ICA International Advanced Certificate in Governance, Risk and Compliance (Unit 1) PDF

ICA International Advanced Certificate in Governance, Risk and Compliance Course Manual I305/14603 First Edition January 2023 Published by: International Compliance Association Fort Dunlop 6th Floor Fort Parkway Birmingham ENGLAND B24 9FD www.int-comp.org All rights are reserved. No part of this publication may be reproduced, stored in a retrieval system, mechanical, photocopying, recording or otherwise, without the prior permission of International Compliance Association. While all reasonable care has been taken in the preparation of this manual, neither International Compliance Association nor any of the authors accept responsibility for any errors it may contain or for any loss sustained by any person placing reliance upon its contents. © 2023 International Compliance Association I305/14603 Module 1 Introduction Module 1: Knowledge and Understanding Module Introduction The first Module in the Advanced Certificate in Governance, Risk and Compliance is focused on the knowledge and understanding you need to be able to recognise the reasons why so many sectors and industries are regulated, and therefore what regulated firms and organisations must take account of when responding to being regulated. Taking this understanding a step further, we need to recognise what regulation intends to achieve, for whom, and what factors have influenced its development over time. If we acknowledge these factors, then we will be able to identify how regulation could change in the future (and this proactive response will be explored in Module 2). A deeper dive into the practicalities of regulation is explored in Unit 2 where we will look at the fundamentals of regulation in action. Practical examples and scenarios will be reviewed, to help you position regulation within the context of a regulated firm. The Module closes with a review of governance, risk and compliance (GRC): what is it, why the component elements are significant, and how they interact to build the controlling mechanisms in any firm or organisation – whether regulated or not. 5 Unit 1 Why do we have to do what we do? Unit 1. Why do we have to do what we do? Learning objectives The objectives of this unit are for learners to: z analyse the reasons why regulations are needed and summarise the rationale for having them z describe the main objectives of regulation and examine how these apply in practice z explain how to identify the regulatory objectives in a particular business sector z summarise the main factors which shape regulation and identify key historical milestones and influential cases z examine the reasons why consumer and investor protection are critical in financial services and review significant examples of failure, and z identify any new developments in regulation that include universal ‘lessons’ pointing to the future of regulation. 1. Introduction: Why do we need regulation? Laws are rules that bind all members of a community or society, protect our general safety, and ensure our rights are shielded from abuse by people, organisations or even the government itself. Such laws exist at local, national and even international levels, and include things like: z food safety z speed limits on roads z licensing laws for health professionals z minimum standards of protection for employees, and z restrictions on pollutants emitted by road vehicles. In addition, laws protect individual citizens’ rights, such as freedom of speech, of religion, or of the media, and protect the individual from discrimination. Regulations can help protect the safety of individuals and other organisations from harm caused by business practices; this harm can be either physical or financial. Regulation affects entire industries, including financial services, and compels them, for example, to follow practices that protect consumers from financial harm. The counter argument to all of this is that market forces will effectively self-regulate firms, and that excessive centralised regulation can act as a deterrent to new firms entering the market, or prevent existing ones from diversifying into other business areas. But this is not necessarily beneficial to consumers. Opponents to this counter argument will quite rightly 7 Unit 1. Why do we have to do what we do? point to the evidence of historical abuses of power, and the fact that market forces take a long time to have positive effects. As an example, a fair financial services system with well-regulated (and therefore stable) financial institutions is a pre-condition for the sustainable development of the wider economy and benefits society. Effective regulation must cover all organisations in a sector, but the main challenge is that regulation is reactive, so anticipating and preventing crises from causing damage is increasingly impossible. 