InCOMPLIANCE A critical juncture - p.21 - International Compliance Association
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
inCOMPLIANCE
ISSUE 41
®
YOUR MAGAZINE FROM THE INTERNATIONAL COMPLIANCE ASSOCIATION
A critical juncture
p.12 p.21 p.32
A grown up Can you Collision
conversation trust AI? course £4.95 where
sold separately
Gain a core understanding of key areas of compliance and financial crime risk ICA Certificates are introductory, practical courses designed to provide individuals or teams with a solid understanding of the fundamentals of key areas of risk: • ICA Certificate in Anti Money Laundering • ICA Certificate in Compliance • ICA Certificate in Financial Crime Prevention • ICA Certificate in CDD/KYC • ICA Certificate in Managing Sanctions Risk These courses can also be delivered in-house with the option to tailor workshop content to the unique requirements of your firm. Affordable. Accessible. Practical. Find out more here: www.int-comp.org/qualifications-homepage ICAA12039
Taking control
James Thomas
Editor
The ICA Annual Conference (p.12) provided evidence of a and responsibilities for compliance professionals as the
profession that is now positioned to seize the initiative to need emerges for explainability of AI decision making
shape and transform its own future, having operated for the (p.21). Compliance may have a significant role to play in
last decade within an environment in which the only constant understanding, defining and interpreting the functioning
has been change. There is no doubt that the challenge ahead and limits of such technologies, both to the business and to
for compliance – that of confirming its position within the regulators, as well as in navigating the ethical considerations
business as a strategic leadership function (p.18) – is not that such technologies will inevitably produce. Far from
insignificant. However, both the opportunity, and the ambition being at the mercy of such developments, compliance
to achieve that status, are there. should position itself at the controls.
Understanding new technologies may be key to grasping
this opportunity. In this issue we consider both the
potential and the pitfalls of AI and machine learning and
other emerging technologies, such as blockchain and
distributed ledger technology (p.24). While the threat to
jobs from AI has received considerable attention, at least
of equal importance is its potential to create new roles
Editorial Board inCOMPLIANCE® Advice to Readers
Issue 41
Kathryn Cearns, Independent inCOMPLIANCE® is published six times
Publisher: a year by the International Compliance
Consultant,
International Compliance Association Association. Reproduction, copying,
kathryn.cearns@brixtonroaduk.com
ica@int-comp.org extraction, or redistribution by any means
Editor: James Thomas of the whole or part of this publication
Jee Meng Chen, Commerzbank, jthomas284@btinternet.com must not be undertaken without the
jeemeng.chen@commerzbank.com written permission of the publishers.
Design: Design & Document Services
design.enquiries@wilmingtonplc.com inCOMPLIANCE® is distributed as a free
member benefit to all members of the
Jacob Ghanty, Kemp Little LLP, Production: Sophy Lloyd
International Compliance Association.
jacob.ghanty@kemplittle.com contributions@int-comp.org
Advertising Queries: Dorinda Gibbons Articles are published in good faith
dgibbons@int-comp.org without responsibility on the part of the
Tim Porter, Director, TPA publishers or authors for loss occasioned
(Consulting) Ltd, Executive President, International Compliance to any person acting or refraining from
Tim.Porter@TPACLTD.com Association: Bill Howarth action as a result of any views expressed
bhowarth@int-comp.org therein. Opinions expressed in this
ICA Membership Enquiries: publication should not be regarded as the
Tom Salmond, Ernst & Young LLP, official view of the ICA or as the personal
Jo Lewis
tsalmond@uk.ey.com views of the Editorial Board members of
membership@int-comp.org
inCOMPLIANCE®.
ICA Qualification Enquiries:
David Symes, Compliance Debbie Price All rights reserved in respect of all articles,
Recruitment, ict@int-comp.com drawings, photographs etc published in
david@compliancerecruitment.com inCOMPLIANCE® anywhere in the world.
Article Enquiries
Reproduction or imitations of these are
contributions@int-comp.org
expressly forbidden without permission of
Rachel Waldren, Murray Waldren International Compliance Association the publishers.
Consulting, CPD - 2 points
Printed in England
contact@murraywaldren.com
inCOMPLIANCE®
3
Contents
REGULAR FEATURES IN THIS ISSUE
3 21
Editor’s comment Can you trust AI?
Compliance must confirm its Chris Brannigan and
position within the business Joe Faith explore the
as a strategic leadership function, necessities of explainable AI
writes James Thomas
PAGE 21
24
To catch a thief
6
ICA News Muralidharan Perumal
A roundup of the latest news explains how new
and events from the ICA technologies offer the potential to fight
back against financial criminals
8
Industry News
A summary of recent
11
developments affecting
Financial Crime Prevention, GRC, Food for thought
AML and CDD professionals The recent ICA Fellows
Dinner shed some important
PAGE 24
18
light on trends in learning and
Beyond development and the evolution of
Compliance compliance, writes Helen Langton
Compliance faces a key
12
choice about its future direction,
writes David Jackman A grown-up
conversation
James Thomas reports
29
from the ICA’s 11th Annual Conference
Going to the
source
16
Acknowledging Understanding source
achievement of wealth has become a critical
Simon Matthews recalls his component of rigorous and effective
experience of the ICA Award Ceremony due diligence, writes Haeyoeun Seo
inCOMPLIANCE®
4
35
Compliance
without friction
With the implementation
deadline approaching, financial
services firms continue to grapple with
major changes required to the security
PAGE 29 framework, infrastructure, customer
journeys and the customer experience
associated with Strong Customer
Authentication. Richard Mais, Tom Have you thought
Salmond and Claudia Anton explain about writing
an article for
inCOMPLIANCE®?
