodies inside and outside government bodies create standards e.g. Joint Money Laundering Steering Group (JMLSG).

2009     Payment Services Directive (PSD) 

(implemented in the UK via the Payment Services Regulations 2009 (PSRs) - introduces SEPA amongst other things.

2010     Frank Dodd 

(July 21, 2010) To promote the financial stability of the United States by improving accountability and transparency in the financial system, to end "too big to fail", to protect the American taxpayer by ending bailouts, to protect consumers from abusive financial services practices, and for other purposes.

2010     FATCA 

(Foreign Account Tax Compliance Act). FATCA targets tax non-compliance by U.S. taxpayer with foreign accounts

2013    Basel IIl (builds on I & II)

2013     CRD IV (Capital Requirements Directive 4)

2013    Solvency II (second quick fix directive) full implementation due 2016.

 

Examples of Sector Specific Compliance/Standards:

Capital Markets Compliance

An area that may be considered by some as high risk is Capital Markets and this leads to specific legislations/Risk and Compliance in these areas examples are:

  •  MiFID
    (Markets in Financial Instruments Directive). On 20 October 2011, the European Commission (EC) adopted a legislative proposal for the revision of MiFID. The proposals take the form of a revised Directive and a new Regulation, which together are commonly referred to as ‘MiFID II’. 
     
  •  EMIR
    (European Market Infrastructure Regulation) introduces an obligation to report all derivatives to trade repositories; a clearing obligation for eligible OTC derivatives, measures to reduce counterparty credit risk (as discussed above as a risk factor) and operational risk for bilaterally cleared OTC derivatives, as well as common rules for central counterparties (CCPs) and for trade repositories.

Payments sector compliance:

  • PCI DSS 
    The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM and POS cards.
     
  • PSD/PSR (shown above)