finance
monthly
Personal Finance. Money. Investing.
Contribute
Newsletter
Corporate

Danske Bank AS announced on Monday that CEO Chris Vogelzang has resigned after being named as a suspect in connection with an investigation into potential violations concerning the prevention of money laundering at ABN AMRO in the Netherlands.

Vogelzang held several positions at ABN AMRO between 2000 and 2017, including as its head of global retail and private banking activities and as a member of its management board. In a statement on Monday, he said that he would step down to prevent speculations about his person interfering with the development of Danske Bank.

“I am very surprised by the decision by the Dutch authorities,” said Vogelzang. ““I am very surprised by the decision by the Dutch authorities. I left ABN AMRO more than four years ago and am comfortable with the fact that I managed my management responsibilities with integrity and dedication.”

“My status as a suspect does not imply that I will be charged.”

Karsten Dybvad, Chairman of Danske’s board of directors, commended Vogelzang for his efforts at the company. “He has been instrumental in the initiation of the ongoing transformation of Danske Bank and the progress and results it has already created,” Dybvad said. “We fully understand and respect his decision and thank him for his huge efforts.”

Danske has tapped Chief Risk Officer Carsten Egeriis to replace Vogelzang as CEO, effective immediately. Director Gerrit Zalm has also elected to resign from the bank’s board effective today.

[ymal]

Danske Bank previously became the subject of a money laundering investigation after admitting that it failed to appropriately vet about $230 billion in transfers through its branch in Talinn, Estonia, primarily by Russian clients, between 2007 and 2005.

Proposals to break up the dominance of the so-called “Big Four” audit firms and scrap the industry regulator have been unveiled by the UK government.

The aim of the proposed reforms is to improve regulatory standards and force company directors to take greater responsibility in ensuring accounts are accurate. Failure will result in the imposition of new, tougher penalties.

The plans to overhaul the sector come in the wake of the large-scale collapse of several prominent companies including Thomas Cook, Carillion and BHS. These collapses were cited by business secretary Kwasi Kwarteng as evidence that the UK audit regime “needs to be modernised with a package of sensible, proportionate reforms.”

“Restoring business confidence, but also people’s confidence in business, is crucial to repairing our economy and building back better from the pandemic,” Kwarteng said. “When big companies go bust, the effects are felt far and wide with job losses and the British taxpayer picking up the tab.”

The government’s new proposals would require KPMG, Deloitte, PwC and EY – the “Big Four” firms in the global accountancy and audit industries – to make their auditing processes more rigorous, and could place a cap on the number of FTSE 350 companies they are allowed to audit if these improvements are judged to be lacking.

Almost a third of FTSE 350 audits inspected last year were in need of improvement, the government said.

[ymal]

To “water down the supremacy” of the largest auditors, the government’s proposals suggest that big firms be required to use smaller “challenger” firms to conduct a portion of their annual audit. This is also intended to mitigate concerns of conflicts of interest arising from large firms providing both accountancy and auditing services.

The extension of IR35 payroll legislation is forcing the private sector to reassess employee bases and business structures, and the big question is whether businesses are ready.

The short answer is no. There’s still a lot of work to undertake, and failure to fully prepare could result in significant labour supply issues, business continuity challenges and liabilities for tax, national insurance contributions, interest and penalties.

We’re finding many businesses still don’t know exactly how many off-payroll workers they have, and some haven’t yet taken steps to prepare. There’s also still a lack of confidence in determining employment status for contractors.

At a sector level there’s confusion in construction in particular, stemming from the interaction between IR35 and the Construction Industry Scheme for tax deduction (CIS). Many people have assumed CIS is a way to avoid IR35, but HMRC is clear: IR35 takes precedence over CIS.

If companies are robust in their preparations the move to IR35 presents a wealth of opportunity. It’s a time for businesses to re-evaluate their current workforce and project delivery operating models to ensure they really deliver the best possible value for money. Is it time to bring some roles on-payroll, or to engage a third party? With this assessment companies can determine the optimum model for future business growth.

Below Finance Monthly hears from Steve Moss, Founder and CEO at P2P lending specialists Sourced Capital, on the ins and outs of the FCA regulations, the overall plans behind the new rules and what investors can expect when applying for financing.

These stricter onboarding measures now require potential investors to answer a number of questions focused around investment, to ensure they possess the required knowledge to make educated decisions when investing, thus improving the sector for investors from a quality control standpoint and ensuring they receive a greater level of security and protection, a positive for P2P lending industry as a whole.