1.1 The rationale for regulation The grounds that justify regulation, in all industries, are normally based on the need for consumer protection. The case for the regulation of financial services and markets is no different. Consumers of financial services products are unlikely to know the true financial position of those firms in which they invest their money, as they have limited information on which to base their interpretation, and few possess the skills to do so effectively. This is known as ‘information asymmetry’: it exists between those well-informed experts who sell products and the less-informed consumers who buy them. For financial services, this position is made more difficult as the product purchased is often intangible. Money is exchanged for the potential of future financial gain, to facilitate a major purchase, or for security in the event of an unforeseen incident, which is sometimes difficult to see at the point of sale. Therefore, the sale of a financial product is not the same as the sale of a car or domestic goods, for which the consumer receives a physical product, and can immediately appreciate exactly what they have received in exchange for their money. In addition, the financial services product is secondary (or even irrelevant) to the consumer, who is understandably more focused on the goods and services they are seeking to purchase. Most financial products are also long-term contracts between the consumer and the firm, and before making a purchase the consumer should need to consider after-sales servicing and support, and the continued financial stability of the seller for the duration of the contract – and this may be neglected or ignored. There are other arguments to support the introduction of regulation within financial services, not least the vulnerability of the sector to financial crime, which does not exist to the same extent in other industries (financial crime is explored in Unit 6). Systemic failure within a sector of the economy is also of particular relevance to financial services firms, as financial relationships exist where the failure of one firm could cause what is known as a contagion effect, resulting in the failure of other firms within that industry. Regulation also acts to minimise monopolistic and anti-competitive behaviours. Well-established firms can enjoy substantial economies of scale over smaller or new competitors, and this economic advantage acts as a barrier to entry to the industry. This can lead to a reduction in competition and choice for the consumer, which in turn can lead ultimately to higher prices. 8 Unit 1. Why do we have to do what we do? 1.2 Counter arguments Arguments to counter the rationale for regulation should be considered. While it is generally accepted that the case for regulation is strong, the extent of regulation is open to question, and usually takes into account the following disadvantages. z Compliance with regulations costs money, and firms typically pass on these costs of regulation to the consumer, resulting in higher prices charged for the product or service provided. z Regulation, and the cost of compliance, can in themselves act as a barrier to entry to an industry by a new provider, and this could reduce effective competition and therefore consumer choice. z Diversification and innovation can be reduced by regulations that some might see as restricting creativity and innovation. 2. What are the objectives of regulation? Given the scale and scope of the international financial services industry, defining objectives for the many diverse regulators and their regimes can seem like an impossible task. In practice, however, although expressed in slightly different ways, there is a strong degree of commonality in the underlying aims of regulators. In May 2003, the International Organization of Securities Commissions (IOSCO) in its Statement of Objectives and Principles of Securities Regulation1 summed up the three core objectives underpinning regulation as: z the protection of investors z ensuring that markets are fair, efficient and transparent, and z the reduction of systemic risk, which is preserving the integrity of the markets. Although IOSCO’s report was specifically concerned with securities (stock markets and exchanges) regulation, these objectives serve other sectors equally well and, with some modifications, have largely been accepted by the world’s regulators. The full Statement was updated in 2017,2 but the objectives remain the same. Example The UK’s Financial Services & Markets Act 2000 (FSMA) imposes statutory objectives on the UK financial regulators, the Prudential Regulation Authority (PRA) and the Financial Conduct Authority (FCA). For the PRA,3 these are: z a primary general objective to promote the safety and soundness of the firms it regulates z a specific objective to contribute to securing an appropriate degree of protection for insurance policyholders, and 1. IOSCO, Objectives and Principles of Securities regulation, May 2003: https://www.iosco.org/library/pubdocs/pdf/ IOSCOPD154.pdf – accessed January 2023 2. International Organization of Securities Commissions, Objectives and Principles of Securities Regulation, May 2017: https://www.iosco.org/library/pubdocs/pdf/IOSCOPD561.pdf – accessed January 2023 3. Bank of England, The Prudential Regulation Authority’s approach to banking supervision, October 2018: https://www.bankofengland.co.uk/-/media/boe/files/prudential-regulation/approach/banking-approach-2018. pdf?la=en&hash=3445FD6B39A2576ACCE8B4F9692B05EE04D0CFE3 – accessed January 2023 9 Unit 1. Why do we have to do what we do? z a secondary objective of facilitating effective competition between firms. For the FCA,4 there is one over-riding objective: ensuring that relevant markets function well. This is achieved through the three operational objectives of: z protecting consumers – securing an appropriate degree of protection for consumers z protecting financial markets – protecting and enhancing the integrity of the UK financial system, and z promoting competition – promoting effective competition in the interests of consumers. Example Announcing the US Department of the Treasury’s Blueprint for a Modernized Financial Regulatory Structure in March 2008,5 Secretary Hank Paulson outlined his proposals for improving regulation of US financial markets. Our work led