32
Writing an article is a great
Collision course
opportunity to raise your
Non-compliance can
profile within ICA and present
lead to challenging
a topic of relevance to your
conversations, resulting in
conflict, frustration and damaged
PAGE 39 fellow members. Writing
an article on anti-money
relationships. However, as Ben Rawal laundering, compliance,
explains, improving awareness of financial crime or associated
your own communication, emotions, disciplines will also earn you
and others’ perspectives, can help to valuable CPD!
avoid difficulties
Visit tinyurl.com/writeanarticle
and download our document
39
on Article writing tips and
Losing the race? Blogging Best Practice to
Vladimir Berezansky enhance your skills in this area
considers the drivers and learn about structure,
and potential implications of the themes and writing style.
current focus on IT and social media
PAGE 32 Please note: you don’t have to
be an ICA Member to register
your interest in submitting.
If you are interested in
writing an article for
inCOMPLIANCE, email us at:
membership@int-comp.org
and remember to include
your full name and your
topic of interest.
inCOMPLIANCE®
5
ICA Events – A Major Success The April week of ICA events is always the busiest of the year as it incorporates multiple ICA events, including: • ICA International Advisory Board meeting • ICA Fellows Dinner • ICA Conference • ICA Award Ceremony This is my favourite week of the year as it is my opportunity to take the pulse of the Association; to meet Members, Fellows, supporters and students; and to get a sense of any concerns, aspirations and ideas from them all. A full review of the events is contained in this edition of inCOMPLIANCE and, as can be seen from the reports and photographs, it was a brilliant week. This year, the Award Ceremony was held at the Grand Hall of Lincolns Inn, chosen to accommodate the ever-growing number of graduands and their guests. The event was attended by students and members from 24 countries and the occasion was enjoyed by all who attended. The ICA Conference continued the theme of the Big Compliance Conversation and the new film we have produced in collaboration with ITN Productions – ‘The True Cost of Financial Crime’ – was extremely well received. This year a significant number of the speakers were Fellows of the Association, a trend which I am delighted to encourage going forward. The Fellows Dinner was an excellent occasion and, whilst splendid food and wine were enjoyed, the Fellows were invited to give their opinions on current issues impacting the profession. A wide, well-informed cross-section of views were discussed and will be written up and circulated to members. The ICA International Advisory Board met and considered a broad range of policy issues relating to the Association. One of the key areas of discussion concerned greater participation in industry forums by representatives from the ICA community. The team will be looking at this over the coming weeks. Bill Howarth ICA President inCOMPLIANCE® 6
ICA NEWS
Helen Langton named as ICA CEO
Having joined International Compliance Training (ICT) in 2007, Helen has
played an instrumental role in both ICT and ICA’s geographical expansion,
product innovation and operational efficiency, as well as growing the
business in the MENA and APAC regions. In her new role, Helen will oversee
ICA and lead it into a renewed global expansion drive, focussing on
establishing a footprint in new and strategic markets and further enhancing
the association’s position as the organisation of choice for the global
regulatory and financial crime compliance community. Finally, in a move to
enhance our customer experience and simplify our offering, ICT will now
offer its training and services under the ICA banner.
ICA partners with the Bermuda College ICA announces Masters top-ups
to offer full suite of qualifications with AMBS
The ICA is pleased to announce a new partnership with The ICA has had a twenty-year association with
Bermuda College, to offer its entire suite of qualifications University of Manchester: Alliance Manchester Business
to regulatory and financial compliance professionals. School (AMBS), which is the quality assurance education
ICA’s qualifications in Bermuda will be partially funded partner of the ICA in the awarding of professional
by the Government of Bermuda in its commitment qualifications. The partnership covers qualifications
to train, develop and upskill the local workforce in at Certificate, Diploma and Professional Postgraduate
regulatory and financial crime compliance, in line with Diploma (PPG Dip) levels.
global best practice and international standards. For the last five years experienced practitioners wanting
Helen Langton, ICA CEO, commented: “As a leading to become Fellows of the ICA have been able to achieve
financial hub, the Bermuda market is of strategic this by completing either the PPG Dip in Governance
importance to the world financial market, and I look Risk and Compliance or the PPG Dip in Financial Crime
forward to continuing our collaboration with the Compliance, awarded by ICA in association with AMBS.
Government to raise the bar and ensure a safe and secure The University of Manchester has now decided to
environment for investors, businesses and society.” provide top-ups to those PPG Dips to convert them
Dr. Duranda Greene, Bermuda College President, to MSc degrees, the MSc in Governance, Risk and
agreed: “The training couldn’t have come at a more Compliance and the MSc in Financial Crime Compliance.
opportune time as Bermuda adapts to the burgeoning From 2020 holders of an ICA PPG Dip will be able to
presence of compliance throughout various industries.” top-up their qualification into an MSc by completing
an online programme directly with AMBS. The course
details, modules and enrolment procedures will be
circulated in autumn 2019.
ICA to form alliance with the Czech
Compliance Association
During the ICA conference, Helen Langton
and Bill Howarth met with representatives of
the Czech Compliance Association to discuss
future collaboration and the introduction of ICA
qualifications into the region. The Czech Compliance
Association, although fairly recently established, has
members that represent a multitude of sectors. It
works incredibly hard to bring compliance officers
together to discuss challenges, share best practice
and gain insight from international and local speakers.
ICA will be speaking at the association’s forthcoming
compliance conference in Prague on the 24 June
2019 at which the alliance between our associations
will be formalised and the qualifications launched.
ICA will continue to extend its geographical reach
and work with local compliance organisations as we
progress towards the building of a connected global
compliance community
inCOMPLIANCE®
7
INDUSTRY NEWS
Industry News
APRA to get NGFS publishes climate change
“constructively recommendations
tough” With climate-related risks increasingly acknowledged as a source of financial
risk, the Network for Greening the Financial System (NGFS) has published
The Australian Prudential Regulation its first report, identifying best practices to facilitate the role of the financial
Authority (APRA) has announced sector in achieving the objectives of the Paris agreement on climate change.
a new, more stringent enforcement The NGFS is a coalition of 34 central banks and supervisors representing
approach, which it describes as the supervision of two-thirds of global systemically important banks and
“constructively tough”. insurers. The report includes six recommendations for central banks,
The approach is the result of APRA’s supervisors and policymakers, including:
Enforcement Review, launched in • Integrating climate-related risks into financial stability monitoring and
response to a range of developments, micro-supervision
including the creation of the Banking • Integrating sustainability factors into own-portfolio management
Executive Accountability Regime, the
• Achieving robust and internationally-consistent climate and
Prudential Inquiry into Commonwealth
environment-related disclosure
Bank of Australia, and evidence presented
to the Royal Commission into Misconduct
in the Banking, Superannuation Announcing the report, Frank Elderson, NGFS Chairman, said: “The
and Financial Services Industry. The financial risks we face through climate change are analytically difficult,
Enforcement Review resulted in seven unprecedented and yet very urgent. By issuing these recommendations,
recommendations, including: the NGFS members demonstrate collective leadership, which will result in
action to foster a greener financial system across countries and continents.
• adopting a “constructively tough”
As long as the temperatures and sea levels continue to rise and with them
appetite to enforcement and setting it
the climate-related financial risks, central banks, supervisors and financial
out in a Board-endorsed enforcement
institutions will continue to raise the bar to address these risks and to green
strategy document
the financial system.”
• ensuring APRA supervisors are
Writing in The Guardian ahead of the report’s release, Mark Carney, Governor
supported and empowered to hold
of the Bank of England, François Villeroy de Galhau, Governor of Banque de
institutions and individuals to account,
France, and Frank Elderson made it clear that climate change will feature
and strengthening governance of
increasingly on the risk radar of prudential regulation. “Supervisors are
enforcement-related decisions
encouraged to set expectations to ensure financial firms are adequately
• combining APRA’s enforcement, addressing the financial risks from climate change, including by conducting
investigation and legal experts in scenario analysis to assess their strategic resilience to climate change
one strengthened support team, and policy,” they wrote. “Firms are encouraged to take a long-term, strategic
ensuring resources are available to approach to the consideration of these risks, and to embed them into their
support the pursuit of enforcement business-as-usual governance and risk-management frameworks.”
action where appropriate
In the coming year, the NGFS will produce technical guidance on:
• strengthening cooperation on
• climate and environment-related risk management for supervisory
enforcement matters with the
authorities and financial institutions,
Australian Securities and Investments
Commission (ASIC). • scenario-based climate risk analysis
According to APRA Chair, Wayne • incorporating sustainability criteria into central banks’ portfolio
Byres, APRA will implement all seven management.
recommendations. https://www.apra.gov. https://www.banque-france.fr/sites/default/files/media/2019/04/17/ngfs_
au/sites/default/files/apras_enforcement_ first_comprehensive_report_-_17042019_0.pdf
approach_web.pdf
inCOMPLIANCE®
8
INDUSTRY NEWS
Businesses unprepared for SCA
UK businesses are unaware of, and underprepared for, the introduction
of Secure Customer Authentication (SCA) under PSD2, according to the
British Retail Consortium (BRC), which suggests that they stand to lose
£60bn in online retail sales as a result. Speaking to The Telegraph, Andrew
Cregan, the BRC’s Head of Payments, said: “Without a smooth and
successful implementation of SCA, there is a real risk that these changes
will create difficulties for consumers when making purchases online.”
SCA (see p.35) requires two-factor authentication to be applied on certain transaction types, mirroring security measures
already available for payments using a physical card at a point-of-sale terminal, which are protected via two-factors: chip
and PIN. The rules require retailers, banks and FS firms to authenticate their customers through something they “have”,
“are” and “know” (e.g. an ID document, a biometric identifier, or a security question).
According to Rene Hendrikse, EMEA MD of Mitek: “With open banking, consumers can now benefit from better deals,
access to new products and services, and better control over their money. But there is also a dark side – open banking
means the potential for fraud will grow exponentially. To tackle this, the regulator has introduced ramped up identity
checks, with the addition of rules SCA which come into force in September. But recent warnings from the retail industry
suggest online retailers may not be able to process online transactions – and could miss out on billions of pounds as a
result. Retailers must focus on putting the technology in place to be able to verify customer identities in line with PSD2.
RegTech, technology that helps achieve regulatory compliance, will play a more important role than ever before. For
example, identity verification technology handles the ‘are’ and ‘have’ of SCA, by verifying an ID document against a selfie.
AI-driven anti-fraud technologies will also be crucial to monitoring for and stopping fraud when it occurs.”
BEIS consults on corporate China: FATF highlights
register reforms areas for improvement
The UK government has announced proposals and a in MER
consultation on reforming the system of corporate registration,
with the aim of improving business and consumer protection The People’s Bank of China “has little to no
against fraud by increasing the accuracy of information available understanding of the risks facing non-financial
on the companies register. According to the Department of businesses and professions”, according to a
Business, Energy and Industrial Strategy, the proposed reforms recent FATF Mutual Evaluation Report.
to the Companies House Register will “contribute to UK efforts While the report found that, overall,
to tackle economic crime by increasing the traceability of “China has a strong understanding of the
company ownership and management while offering business money laundering and terrorist financing
owners and businesses greater protection from fraud”. The risks it faces”, it recommended that China
proposed reforms include: should increase the range of sources used
• Knowing who is setting up, managing and controlling for its national risk assessment. Notably,
companies. Those who have a key role in companies will have understanding of risks is “insufficient”
their identity verified amongst both financial institutions and non-
financial institutions, and the report advised
• Improving the accuracy and usability of data on the register.
that China should extend preventive measures,
Companies House will now be able to query and corroborate
including reporting of suspicious transactions,
information before it is entered on the register. This will also
to designated non-financial businesses and
mean it is easier and quicker to remove inaccurate information
professions and online lending institutions, and
from the register
introduce requirements on domestic politically
• Protecting personal information on the register. In a minority exposed persons.
of cases the register can be misused to identify personal
Further, the report advised that China
information, which can then be used for criminal purposes.
should fundamentally strengthen its legal
Under these proposals Directors will be given additional rights over
framework and the implementation of
their information, for example personal home addresses, while
United Nations-mandated sanction regimes
ensuring this information is still available in a transparent manner
and work with financial institutions and
to public authorities where appropriate.
designated non-financial businesses and
• Improving the detection of possible criminal behaviour. professions to achieve implementation
Better information sharing by Companies House, other without delay.
Government bodies and financial institutions will better
http://www.fatf-gafi.org/media/fatf/
protect businesses and ensure faster and more sophisticated
documents/reports/mer4/MER-China-2019.pdf
identification of possible criminal activity, benefitting
businesses and consumers.
inCOMPLIANCE®
9
ICA Specialist Certificate in Conduct Risk A short, online course that provides you with an understanding of the fundamentals of conduct risk. With an increased focus on managing business conduct by regulators in many jurisdictions, financial firms are closely scrutinising what conduct risk means in practice to them. As a result, firms need to understand how business conduct impacts on their business, their employees, their customers and the market in which they operate. Take a look at the key terminology and develop skills that will help you recognise good and poor conduct; explore key regulatory developments that affect your firm and your stakeholders; and gain an understanding of how to react to the risk. Find out more here: www.int-comp.org/conductrisk ICAA12041
ICA FELLOWS DINNER
Food for thought
Learning and development was on the menu at
the ICA Fellows Dinner, writes Helen Langton
A
t the recent Annual Fellows Dinner, ICA made the and what is ‘nice to have’ in terms of skills and knowledge.
attendees work for their supper! We posed three Most firms still wrestle with measuring of the effectiveness
questions, one for each course. We wanted to get get of training with some using quantifiable data such as an
a better understanding of whether there is a requirement for increase in SAR reporting, surveys measuring confidence,
more specialists or more generalists in compliance. We wanted external benchmarking and certification.
to know Fellows’ thoughts on what constitutes a great learning
strategy in firms, and we wanted to know what was going on A place for CPD?
in terms of fostering a culture of ongoing learning. The findings Our final question considered the culture of learning and the
generated from these three questions are being compiled into a benefits to be derived. Is there still a place for CPD? Many
briefing document for the rest of the ICA global community to respondents felt that CPD has become a ‘tick-box’ exercise
share. The following gives you the highlights of what we learnt. and that professionals practicing compliance will seek out
their own learning experiences. Some felt that forced CPD is
Go broader and deeper more of a stick than a carrot and therefore completion of the
In terms of the requirement for more specialists or more same is meaningless. Some still regarded time-based CPD as
generalists, the consensus was that we still need both. All valuable and others remarked that there is still insufficient
agreed that the size of the business is the critical driving relevant training in the market that meets the needs of
factor. The maturity of the compliance market in which compliance practitioners today.
the firm operates also has a bearing. Further, there was a Building a culture of learning is everyone’s responsibility.
common view that technology is playing a key part in the way The business, it was agreed, needs to work with learning and
the role of compliance is evolving, with senior compliance development for there to be space to undertake ongoing
practitioners needing to be more generalist, enabling them to learning. Learning must be relevant and of high quality, and
provide a more value-adding advisory role. Most respondents firms and employees need to be committed to it. Getting
felt that the skillset of compliance practitioners is evolving from where firms are today to this position is going to take a
towards requiring strong business acumen with the ability great deal of effort.
to lead teams of specialists, whether internal or outsourced.
Further, the need was identified for compliance personnel to be The need to share
inclusive, drawing in expertise from around the organisation Throughout the discussions we learnt a great deal about
to make a positive difference. what firms are doing about learning and development,
about structuring their teams and their deployment
A learning strategy of technology to support the needs of the compliance
So what does a great learning strategy look like? How closely function. This feedback will be written up and circulated.
aligned should it be to commercial objectives? Are competency Two immediate takeaways from this event, however,
frameworks still a useful tool and what is happening in terms are that, one, many great things are being done in the
of measuring the effectiveness of training? In the words firms to tackle challenges and, two, not nearly enough is
of one respondent: “A great learning strategy needs to be being done to share those best practices for the benefit
something affordable, sustainable and achievable.” I don’t of others. More collaboration and sharing of insight is
think anyone would argue with that! needed, not only to help improve practices but to help
All agreed that commercial benefit is the primary driver for a minimise that feeling of isolation that many feel in the
learning strategy, but others recognised that the same emphasis compliance role. We want to address this and will be
should be placed on social and environment aspects, especially structuring our activities accordingly.
if young talent is to be attracted to an organisation. There
was considerable agreement regarding the need for senior Helen Langton is CEO of ICA
management to have compliance training as most felt this
was still lacking.
A great learning strategy needs to start with a competency
framework, with a clear identification of what is ‘essential’
inCOMPLIANCE®
11ICA ANNUAL CONFERENCE
A grown-up
conversation
James Thomas reports from the ICA’s 11th Annual Conference
T
he ICA’s Annual Conference – initiatives for the Association including his discussion of the future and role
The Big Compliance plans to apply for chartered status; the of compliance (see further, p.18).
Conversation ... Continued – modularisation of the ICA’s educational “Change in compliance is not random
was held in London in April, with the programmes; and a collaboration or haphazard,” he stressed, arguing
discussion centred on the growth and with the University of Manchester in instead that there has been a clear
development of the profession, as well building and hosting two new Masters pattern to the developments witnessed
as the opportunities for practitioners to programmes, which will launch in 2020. within the regulatory environment over
influence that development. The ICA, much like compliance itself, the past 30 years. “It’s about a function
Following a showcase, over is “on a journey of development and and a profession growing up and
breakfast, of the ICA’s latest expansion”, he told the audience. learning how to do things differently,”
collaboration with ITN Productions he explained. “If you take the fatalistic
– ‘The True Cost of Financial Crime’ – The road to maturity view that ‘this is happening to us’ then
ICA Executive President Bill Howarth Keynote speaker, David Jackman, you miss the point.”
welcomed delegates to the conference, ICA Tutor, Examiner and Strategic The key question for compliance is
announcing a range of forthcoming Adviser, set the tone for the day, with now: “have we reached a point
Howarth: a journey of development and expansion
inCOMPLIANCE®
12ICA ANNUAL CONFERENCE
Box 1: Panel Session
The mid-morning panel session –
The skills of the future compliance
professional: is your job description
changing? – was convened by
conference Chair, Simon Donlevy,
FICA, Head of Conduct, Compliance
and Operational Risk, Lloyds
Banking Group.
The panel first considered the pace
of change in compliance. According to
Alison Donnelly, APCC Director: “In the
past five to six years firms and heads
of compliance in firms I’ve dealt with
have had to upscale considerably.” In
addition to the increasing headcount
necessitated by growing volumes of
regulation, however, the nature of the
role has also witnessed a rapid evolution.
According to Paul Asare-Archer, FICA, is going to help us,” he argued. you need to drive behaviours. It’s
Director of Compliance, Telefonica UK, “It will help us do the mundane roles about making the regulations relevant
“compliance officers have increasingly (such as transactional alert clearance) and speaking to the business in the
been required to change from a police allowing compliance officers to focus appropriate language. I think the
officer to a consultant”. on the more high value stuff. We need compliance officer role is evolving
As the role has evolved, what are to understand the tech, but we don’t into a ‘compliance leader’ role.”
the skills now required to perform need to be tech experts.” Vivek Padmanabhan agreed, adding
it successfully? Clearly, the pace of Vivek Padmanabhan offered a that “having a deep operational
change demands that compliance slightly different view: “I do think that understanding of the business and its
officers are able to adapt quickly. some compliance officers will need to products is key because the minute
According to Nicholas Joseph, know how to do coding, depending on you know their world, and you’re
FICA, Director and Global Head of the nature of the role and the company able to apply the regulations to that
Intelligence Unit, Deutsche: “The they work for. In order to demonstrate business, you’ve got their attention”.
key skill is flexibility. Multifaceted, a robust compliance framework to the Within this, the importance
flexible, continuous learning. And regulator the compliance officer needs of recognised qualifications and
how you learn? That’s up to you.” to understand and speak the language, competency standards remains
Vivek Padmanabhan, FICA, Head, not necessarily at a detailed level, high. According to Marios Skandalis,
Compliance, Transaction Banking, AME, but at the level of understanding FICA, Director Group Compliance,
echoed that view, emphasising the fact the framework.” Bank of Cyprus: “The compliance
that versatility is now a prerequisite of In terms of the broader, ‘softer’ function is rapidly changing, but not
the compliance officer: “The need now skills required for the role, good all stakeholders move in the same
is to have a full breadth of knowledge communication and commonsense direction and at the same pace. ICA
and to be able to think horizontally ranked highly among the panellists. has a crucial role to play in supporting
across the full breadth of risks, rather “Commonsense is the key skill I look this evolution of the function,
than within narrow siloes.” for in a candidate,” said Nicholas supporting the training needs and
Technological change provides Joseph. “It’s the hardest skill to skills of compliance officers.” Paul
perhaps the most pressing example of train.” Such skills, moreover, may be Asare-Archer agreed that the ICA has
the speed with which developments fundamental to driving compliance a significant role to play in the future:
within the broader economy are towards a more strategic and “I think the challenge for compliance is
influencing compliance. How should influential leadership role within the ‘what is our entry level requirement’?
compliance officers respond to such business. “At O2 my role has been When I recruit I require that people
disruptive changes? Nicholas Joseph influence and inspire and to be a either have an ICA qualification or that
was quick to allay fears surrounding stakeholder manager,” explained Paul they seek to get one within 12 months.”
the impact of new technologies. “Tech Asare-Archer. “These are key assets
where the regulator is not the main this theme of compliance leadership, is currently a significant opportunity
driver of compliance, and we have a which would persist throughout the for the profession to determine its
chance to drive the agenda?” Introducing day, Mr Jackman suggested that there own future.
inCOMPLIANCE®
13ICA ANNUAL CONFERENCE
Of course, the flipside of to think carefully about what the that “it’s going to be in the logical
opportunity is threat, and Mr Jackman regulator is saying.” extension of the customer paradigm,
suggested that compliance For example, a show of hands in the which is that we should be markedly
professionals may not be fully in tune room revealed that only a minority (not marginally) treating different
with regulators’ current priorities of the large audience had read the categories of customer differently.”
and their thinking on certain issues. Financial Conduct Authority’s (FCA) This leads from the increased focus,
“There are risks to firms (and sectors) “Financial Lives Matter” report. “That not only from regulators but also
to both failing behind and running report is a really key driver in terms from consumers and the market, upon
ahead of the regulator,” he warned. of what the regulator is looking for,” authenticity and integrity and upon the
“For example, we are at the point explained Mr Jackman. “They are place and role of business in society.
now where the regulator is currently being driven to solve social issues. Mr Jackman also suggested that
running ahead of the industry in the You might think ‘that’s not our a general “lack of comprehension
UK. In many areas the regulator’s concern, we’re here to make money’, in compliance about why levels of
thinking is really very sophisticated – but that’s not the case anymore.” fines are increasing” provides further
more so than many people realise – Indeed, Mr Jackman was asked from evidence of this disconnect between
in particular in terms of how we think the floor what he thought the next the regulator and the regulated. In
about outcomes. Compliance needs market failure would be, replying reality, the increases in regulatory
Box 2: Breakout streams highlighted the number of false “Is it time to look beyond systems and
positives that current systems yield, controls?” Recounting his involvement
Following the panel session, the with HSBC producing about 500,000 in the uncovering of the Yen-Libor
conference broke into several cases per month, while filing 5-7,000 manipulation he challenged delegates
concurrent sessions covering a range suspicious transaction reports (SARS), to think carefully over their risk-rating
of topics. or 1-1.5% of the total caseload. SAR of UK-regulated financial services
Dawn Fisher FICA, Deputy MLRO at / alert ratios are reportedly similar firms, given that the UK is the money
Arbuthnot Latham & Co, considered for the majority of banks. In terms of laundering capital of the world, rather
whether AML audits deliver quality, inefficiencies, he argued that, currently, than assuming that firms are low-risk
in particular asking whether external 70% of time is spent on aggregating because they are based in the UK and
auditors have sufficient knowledge data, 15% on investigation and 15% on UK-regulated. He urged delegates
of the businesses they were auditing. writing up investigations. to avoid complacency, arguing that
Delegates were invited to share their These shortcomings have prompted “we keep doing the same thing
experience, with one reporting that the search for new tech solutions, and getting the same result… has
“I’ve found myself in the situation of including machine learning, which something got to change?
having to educate the auditor, and has been facilitated by the huge In her session on RegTech, Fiona
that’s a dangerous position”. Others explosion of data being created, cheap Hipkiss, FICA told delegates that
shared their experiences of audit memory, and exponential increases in setting up your RegTech in a way so
reports that were vague, with action processing power. Such solutions have that it works for your business requires
plans that didn’t make sense. The enormous potential to revolutionise cross functional buy-in from HR, IT,
consensus was that audits should be transaction monitoring, although there legal, and procurement and setting
collaborative, should avoid a tick-box are challenges to their implementation, your priorities straight from
approach, and should not give the not least the issues of ‘explainability’ the beginning.
business a false sense of security. (see further p.21-23) and ethics. ‘Do businesses need a Director
Nishanth Nottath, Global Head He advised those interested in of Compliance?’ was the question
of Transaction Monitoring – FCC implementing machine learning to considered by Paul Asare-Archer,
(Stewardship), HSBC, considered the partner with IT (“It’s likely your IT FICA Director of Compliance, and
role of machine learning in his session: people will have already been working Lance King Head of FCA Compliance
‘New era for transaction monitoring’. on analytics for the business side to Telefonica UK (O2). Changing the
Echoing the views of the earlier panel improve the customer experience”) perception of the compliance function
session (Box 1), he stressed the fact and ensure there is a business case and gaining credibility requires
that compliance officers will need behind its introduction. He predicted compliance to get involved upstream
to develop new skills, in particular in that in the next 2 to 5 years the biggest rather than downstream, they advised.
relation to transaction monitoring, job in compliance will be that of Vivek Padmanabhan considered
screening, CDD, and fraud. “As leaders “Risk Engineer (Compliance)”, namely: what role compliance should play in
in the field you need to think about compliance people who can speak digitisation initiatives. He suggested
what those skillsets are that you need the language of technology / that compliance should possess a
to develop,” he advised. data science”. consistent understanding of the various
Summarising the current challenges Tyrone Griffiths, FICA, Managing innovation and digitisation types.
with transaction monitoring, he Director, AML Assessment Ltd asked
inCOMPLIANCE®
14ICA ANNUAL CONFERENCE
fines witnessed in recent years have
been directly related to the shift
in regulatory focus from process,
to principle, to outcome, “because
technical breaches (of rules) are
considered less grave than breaches
of principle”, he explained.
When questioned from the
floor about the effectiveness of
regulatory fines, he suggested that
the reputational damage of these has
diminished because “in the public’s
mind, everyone’s been fined”, and
he warned that “de-authorisation
is probably ‘the new black’” within
enforcement trends. Jackman: have we reached a point where the regulator is not the main driver of
compliance, and we have a chance to drive the agenda?
Grasp the opportunity
With compliance at an apparent
crossroads, Mr Jackman therefore continued through to the day’s was his advice regarding the
urged compliance practitioners to closing presentation by Jason Fox, value of operating within a mature
take control of their future. “There’s a former Royal Marine Commando organisational culture characterised
an argument that compliance may and Special Forces Sergeant, and by trust, in which mistakes are
move forward in one of two possible now a TV personality and author, acknowledged and examined –
directions,” he warned. “I see signs who provided a vivid account of without reproach – in a spirit of
that compliance is being put back in his involvement in a hostage rescue shared learning and responsibility.
a box as an operations sub-function mission that had not gone according He explained how, in his military
rather than a judgement-making, to plan. While delegates sat experience, each mission, whether
Board-level function. And this is captivated by his insights into a world successful or not, was followed by
worrying.” He attributed this in part admittedly far-removed from the an immediate debriefing, which
to the Senior Managers & Certification realm of regulation and compliance, he described as being a ‘grown up
Regime, which has emphasised the lessons for the compliance conversation’ in which all participants
individual management responsibility practitioner began to emerge. recounted their actions, including
and accountability, moving the Notably, he stressed that operating what went well and what didn’t,
focus from compliance onto senior within an ever-changing, high without fear of reprimand. “In the
management ownership and Board pressure environment requires marines you are not afraid of losing
leadership. emotional resilience and situational your job,” he explained, “which
The silver lining to this potential awareness but, moreover, that breeds loyalty and trust.”
cloud is that a more strategic and when circumstances change rapidly He contrasted this with his
advisory role may yet emerge for and unexpectedly the value of experience of the business
compliance. “On the Board that I training comes to the fore, enabling environment since leaving the
currently chair, we are looking for a individuals and teams to adapt and military, remarking that in the
different style of compliance officer survive. “In the military, the training business world successes are often
who could sit on the Board in their trains you to fail,” he explained. celebrated and failures glossed over,
own right,” he explained. “We want “Halfway through a training scenario, before teams move rapidly onto
compliance to be operating upstream it will be thrown in that you fail.” the next task at hand, in both cases
in the design phase of products, That kind of training, he suggested, missing the opportunity for learning
working out how the algorithms work enables the individual to develop a and growth. It seems that the culture
in FinTech models, for example.” flexible mindset and the knowledge of blame or fear that persists within
The implications of these to manage in the face of potential many organisations – remarked
developments for knowledge, failure. It was a point that resonated upon at previous ICA conferences1
competences, and leadership strongly with the views expressed by – remains a significant hurdle to
opportunities would be discussed other speakers, regarding the value of achieving true maturity.
further in the panel session that strong standards of competency and
followed (see Box 1). the need for flexibility and lifelong
learning, core principles that have
Time to grow up? long been championed by the ICA 1. See, for example, “In Search of
The issues of growth and maturity, (see Box 1). Purpose”, inCOMPLIANCE Issue
raised in the keynote speech, Perhaps even more significant 24, p.21
inCOMPLIANCE®
15ICA AWARD CEREMONY
Acknowledging
Achievement
Simon Matthews recalls his experience
of the ICA Award Ceremony
T
he ICA Award Ceremony is held biannually to celebrate Welcome to the family
the achievements of students who have successfully The ceremony itself took place in the Great Hall and
completed an ICA Advanced Certificate, Diploma, or reverence was paid to the setting’s grandeur with the
Professional Postgraduate Diploma. It is also an opportunity opening address delivered by the ICA’s President, Bill
to recognise Members who have attained Fellowship status. Howarth. He welcomed us to the compliance family and also
The most recent event, which I attended as a new ICA thanked our own families for the support they had provided
Diploma alumnus, was held on 11 April at Lincoln’s Inn, in us during our studies.
London’s legal heartland. Graduates were then presented with their Certificates
It was a fitting venue in which to commemorate this and Diplomas in financial crime compliance and regulatory
cohort of compliance practitioners. One of four remaining compliance. These qualifications are a highly-regarded
Inns of Court, Lincoln’s Inn has an illustrious association with mark of competency, awarded in conjunction with the
education, having provided and overseen legal training for University of Manchester’s Alliance Manchester Business
over 600 years. Of the many notable barristers admitted as School. The courses not only provide students with new
members of Lincoln’s Inn, perhaps the most famous was Lord technical knowledge, but also connections to the compliance
Chancellor Thomas More, whose achievements in life (and community that will be equally beneficial to them in their
death) included being knighted, executed, and canonised. jobs. I am grateful to the tutors from International Compliance
While ICA graduates and Fellows are unlikely to achieve Training for their expertise and guidance in both aspects.
such a glittering or, mercifully, dramatic career as Henry
VIII’s nemesis, our demonstrable commitment to continuing Find your calling
professional development will help us to fulfil our potential. Nervously awaiting my turn to navigate a way to the
Achieving that is ambitious enough. stage to receive the plaudits, I reflected upon my own
inCOMPLIANCE®
16ICA AWARD CEREMONY
convoluted career journey. Being a beach cleaner, tennis
coach, support worker, and street food caterer had been
fun, but it is as a compliance manager that I have found my
vocation. Thankfully, when my time came, I completed the
choreographed handshake / certificate handover transaction
compliantly – my relieved expression at that moment
captured in high resolution by the official photographer.
The students who achieved the highest marks were also
individually acknowledged. Then it was the turn of the new
Fellows, whose quiet confidence came from the fact that
their enduring demonstration of the highest professional
standards spoke for itself.
A global community
The 24 jurisdictions represented by the 150 attending
students and Fellows shows that the ICA is not only
international in name, but also in reach. It was pleasing to
see, as the more diverse the organisation’s membership, the cleaned suit, that our lovely buffet was served on the table!
more it can influence practitioner competency, organisational Many thanks to the ICA and all those involved in organising
compliance, and regulatory standards worldwide. I, for one, such a thoroughly enjoyable event, memorable for the
want to be associated with that Association, and was proud historic location and the significant professional milestone it
to pin the badge confirming my newly-attained Member marked for so many of us.
status to my lapel.
After the presentations, we retired to an antechamber for Simon Matthews, MICA
some food and drink. When King Charles II was entertained
at Lincoln’s Inn in 1672, his “liberal banquett was served upon
the knee”1. And while that style of dining satisfied medieval 1. Golden Book, 1671 – 1673, Lincoln’s Inn archive
royal etiquette, I was glad, for the sake of my freshly dry
COMING SOON
ICA’s 2nd
APAC Conference 2019
(with pre-conference masterclasses)
Marina Bay Sands, Singapore
Register you interest at www.int-comp.org/conference-singapore
to receive exclusive offers, discounts and news about this event.
inCOMPLIANCE®
ICAA12025
17BEYOND COMPLIANCE
A critical
juncture
Compliance faces a key choice
about its future direction,
writes David Jackman
inCOMPLIANCE®
18BEYOND COMPLIANCE
T
he ICA’s 11th Annual Conference, practitioners from across the globe, An obvious sign is the way the Senior
held in London on 11 April discussed whether this meant that Managers and Certification Regime
2019, witnessed the further compliance professionals should see (SM&CR) initiative in the UK and the
development of The Big Compliance themselves as being generalists or UK Financial Conduct Authority’s
Conversation, with a focus on change specialists, but moved beyond this to (FCA) consultation on duty of care
– especially changing roles and skills recognise that what is needed most is (DP18/5) are playing out. Both
for compliance. professional depth as well as breadth. could be seen as a recognition that
I was delighted to provide the In deepening our profession the ‘traditional’ compliance systems have
Keynote address, in which I looked ICA, as our international professional not delivered the necessary degree of
back over my 40 years’ experience in body, has a significant role to play in cultural change expected – as 2008
the sector, tracing many of the changes helping compliance, AML and FCC showed only too clearly. SM&CR, by
that compliance has faced over that
period, and urging colleagues not to
see these as a never-ending stream of Figure 1: The Evolution of Compliance
challenges or cycles that have arrived
almost by chance, but rather as part
of a normal development journey – the
evolution of a more mature profession
(Figure 1).
This evolution has been driven
largely by a parallel evolution in
regulation, but the major pillars of a
fully-fledged regulatory regime are
now in place:
• Systems and controls (process)
• Ethics, culture and governance
(causal factors)
• Social impact and outcomes (results).
This provides breathing space for
compliance right now to have more
of a say in deciding its own future staff to provide the infrastructure, emphasising individual management
and to make its own choices, rather and education and necessary skills for responsibility and accountability, is
than simply reacting to continual compliance to step up. moving the focus from compliance
regulatory change. This therefore onto senior management ownership
represents a crucial turning point for Threat or opportunity? and Board leadership.
compliance (Figure 2): compliance But the landscape in firms is also Many would argue that this shift is
could either develop in new directions changing. There are many indicators a good thing, to integrate compliance
as a profession of strategic leaders, or of the way in which regulatory fully into everyday business, although
develop into an increasingly technical maturity is shaping Board thinking. it does suggest that compliance as
operations area of risk in what may
amount to a downgrade in its role
and status. Figure 2: A Turning Point
Beyond the baseline
While no one at the conference
was denying that compliance
needs a suite of technical skills to
demonstrate credibility and add
value to a business – and that these
skills do need to diversify, as many
speakers emphasised, particularly
in the areas of RegTech, FinTech
and artificial intelligence (AI) –
nevertheless, such technical expertise
should be taken as a baseline or a
'given' and is certainly not enough on
its own. Indeed, the main panel (see
p.13) session, bringing together key
inCOMPLIANCE®
19BEYOND COMPLIANCE
a function may become less to the business, or even a wise Raising the stakes
important. interpreter of a regulatory Handbook, In my role as a Non-executive Director
Alternatively, extending SM&CR but a source of professional opinions with oversight of compliance, there
could equally be seen as an that are innovative, different and that are other areas in which I can see
opportunity for compliance to take can be relied upon. compliance is making a distinctive
on a more strategic role with higher contribution:
status and further upstream in the Emerging areas • AI and automating advice
decision-making process. SM&CR The distinctiveness of the compliance • Cyber-security testing
will focus senior managements’ position is significant and worth • Investment management due
attention on the reality of their exploring, because there are a number diligence
regulatory requirements and this of new areas emerging that are • Building the case for Fairshare and
may make many staff more aware increasingly important to business, ‘Breathing Space’
but which no other function would • Platform selection
Compliance has, obviously take on.
At the conference we discussed
• Customer engagement.
perhaps, a freer implications of outcome-based I notice more widely that Board
choice than for a supervision placing an increasing
emphasis on the outcomes for
attitudes towards compliance functions
and staff are changing and bifurcating.
long time about different categories of customer, Some Boards prefer to see compliance
which way it especially vulnerable customers. as a technocratic support, addressing
wishes to go. The In the UK (and it is expected that
other jurisdictions will follow) firms
traditional monitoring and detailed
issues such as GDPR, or filing exception
choice is yours are required to have arrangements reports within the regulatory risk space.
in place to identify and deal with Others are becoming accepting of a
vulnerable customers in a range broader, more prominent stand from
of their legal responsibilities than of different ways. This is a major compliance raising significant issues
ever before. There has already been departure for many retail firms and on a range of subjects and proposing
the suggestion that some senior one in which the industry needs to business initiatives. There are no prizes
managers are asking for compliance work hard to develop realistic and for guessing which would see compliance
assistance in ensuring they can define practical measurement systems. sitting on the Board permanently or at
their scope of responsibility, their The subjects of consumer outcome, least being equivalent in professional
duty of care, and the obligations of
the code of conduct regime. This
allows compliance professionals Extending SM&CR could be seen as an
to become more directly involved opportunity for compliance to take on a
in corporate governance, to
demonstrate their expertise and
more strategic role with higher status
reinforce their claim to sit on and further upstream in the
company Boards as full members.
Having established this bridgehead
decision-making process
there seems to be opening up for
many in compliance the opportunity debt management and retirement status to legal or finance. These are the
to present plans, for example, on options, for example, are subtly stakes, in a nutshell, and compliance has,
improved governance arrangements nuanced and require skills a long way perhaps, a freer choice than for a long
and customer processes, enhanced from mechanical box-ticking, while time about which way it wishes to go.
product design or marketing, compliance has the opportunity to The choice is yours, but ICA and your
FinTech /RegTech solutions for offer more behavioural approaches, colleague Fellows and Members are here
many situations, or cost savings which are unlikely to come from other to help, guide and lead.
and clarifications in reporting parts of business at the moment.
transparency. To help, the ICA will be running a David Jackman MA
This new exposure to Board-level series of three-hour workshops in the PGCE FRGS FRSA is
problems and personnel requires next few months, starting in London ICA tutor, examiner
a confidence that compliance and the Isle of Man, specifically on and Strategic Adviser
doesn’t always possess but that these areas, for Members and Fellows. and Chair of Profile
professionalism brings and also These are designed to be the first that Pensions and NED of
needs a distinctive contribution that follow on from the ICA PG Diploma Pay Plan Ltd. He is
is based on sound judgment. This Masterclasses and build on the issues author of The Compliance Revolution
is not just about being an internal raised there all too briefly. (2015) and Corporate Maturity and the
consultant or a ‘trusted adviser’ Authentic Company (2018)
inCOMPLIANCE®
20You can also read