At our firm we place investor welfare at the heart of their business model and see these regulatory changes as the first step towards a more transparent, investor-friendly sector. We've recently invested in a new platform that provides a simpler and easier user experience for customers in anticipation of these industry changes, so that while standards progress, the ease at which someone can invest remains the same.

The platform means that customers can transfer their ISAs online and use it to invest in property instantly with e-wallet control on their integrated dashboard. Investors can also invest with their SIPP or SSAS pension, or regularly with cash.  The company also uses regtech processes such as an anti-money laundering check (AMC) and know your customer (KYC) identification checks. The AMC and KYC checks are in place to verify the identity of individuals carrying out financial transactions and screen them against global watchlists.

[ymal]

But while Sourced Capital has worked hard to keep the process as straight forward as possible, these latest changes have still left some investors a little deterred, so what should you expect when tackling these newly introduced questions?

The areas covered to ensure investor knowledge are quite robust and include but are not limited to topics such as: -

While this may sound daunting, the process is designed to really boost the level of investor knowledge and this will be gauged through questions such as:

When Underwriting a Loan for a New Project Sourced Capital will:

❌ Do no Due Diligence at all as Lenders Will Do Their Own Research

✅ Sourced Capital Carries out Due Diligence Internally and Remotely. Though Lenders Are Advised to Carry Out Their Own Research on Every Investment They Make.

How should you manage the risk of your investments?

❌ Put all my money into Peer to Peer Lending

✅ Build a diversified investment portfolio covering many different investment classes after seeking independent financial advice

I Have Invested with Sourced Capital and Received Great Returns, This Means:

❌ I Will Continue to Always Receive Great Returns, My Capital is Not at Risk.

✅ Past Performance of Investments is Not an Indication of Future Performance. Each Investment I Make Should be Considered Individually

These stricter onboarding measures now require potential investors to answer a number of questions focused around investment, to ensure they possess the required knowledge to make educated decisions when investing, thus improving the sector for investors from a quality control standpoint and ensuring they receive a greater level of security and protection.

But are these measures enough?

They are at the very least, a step in the right direction.

The Peer 2 Peer sector has received some stick over the years and as you’ll find with all business areas, there are certain less scrupulous types that sometimes drive this, whilst some of us have been working hard to raise the bar. These latest regulatory changes by the FCA are a positive step in the right direction in terms of improving standards and investor welfare across the board, and the extensive knowledge now required will ensure that investors are far more educated than previously and not only does this help them in terms of the decisions they will make, but it helps improve the quality of the sector as a whole.

Of course, there is always more that can be done and until this is introduced at the top level, it’s the responsibility of us as sector professionals to drive positive change. For example, all our investors get a first charge against the property invested in, which gives a greater level of protection and lowers risk but is something that not all platforms do.

We always recommend that investors only opt for FCA approved companies which again reduces risk, while we also only loan at maximum loan to value of 70%. We also offer all investors the chance to view a project and to learn directly from us which again, is something that other platforms don’t offer, but for us, it provides greater transparency and trust while helping improve knowledge on a particular investment.

New challenges are being laid down and to remain relevant, businesses are facing tough decisions on how to best align to the current economic climate.

With significant change comes great opportunity. As we step into 2020 and the next decade, Stephen Magennis, MD for UK Quality Business at Expleo, acknowledges that in spite of market challenges, it is an exciting time for businesses who are looking to use technology to drive their future success.

The Biggest Change of the Past Decade: Fast money

Currency has been used to trade in exchange for goods and services for millennia. Each evolution has been prompted by a shift in convenience. Bartering? Too variable. Bronze replicas? Too cumbersome. Metal coins? Too heavy. Paper? Too bulky.

For a long time, plastic cards seemed to have cracked the problem: easily portable, quick, convenient. Then Apple launched the iPhone in 2007, which represented a seismic cultural shift in how we go about our daily lives.

This one device enables us to stay connected and productive in so many ways, that it was inevitable it would also be the catalyst for another evolution in the story of currency. Contactless payments are designed to be seamless and convenient. One tap, and the shopper is on to their next errand. Simple.

Arguably, of all the technologies which have emerged over the last ten years, contactless payment has claim on being the most impactful on our daily lives.

Arguably, of all the technologies which have emerged over the last ten years, contactless payment has claim on being the most impactful on our daily lives.

Here it is worth thinking of the proverbial swan, calm and collected floating on the lake’s surface, yet paddling away under the water. The technology used to deploy, integrate and support contactless systems is complex. Layers of data and functionality are in play, with security constantly being tested, reviewed and enhanced so users can remain confident that their money is protected.

Across travel, retail, entertainment and beyond, experts are already looking for the next technology evolution in the payment space that will ensure customer experience remains paramount. In the early 2020s, we are likely to see regulation technology move into the spotlight while biometrics become mainstream.

The businesses leading the charge will be those who can ensure systems are fit for purpose, delivering a simple user interface and offering rigorously-tested security.

[ymal]

The Differentials to Come in the Next Decade:

  1. Winning the data war

Managing data in a way that combines and analyses knowledge from across global organisations is still a major challenge. Stricter data integrity and protection laws, heavy fines and lower customer trust won’t make this critical opportunity any easier to grasp.

However, those that can master big data, real-time analytics and enhanced cognitive capabilities will be better equipped to counterstrike the Fintech threat and remain relevant.

  1. Guaranteeing financial resilience

Since the 2008 banking crisis, regulators have forced institutions to swell their reserves in case of another crash. With the growing dependency on technology – and the potential threat of disruption from cyber terrorism, outages and data breaches – Financial Institutions (FIs) may soon need to guarantee their operational resilience too. Or they may choose to advertise resilience as a competitive advantage.

  1. Making use of robotics

AI assistants and humanoid robots are constantly evolving. These technology advancements are key for FIs becoming cognitive – replicating the human ability to learn and respond to the preferences of customers.

That said, there is still work to be done in convincing customers that a personalised service from a chat bot who can understand your speech, gestures and even your facial expressions is a good thing.

  1. Do not write off the human touch

One of the many benefits of digital transformation is its ability to automate the most routine office tasks. Undoubtedly, this upheaval will cause widescale restructuring in FIs. However, employers will still need people with the soft skills, who can create a human experience for customers and keep the brand relevant to everyday community life.

To the future

As technological advances revolutionise FIs, efforts to drive efficiencies, improve processes and overhaul supply chains will become central to delivering best-in-class customer service.

The challenge for FIs, is to assure that whilst these innovations offer significant benefits to businesses and consumers alike, transparency and trust is set to become the ‘crucial’ offering.

According to Ken Charman, CEO of uFlexReward, this appears to show that the private sector, despite their concerns about how the reforms played out in the public sector, are ready to embrace the new measures when engaging limited company contractors.

Kate Cottrell, one of the UK’s foremost IR35 experts has slammed these organisations for their blanket approach stating: “It is a real shame that these organisations have not waited a little while longer when we should have the final legislation and updated guidance from HMRC on a host of issues…” but their decision to comply ahead of the deadline, clearly demonstrates the mounting regulatory pressure on organisations today.

For companies like Barclays and Lloyds with potentially lots of contractors, complying with the new IR35 rules will be a huge amount of work.   However, it also provides an opportunity to assess whether the current systems they have in place enable them to accurately report on their human capital assets, including the contractor workforce.

Accounting for Total Labour Costs

It is becoming increasingly important that organisations understand and report on their human capital assets in a transparent way to existing and prospective employees, shareholders, regulators and other interested parties. Yet, to date, external contractors, consultants and  contingent workers are usually excluded from the employee payroll and the organisation’s total labour cost remains unknown.

When an organisation wants to analyse its business, it needs to see the whole labour cost, not just what the payroll systems can show up. In omitting the total data pertinent to contingent workers, organisations fail to understand labour productivity and end up with a skewed analysis that only takes into account employees. Deloitte found last year that only 42% of organisations were primarily made up of salaried employees.

With the IR35 forcing the costs of limited company contractors to be accounted for within the employee payroll, we’re some way along the road in organisations understanding the value of its human capital. This is despite there being no guidance yet on who will pay the tax, NI and the levy.

With the IR35 forcing the costs of limited company contractors to be accounted for within the employee payroll, we’re some way along the road in organisations understanding the value of its human capital.

For right now though, there is no universally accepted way to track the management of human capital. The economy has grown in ways that leave the current rules behind. For several decades an organisations’ market value has been far higher than the value of their tangible assets (for example land, buildings, fixtures and fittings), leading for calls for labour assets (i.e. human capital) to be included on balance sheets to give a more accurate impression of organisation value.

Reporting on Labour

Whilst companies must report detailed information about their capital investments, they have almost no reporting requirements related to human capital. This is a problem for two reasons.

The lines between contingent workers and employees are becoming increasingly blurred. This cannot be more clearly illustrated than with the recent troubles of Uber in the UK, whose drivers – traditionally thought to be self-employed – were, in fact employees of the company. Uber now has statutory obligations to give drivers holiday and sick pay (and thus, they are entitled to a minimum wage and paid leave). Prior to this, these were costs that were not broken down and could be a way of hiding a very bad gender pay gap, underrepresented minorities and more - regulators are catching up with that.

Additionally, not having to report on human capital discourages effective investment in workers - which can have an impact on your bottom line. Research shows organisations with specific employee experience programs and strategies report up to three times higher profit growth. Part of this growth is due to lower operating margins stemming from employees being more innovative in how they work, but lower employee turnover also contributes measurable savings.

Although the private sector may be lagging in preparation for the IR35 changes that take effect in little over 150 days’ time, they could bring about a seismic change in how organisations start to report on their human capital costs to the wider market.

Compliance is a must-do activity, not a nice-to-have. According to Colin Bristow, Customer Advisory Manager at SAS, it is essential that companies extract maximum value from compliance processes, reducing the possibility of it being considered a cost centre.

Technological innovation can help to lift some of the compliance burden. The level of technology you can realistically implement depends on how advanced the organisation is to start with. One company’s moonshot could be another’s business as usual. Assessing the starting point is just as important as considering the benefits and end goal.

RegTech, AI and the future of compliance

This is the question that the burgeoning RegTech (regulatory technology) industry is seeking to answer. AI is typically at the forefront. RegTech partly focuses on improving the efficiency and effectiveness of existing processes. As part of that improvement, organizations are using AI, machine learning and robotic process automation (RPA) to smooth the integration and processes between new RegTech solutions, existing legacy compliance solutions and legacy platforms.

Why look to AI for help? Recent regulations, such as GDPR or PSD2, are handed down in the form of large and extremely dense documentation (the UK government’s guidance document for GDPR alone is 201 pages). Identifying the appropriate actions mandated by these lengthy documents requires a great deal of cross-referencing, prior knowledge of historical organisational actions, and knowledge of the relevant organisational systems and processes. What’s more, several regulations attract fines or corrective actions if not applied properly (like the infamous "4% of company turnover" penalty attached to GDPR).

In short, the practical application of regulations currently relies on human interpretation and subsequent deployment of a solution, with heavy penalties for noncompliance. This is where AI can help, reducing the workload involved and improving accuracy. Here are three key examples of how AI can help companies turn compliance into a value-added activity.

1) Reducing the risk of nonconformity

Following the deployment of compliance processes, there is often residual risk. This can be as a result of unforseen gaps in compliance processes, or unexpected occurrences that become apparent when operating at scale.

That’s partly because there are usually a lot of steps and processes to be carried out during the data collation stage of compliance programmes. RPA can help reduce administrative load associated with these processes that include a high degree of repetition – for example, copying data from one system to another. AI can then help process cross-organisational documentation, combining internal and external sources and appropriately matching where necessary.

AI can also help to reduce companies’ risk of noncompliance with, for example, privacy regulations. Furthermore, using AI techniques, organisations can automate transforming and enhancing data. Intelligent automation allows companies to carry out processes with a higher degree of accuracy.

2) Improving process efficiency

Inefficient processes can also hinder compliance. For example, automated systems that detect suspicious transactions for anti-money laundering (AML) processes are sometimes not always as accurate as they could be. A recent report highlighted that 95% of flagged transactions are closed in the first stage of review. Effectively, investigators spend most of their day looking at poor quality cases.

Use of an AI hybrid approach to detection ensures there are fewer, higher quality alerts produced. Furthermore, it is possible to risk-rank cases which are flagged for investigation, speeding up the interaction and relegating lower-risk transactions. Although AI forms an underlying principle across most modern detection systems, maintenance is key to managing effective performance.

AI can also be used to bolster AML and fraud measures more widely. For example, applying AI to techniques such as text mining, anomaly detection and advanced analytics can improve trade finance monitoring. This, in turn, can improve the regularity for document review and consignment checking, improving the validation rates of materials as they cross borders.

[ymal]

3) Keeping up with regulatory changes

Compliance never stands still. Businesses have to contend with a constantly evolving landscape, potentially across several regions. AI can help to optimise the processing of these regulations and the actions they require, helping companies keep up to date. Companies that need to effectively comply with several differing regulations require a wide range of understanding across all parts of the business. The size, complexity and legacy systems of the business can be significant obstacles.

To mitigate this risk, companies can use natural language processing (NLP) to automate aspects of regulatory review, identifying appropriate changes contained in the regulation and then relaying potential impacts to the appropriate departments. For example, AI could help geographically diverse companies determine whether changes in the UK have an impact on their Singapore office.

Humans still needed

It’s important to note at this point that AI and RegTech are not expected to widely replace humans. We are seeing early AI entries in the RegTech space, but they’re primarily helping with lower-hanging fruit and repetitive tasks. AI is primarily enhancing the work humans do, making them more effective in their roles.

AI does not come without some considerations, however. There is a great deal of focus and scrutiny on associated possible bias in AI deployments. Other discussions are exploring the transparency and governance of applications and questions around who owns generated IP. As a result, it’s essential that AI works closely with humans, enhancing activities and balancing an appropriate level of manual oversight.

AI is augmenting compliance practices by providing faster document review, deeper fraud prevention measures and greater contextual insight. It is also reducing noise in high-transaction environments and lightening the documentary burden on staff. From the start of the regulatory review to the end of the compliance process, AI holds part of the overall solution to a more efficient and valuable compliance function.

While the goals of these regulations are often described in detail, they frequently fail to outline just how the requirements must be met or the steps that need to be taken to achieve that compliance. Here Sarah Whipp, CMO and Head of Go to Market Strategy at Callsign, answers the question: Is regulatory ambiguity setting banks up for failure?

Take for example PSD2, which called for open APIs and the application of stronger authentication schemes but didn’t describe how best to meet these needs. With financial institutions in somewhat of a quandary, third party groups have noticed a gap in the market and stepped in to help, such as the Financial Data Exchange (FDX), The Berlin Group and the Open Bank project, who each put forth a different approach to meeting PSD2 compliance.

The three predominant authentication schemes that are currently being used are as follows:

For international banks in particular, this presents a tricky challenge, as they must be able to not only offer each of the aforementioned authentication schemes, but all three of these for each of the third-party groups who’ve stepped in to bridge the gap with PSD2. As a result, these banks are tackling an extremely complex policy situation in which the 9 potential authentication methods are even further compounded depending on location or circumstance. In addition, for each jurisdiction these companies operate in, regulations will be interpreted differently, making a coordinated approach very difficult.

The issue lies not in the sheer number of potential authentication methods with no clear direction from the regulators, but the fact that many of these major, global banks are currently relying on the human policy manager – knowledge siloed to a few IT group team members – to comprehend these regulatory needs. Quite often these teams would have insider knowledge, almost like living and breathing black boxes. Of course, if one of these people leaves the company, they are also taking with them a huge amount of valuable information.

Instead, banks must move away from their home-grown policy managers, and evolve to a more sophisticated and transparent policy manager for which sectors across the organisation can have a say. It is not just the IT team that has to review internal policies at these and say they’re fine. Risk & Compliance right through to the Marketing function needs to ensure they are properly following protocol.

Challenger banks, those who have broken ground in the last decade or so and remain digital-first, are actually positioned much better to deal with these issues as much of their infrastructural practices are already grounded in flexible and agile practices. Thus, many banks facing these problems are established institutions, potentially embracing digital transformation in other areas of the organisation. To ensure they can remain competitive and compliant (regulations aren’t going away, they’re only getting stronger), they must also equip their policies for the future.

If these larger organisations don’t rise to the challenge they are in danger of dramatically harming the customer experience. They need to be able balance keeping their customers’ digital identities safe and as well as comply with regulations, while making sure users can get on without obstacles. By using the latest AI and machine learning, policy managers must adapt and learn in real time to achieve this goal. Implementing this technology, organisations can build multi-factor authentication journeys that are uniquely tailored to their own business, customers, products or services. Financial legislation is constantly being updated, so flexible technology will help them easily navigate any changes with relative ease.

Ralf Gladis, CEO of Computop, answers questions surrounding regulation and global consensus, with some interesting pointers on privacy and trade therein.

Cryptocurrencies are expected to reach a major turning point in 2019, but they still attract a great deal of controversy. There is no doubt that the digital currency market is growing, and fast, but support from the institutions that matter is far from consistent.

In November, Christine Lagarde, head of the IMF called for governments to consider offering their own cryptocurrencies to prevent fraud and money laundering. Governments, by contrast tend to err on the side of caution, with the vast majority sceptical of what they see as the ‘Wild West of crypto-assets‘ in which investors put themselves at unnecessary and heightened risk. In part this is because a core role of government is to prevent turmoil in central systems, however many have acknowledged that cryptocurrency has a momentum that cannot be ignored and that regulation could help to bring about a more sustainable and less volatile crypto environment.

The scenario is changing all the time, and it is worth considering what would actually happen if all governments agreed that digital currencies were good:

  1. Currency formats: If all governments loved crypto currencies they would probably not love the same currency, so if one country introduced Bitcoin and another Ethereum, we would then be faced with the difficulties of handling the exchange.
  2. Economic Policy: The value of money is a playground for politicians of all sides. Expanding the availability of money, for instance, leads to devaluation of a currency which is supposed to help export-orientated economies when selling goods and services abroad. Such policies can only work if a government has the sole power to expand or decrease the amount of money within its own economy. No central bank would be willing to give that power away. That’s why we would end up with many crypto currencies in different countries.
  3. Regulation: It‘s vital for a government to avoid money laundering, fraud and tax evasion. This is simply necessary to protect the country from financial crime and to comply with international rules. Therefore, a crypto currency would be regulated by each country’s central bank according to current local requirements for Anti Money Laundering (AML) and Know-Your-Customer (KYC).
  4. Cash: Despite the availability of crypto alternatives we wouldn’t get rid of cash quickly. With no experience of what a non-cash society means, there are huge risks simply because of a fascination with a new technology. What about people who are travelling abroad, or those who are unbanked?
  5. Privacy: A crypto currency can ensure privacy. However, it can also be designed to be open and very transparent. If crypto currency was THE new currency it would need to be transparent to regulators and criminal investigators. If the design were open to government access this could cause a privacy nightmare. Currently, payment data is distributed over many issuing and acquiring banks. Accessing this legally is not easy and requires a judge. A large transparent crypto currency database which is open to governments sounds like an invitation for misuse by government agencies that might mean well but would do ill anyway.
  6. Trade: B2C transactions require payment schemes that act as a mediator between merchants and consumers. Schemes like Visa and MasterCard have established a worldwide rule-set that balances the interests of merchants and consumers. What if a fraudster used a fake identity and the actual consumer required the merchant to pay back his money? What if a consumer sent back a few products and required a partial refund? And if the merchant failed to react? Many such exceptional but nonetheless possible scenarios are the reason why issuing and acquiring banks have to enforce the rules set by Visa and MasterCard. That also applies to other payment systems like American Express, Discover and PayPal who set and enforce their rules themselves directly with both consumers and merchants. B2C payment needs schemes. In that respect it doesn’t matter whether the currency is digital, physical or crypto.
  7. Ecology: Several central banks have already tested crypto currencies. The result was devastating. For large scale use crypto currency is much too slow and requires too much energy and storage consumption to be feasible.

It looks like there is still a lot of work to be done before crypto currency gets anywhere near to being acceptable to governments.

This is according to Henry Umney, CEO of ClusterSeven, as he offers his views on the regulatory and risk management trends in the banking and financial services industry for 2019.

Brexit will confound banks in 2019, whatever the outcome

The UK’s departure from the EU at the end of March will continue to have a significant impact on the banking, insurance and asset management sectors throughout 2019, almost regardless of the nature of the final departure. Brexit uncertainty is presently forcing banks to implement their most stringent contingency plans, in terms of re-locating critical business services, processes, and in extremis, specific roles and personnel. To this end, division of data, processes and responsibility need to be managed carefully to ensure these changes are executed smoothly, efficiently and with full auditability. Further complexity is provided by the UK’s Prudential Regulatory Authority’s (PRA) announcement that institutions will be able to continue to trade as branches of their head office, rather than as a (more capital intensive) subsidiary post-Brexit. This, alongside the European Banking Authority’s (EBA) recent announcement that it sees ‘back to back trading’ between the City of London and the EU as beneficial, suggests that there is a willingness to find a modus vivendi that allows complex cross-border transactions and business processes to continue as normal, almost regardless of the final Brexit outcome.

This complex, conflicted environment will place a premium on understanding how disparate business processes and applications, including how end user supported processes (e.g. using spreadsheet-based applications) are configured, allowing institutions to respond quickly to new developments – and potentially even reversing previous decisions about re-locating people, roles and business units.

Regulators and auditors will demand mature model risk management

In the US, the momentum for a mature approach to model risk management will gather further pace as government frameworks including SR 11 7, CCAR/DFAST stress testing and CECL, for example, are more closely scrutinised and audited by regulators. Increasingly these governance frameworks are being extended to include the tools that feed the models and there is recognition of the significance of the spreadsheets and other end user supported applications to the models covered by these frameworks.

This approach to sophisticated model risk management will find favour with European regulators too, a trend that is already in motion with regulations such as TRIM and SS3/18. This is fundamentally driven by regulators’ collective objective of demanding visibility of critical models and enhancing the operational resilience of financial institutions. Effective data management, including that stored in spreadsheet-based and other end user supported applications, is central to these frameworks.

To meet the excellence in data governance and auditability as demanded by the regulators in the UK and US, financial institutions will be forced to apply the same level of controls to their end user supported application environment – as they apply to their broader corporate IT environment. This reflects that spreadsheets are often the ‘go to’ tool in developing a broad range of business and financial models.

The transition away from LIBOR will present a major operational challenge

Due to the enormity of the transition from LIBOR (London Interbank Offered Rate) to alternative reference rates (e.g. SOFR, Reformed SONIA SARON, TONAR), financial institutions will begin adjusting their processes and systems, in preparation for the switch to new reference rates by the end of 2021. The clock is ticking.

With a parallel universe of spreadsheets connected to enterprise systems such as risk, accounting models and a plethora of non-financial contracts, financial institutions will need to ensure that the relevant changes are also accurately reflected in the spreadsheet-based processes. Given the broad range of potential alternatives to LIBOR, it seems possible that multiple replacements may be in use in different jurisdictions. There will be a premium on being able to identify transactions and contracts quickly and efficiently, and applying the appropriate reference rate, quickly, efficiently – and again with full transparency and auditability.

GDPR has the hallmarks of expanding into a global framework, its compliance will need to be in organisations’ DNA

GDPR has all the makings of becoming a global standard. Already, California is taking the lead with the California Consumer Privacy Act (CCPA), which comes into force in 2020. Other US states are also considering similar regulations to protect the rights of their residents.

With a fine of $1.6 billion levied on Facebook this year, the EU has clearly demonstrated that it means business. In 2019, organisations will have to shift their GDPR focus to ‘sustainable compliance’. They will realise that inventorying IT systems for GDPR-relevant and sensitive data was merely a good first step to meet the compliance requirements on 25 May 2018. GDPR compliance will need to part of their DNA – requiring it to be a ‘business as usual’ activity. With unstructured confidential data (e.g. personal details of clients and employees) often residing in spreadsheets, visibility alongside continuous monitoring, controls and stringent attestation of information will be essential to meeting GDPR demands such as the right to be forgotten and data portability. Automated spreadsheet management will become critical to sustaining GDPR compliance.

This month marks the tenth anniversary of the run on Northern Rock, leading to a more widespread financial crisis, with a number of banks bailed out by governments in the UK and around the world. A decade later, large established banks face new threats on several fronts.

As challenger banks and disruptive technology companies increasingly eat away at the services traditionally offered by the banks, the situation is exacerbated by the incoming regulatory changes of the Open Banking initiative.  When the second Payment Services Directive (PSD2) comes into force in January 2018, banks will be required to open up their customer data to third parties. Customers will be able to directly compare the offering of their traditional bank with those of competitors.

Pini Yakuel, CEO of Optimove, which studies the science behind customer engagement, comments: “The past ten years have in some senses been defined by the aftermath of the financial crisis, but the next ten years will be defined by technology disruption that changes how banks interact with their customers forever.

“The disruption coming with the Open Banking initiative is huge for customer engagement. Customers will be able to compare the value that each financial services company offers them quickly and easily.

“We know already that eight out of ten millennials are happy to switch banks for better rewards[1]. The move to make the industry more transparent will allow individuals to compare these rewards like-for-like and switch to companies that provide them. Banks now have a real fight on their hands to retain a generation of smartphone-empowered, brand-agnostic consumers.