us to recommend a regulatory model based on objectives, to more closely link the regulatory structure to the reasons why we regulate. This model would have three regulators: z a regulator focused solely on market stability across the entire financial sector z a regulator focused on safety and soundness of those institutions supported by a federal guarantee z a regulator focused on protecting consumers and investors. A major advantage of this structure is its timelessness and its flexibility. There are four federal regulators with prudential authority over banks, thrift and credit unions, two overseeing government-sponsored enterprises in housing and consumer financial products, and three other federal regulators facilitating communications and coordination in member agencies. For the purposes of this unit, we will assume the following common core international objectives: z maintaining confidence and stability in the financial system by ensuring market stability and the soundness of financial institutions z protecting consumers, and z preserving market integrity, for example, by reducing financial crime and market abuse, and by facilitating competition in the interests of consumers. 4. FCA, ‘About the FCA’: https://www.fca.org.uk/about/the-fca – accessed January 2023 5. US Department of the Treasury, ‘Treasury Releases Blueprint for Stronger Regulatory Structure’, 31 March 2008: https://home.treasury.gov/news/press-releases/hp896 – accessed January 2023 10 Unit 1. Why do we have to do what we do? We will now consider each of these objectives in more detail. 2.1 Maintaining confidence in the markets Market confidence is the basis upon which a stable financial services system is built. As such it is the cornerstone of regulation and is closely linked to the other core objectives, particularly consumer protection. Confidence in the market is critical to the viability of national and global economic interests. Like any other markets, financial markets are dependent on customers doing business with them. The market relies on the undertaking of transactions, for example customers depositing their money in a bank account, paying bills, borrowing money on a mortgage or personal loan, using their credit cards, trading stocks and shares, taking and avoiding financial risks and investing for the future. If customers lose confidence in the integrity or stability of the market, they will avoid doing business with financial services firms. When this happens, it is not just the financial services industry that is affected – the whole economy suffers. Consumer confidence varies greatly over time and is judged at any given moment. Confidence can be lost in seconds but restoring it takes time – in some cases, years. During the 2008 global economic downturn, sometimes referred to as the ‘credit crunch’, we saw well-established names such as Bear Stearns, Lehman Brothers, Royal Bank of Scotland and Halifax Bank of Scotland destabilised in a matter of days, their strong track record and sound reputation providing no immunity from consumer concerns in prevailing conditions. Market confidence can no longer be viewed solely in terms of the local (which could be national or regional) market. Example The credit crunch is a good illustration of the interdependency of the various financial markets. The source of the global crisis was the US sub-prime mortgage market. Few, whether within or outside the US, were aware of the relevance of this niche market to their financial wellbeing. Many did not even understand the concept of sub-prime lending, yet the impact of the collapse of that market had far-reaching consequences in almost every corner of the world. 2.1.1 Loss of confidence due to financial scandals The credit crunch provides a great many examples, but it is not the only time there has been a loss of market confidence. Over the years, the financial services industry has been damaged by a series of financial scandals which have adversely affected confidence in the market or the regulatory system, on a national or international basis. Example: Collapse of Enron In 2001, Enron, one of the largest US corporations, collapsed following allegations of false accounting. Fraud, weak systems and controls, inaccurate and misleading financial reporting, poor corporate governance and collusion in hiding the problems by its external auditors were 11 Unit 1. Why do we have to do what we do? blamed for its downfall. This prompted widespread reforms in relation to international accounting standards and corporate governance. Each emerging scandal damages consumer confidence further. The loss of confidence in the above example was significant, owing to the levels of trust that the businesses had previously inspired. Trust may take years to build but is easily lost. In order to restore confidence, it is usual for regulators to respond to scandals by adding new or amending and improving existing regulation in an attempt to prevent a recurrence of the problems. Market confidence is easily damaged by poor conduct by financial services firms. Poor conduct was seen in the examples referred to above – whether that was poor company conduct and poor individual conduct in the case of Enron, or poor market conduct by the firms which invested heavily in sub-prime mortgage bonds and the derivative products that were subsequently traded globally. Examples of other financial scandals and the laws and other regulations implemented in reaction to them are considered in section 3 of this unit. 2.1.2 Market stability Maintaining the stability of the market is critical to maintaining confidence. