Financial firms hit by flood of new rules

Posted on December 12, 2011 by

It is no surprise that the volume of regulatory activity has been steadily climbing since the financial crisis. But part of the story actually is what you don’t see – a huge spike after the passage of Dodd-Frank, whose implementing rules were generally required to be in place by the end of July 2011. While there certainly has been a rise year-on-year in total activity, roughly 80 percent of Dodd-Frank rulemaking remains to be completed. The rise in Dodd-Frank activity in December 2010 was largely attributable to proposals made by the SEC and CFTC, not final rules.

Despite the fact that over 60 regulatory events occur each day – everything from a speech which may signal the direction of a new regulation to a final binding rule – most of the work has yet to be done. In many cases, firms can’t even begin preparing for a new rule until the basic definitional issues have been established. When final rules begin to come out, firms will be scrambling to implement several major new rules simultaneously.

Additionally, the major regulators in the US, UK, Australia and Hong Kong together account for only 20 percent of activity. Firms that focus solely on these regulators will run the risk of missing important changes from other sources. Put differently, for every regulatory change made by one of the major regulators, there were four from the rest. This illustrates the magnitude of the challenge facing firms and the need for firms to keep abreast of what is going on in each of their markets.

Lastly, the fact that we see activity in all regions of the world does not mean that the rules being written will be the same or even similar. For example, capital requirements are being addressed by international agreements (Basel III), while others, like OTC derivatives regulation, are probably being slowed by attempts to coordinate efforts. Some areas, like hedge fund and rating agency regulation, are proceeding largely independently of each other.

To the extent that firms have to address topics differently across markets, the level of spending is bound to rise resulting in less money that the firms will have available to lend, invest, and execute on the core activities that are necessary to revive the global economy.

Posted in GRC | Tagged , , , , | Leave a comment

Nominees announced for Thomson Reuters 7th annual Compliance Awards

Posted on October 12, 2011 by

It is amazing how quickly a year flies by and how many new challenges the financial services legal and compliance community continues to address. This year’s nominations include some of the true industry leaders who set themselves aside through their achievements. We look forward to the ceremony in London on 17 November.

Read about the nominees here.

Posted in GRC | Tagged | Leave a comment

Should Asia play a lead role in global financial services regulatory reform?

Posted on October 4, 2011 by

This was one of the hot topics being discussed at the second annual Pan-Asia Regulatory summit in Singapore. Thomson Reuters Governance, Risk and Compliance, in conjunction with the Institute of Banking & Finance and colleagues from across Thomson Reuters, hosted over 580 leading players in the governance, risk and compliance community from across the Asia region.

The summit included several high profile speakers and panellists from leading financial services institutions, law firms, government bodies and regulators and featured a keynote address from Ravi Menon, Managing Director, Monetary Authority of Singapore. 

Sessions focused on issues specific to the region, such as structural changes and strategies of stock exchanges, the importance of an efficient Know Your Customer regime and local, regional and international compliance challenges. A  major theme of the conference was Asia’s role in the wider regulatory environment. Against the backdrop of continuing economic worries in Europe and the US, Asia remains a region in growth and this strength could be a great asset to the global regulatory community.

So, was there a consensus on what Asia’s role could, or should, be? Here are some highlights from the debate:

  • Jane Diplock, from Singapore Exchange Limited and former chairman of the International Organisation of Securities Commissions (IOSCO), believes that Asia is already leading regulatory thinking worldwide, due to the large number of key Asian decision makers in IOSCO committees. She commented that “Asian regulators are standard makers, not standard takers.”
  • However, Saline Wangtal of the Bank of Thailand pointed out that to take the lead in financial regulation worldwide, Asia would first have to lead the world economy and spearhead global finance – and the lack of infrastructure investment in Asia was creating a bottleneck to this happening.
  • This view was supported by Dr Eddy Fong, chairman of the Hong Kong SFC who said that the way forward was for Asia to ‘actively participate’ instead of trying to lead global financial regulation.
  • In one of the final panel events, Sharon Craggs, Head of Compliance for Standard Chartered ask “Where are the heroes?” She said that Asia needed strong leaders in compliance to prepare for the forthcoming change in regulations.

What are your views on this topic, should Asia be a leader, or an adopter of global regulatory change in financial services

Posted in GRC | Tagged , , | Leave a comment

Re-directing Investment from Trade Risk Management to Operational Risk Across the Enterprise

Posted on September 23, 2011 by

You will see today the announcement that Vista Equity Partners and Thomson Reuters have signed an agreement where Vista has made a binding offer to buy the Thomson Reuters Trade and Risk Management Business. This is part of our ongoing strategy to re-direct investment and management focus away from trade and VaR (Value at Risk) assessment and concentrate on managing operational risk across the enterprise.

The financial crisis was not caused by a lack of sophisticated models; it was caused by poor controls. Our clients across financial services and all industries are looking to us to supply simple, but effective tools where risk can be assessed, managed and controlled across the enterprise, and reported back to the board in a transparent way.  This is exactly our focus; we already have a sophisticated risk management provision used by clients on the Enterprise GRC platform, and we are in the process of upgrading this capability – more news will follow shortly.

Posted in GRC | Tagged , , | 1 Comment

Majority of UK company boards exposed to potential security breaches

Posted on September 21, 2011 by

No company should be complacent about security, particularly today given the large amount of reported hacking and cyber attack incidents. With so much money spent on IT security, it seems like UK companies in particular are missing their weakest and most vulnerable link – right at the board level.

Click here to read the results of a recent Thomson Reuters survey that looks at information theft and the corporate board.

Posted in GRC | Tagged , , , , | Leave a comment

Is Trust Enough?

Posted on July 20, 2011 by

This is an important time for those of us in the governance, risk and compliance market.

Every day, as we see new revelations about alleged phone hacking and bribery in News Corporation and the UK’s Metropolitan Police, we are reminded of the risks that poor governance and control can bring – the exact risks our GRC business is trying to help our customers manage and avoid. Bribery, gifts and gratuities policies, regulatory oversight, the role of audit and compliance – topics that are currently front page news the world over.

As the story progresses, the discussion is turning from specifics about one organisation to an in-depth debate about good corporate governance. One of the most interesting discussions is around the need for companies to not only ensure policies are in place and are being adhered to, but also that process can be clearly audited so that the board has true oversight of what is going on in their firm. It is becoming increasingly clear that it is no longer enough for a chairman to trust people to do the right thing and tell them when things go wrong. The concept of ‘willful blindness’ – which states that if there is knowledge that an executive could or should have had, but chose not to, the executive is still responsible – means that saying you ‘did not know’ is not good enough. You have to show that you have made every effort to know - and demonstrate that the processes and controls are in place to ensure this.

With penalties under the US’s Foreign Corrupt Practices Act (FCPA), and now the UK Bribery Act, holding senior executives and board members to account, there is a clear need for connectivity between the compliance and audit activities and the overall corporate governance of an organisation. And this needs to be managed at all levels. It’s clear that the actions of all areas of a company need to be considered, and that it is often the smaller parts of a company’s operations that present the highest, unknown risks – as Murdoch stated this week, the News of the World was only 1% of the total business for News Corporation.

What recent events have shown us is that now, trust is not enough. All organisations need to have the right processes and controls in place to truly know what is going on in the business. The next generation CEO and Chairmen in front of committees such as these we are seeing this week will need to be able to say: “I knew, because I made it the job of people on my team to know, and we put the processes and controls to know if we did wrong or harm.” Will we see companies making this investment in process, controls and culture? Or will the Board continue to rely on trust alone?

Posted in GRC | Tagged , , , , , | 4 Comments

THOMSON REUTERS POSITIONED IN THE LEADERS QUADRANT OF THE MAGIC QUADRANT FOR ENTERPRISE GOVERNANCE, RISK AND COMPLIANCE PLATFORMS

Posted on July 19, 2011 by

Thomson Reuters (accelus.thomsonreuters.com) recently announced it has been positioned by Gartner, Inc. in its Leader’s Quadrant of the Enterprise Governance, Risk and Compliance Platforms Magic Quadrant. This is fantastic news. We believe being positioned in the Leaders Quadrant by Gartner is confirmation of our strategy and the vision behind the GRC business unit.

This Gartner Magic Quadrant for enterprise governance, risk and compliance (EGRC) platforms presents a global view of Gartner’s assessment of the main software vendors that should be considered by organizations seeking a technology solution to support the oversight and operation of enterprisewide risk management and compliance programs, with the overall objective being improvements in corporate governance and the ability to achieve business objectives. To learn more about the report, please read the recent press release.

What we frequently hear from our customers is that an effective GRC initiative requires both access to up-to-date regulatory information, and software to manage the workflow for GRC business processes. While there are many definitions of GRC systems, this report provides a good overview of the GRC technology marketplace. I invite you to read the full report with complimentary access at this link.

As we grow and invest in our GRC business, it is our goal to continue to build leading products that produce dynamic connections between internal audit, risk management, policy management and compliance.

Posted in GRC | Tagged , , | Leave a comment

UK Bribery Act – Another Banking Issue?

Posted on June 21, 2011 by

Last week we hosted a customer forum with over 300 attendees. During the event a key topic of conversation was the soon to be in place (1 July) UK Bribery Act. The discussions closely mirrored a recent survey we conducted. What I heard – and the survey confirmed – is that very few companies say they are not ready (1 in 5 according to our survey) or that the board is not engaged (only 1 in 6 have had explicit board discussions). Board engagement is a requirement of the act.

The thing that struck me was that whilst the Serious Fraud Office might have fewer resources, the Financial Services Authority might take a strong role in enforcement – this is clearly a risk for many financial services firms, particularly the smaller companies who cannot afford the large expensive programmes and who tend to rely on third-parties across the industry.

Learn more about the survey here

Posted in GRC | Tagged , , , , | Leave a comment

ENTERPRISE RISK MANAGEMENT

Posted on May 3, 2011 by

As part of the Q1 2011 earnings announcement last week, Thomson Reuters announced the proposed sale of the Enterprise Risk business, which is the Trading Risk Management business of the Enterprise business unit of the Markets division. As part of this announcement, I have received several inquiries as to why the Thomson Reuters Governance, Risk and Compliance (GRC) business unit would be decreasing the focus on enterprise risk management. That is clearly not the case.

Let me explain. The industry often associates the term “enterprise risk”, with the identification, assessment and management of strategic, process, and operational risks across the organisation or enterprise. The business processes under this classic definition of enterprise risk management, supported by audit, compliance, and risk professionals, remains a core focus and investment area of the Thomson Reuters GRC business unit. To bolster our current market position, we have plans to invest significantly this year to extend our existing capabilities in this area.

I look forward to sharing with you news of our future investments as they are announced and the continued milestones achieved by the Governance, Risk and Compliance business unit.

Posted in GRC | Leave a comment

The Pace of Regulatory Change

Posted on April 20, 2011 by

Today marks the launch of Thomson Reuters Accelus, our comprehensive suite of products for Governance, Risk and Compliance. For us this might be a major milestone, but for our customers, their major concern remains what to do about the avalanche of new regulations and the uncertainty, risk and implementation challenges that accompany these changes.

Having recently published the results of our annual survey of compliance and risk professionals,—where over 70 percent of respondents indicated that global growth is being slowed down by regulation—there have been varied reactions. Some people are not surprised; new and more effective regulation is the fix required to the banking crisis, others are in the opposite camp (Alan Greenspan included); regulation is now slowing down global growth. 

Regardless of where you may be on this debate, the reality is that the current volume of new regulation will continue and highly regulated firms must deal with the impacts. They need better regulatory intelligence, better policies and controls, more automated solutions and better implementation. The board understands this (at least according to our survey set).

One big take away for me though is that collaboration, both inside and outside the firm, is essential (according to 94 percent of survey respondents). It is no longer sufficient to have a weekly meeting between risk, audit and compliance and then go on with the normal work. Their roles will always remain different and separate but they need to be connected with the same underlying risk and control data in order to be more effective.

Posted in GRC | Tagged , , , , | 1 Comment