“Understanding behaviours, preferences and needs more clearly is key to developing the kind of emotionally intelligent communication with customers that makes them feel comfortable with their bank and helps them to make good financial decisions. Those banks who can offer something back at each stage of their relationship with each customer will set themselves apart under the intense scrutiny of Open Banking.

“To keep ahead of their competitors, they will need to tailor services to support customers more effectively, offering real value that appeals to each customer personally. Artificial Intelligence and automation tools which reveal what value looks like to each customer will be the secret weapon to help banks succeed in this environment.”

(Source: Optimove)

The FCA has finally released its long-awaited consultation paper[1] (CP) on its planned extension to the Senior Managers and Certification Regime (SM&CR) to the vast majority of those firms regulated by it.

The FCA intends introducing this new extended regime on a proportionate basis and having regard to the plethora of activities undertaken by regulated firms, and the size and scale of individual firms. Here Douglas Cherry, Partner at Reed Smith, discusses with Finance Monthly.

The SM&CR consists of three principal elements which are the “core”, “enhanced” and “limited-scope” regimes.

The core regime applies to all affected firms and is the focus of this short discussion.

The enhanced regime will apply only to the very largest firms regulated by the FCA and is expected by the FCA to capture only around 350 firms in total. It requires additional detail, above the core regime and places additional individual responsibility in particular on risk, prudential and audit responsibilities.

The limited scope regime is effectively a ‘light’ version of the core regime for particular classes of FCA-regulated firms including: limited scope consumer credit, oil market participant and sole trader firms. These firms will not be required to implement the SMFs and are exempt from other requirements in the regimes too.

The core regime essentially sees those holding significant influence control functions under the existing regime mapping across to the newly defined Senior Management Functions “SMFs”. It also introduces the notion of the certification regime to firms.

Whilst the new SMFs are re-defined, there is little magic about those definitions, and those of you currently holding a Chief-Executive, Executive Director, Partner, Compliance Officer, MLRO and so on, will likely fall within these new SMF definitions. SMFs will be required to apply for the relevant designations and receive prior approval from the FCA before carrying out any duties at a regulated firm which fall within the definition of the relevant SMF.

The extended regime mandates adherence to a Statement of Responsibilities (SOR) by SMFs. The firm must articulate those duties for which the SMF holder is responsible and ensure that each impacted SMF-holder subscribes to that SOR. This is similar to the approved-persons regime, but in contrast to that regime, it creates a burden on the SMF holder to demonstrate to the FCA that they proactively discharge their prescribed responsibilities, and in the case of regulatory criticism; show that they took “reasonable steps” to meet their obligations.

Some staff will fall outside of the SMF definitions, and instead fall within the certification regime. These staff will not require pre-approval from the FCA. Rather, they must be assessed (on an ongoing basis) by the firm, as fit and proper to do their job. Certification staff will likely include those concerned with client assets and money (CASS oversight function), those heading up business units and those persons who have the ability to cause ‘significant harm’ to a regulated firm (including proprietary and algorithmic traders, and investment advisors amongst others.

The FCA expects to focus very precisely on how roles and defined and described and how the firm organises itself. From an employee perspective, firms may well start seeing senior staff being reluctant to be seen as SMF staff, where a role may be defined in manner that pushes it into the certification regime instead.

Whilst for may practical purposes, the regime changes do not fundamentally change the day to day approach at regulated firms, the very fact of the certification regime places a positive burden on firms (and the SMF individual with responsibility for this area of systems and controls as well) to actively certify at the outset an monitor on an ongoing basis, compliance with the fit and proper test.

The largest burden is likely to be the defining of roles and management time and effort spent in implementing these changes. The consultation runs through to 3rd November, and the new rules, in very similar form to the CP, to be in force from Q3 2018.

[1] Individual Accountability: Extending the Senior Managers & Certification Regime to all FCA firms CP17/25 July 2017

About Finance Monthly

Universal Media logo
Finance Monthly is a comprehensive website tailored for individuals seeking insights into the world of consumer finance and money management. It offers news, commentary, and in-depth analysis on topics crucial to personal financial management and decision-making. Whether you're interested in budgeting, investing, or understanding market trends, Finance Monthly provides valuable information to help you navigate the financial aspects of everyday life.
© 2024 Finance Monthly - All Rights Reserved.
News Illustration

Get our free monthly FM email

Subscribe to Finance Monthly and Get the Latest Finance News, Opinion and Insight Direct to you every month.
chevron-right-circle linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram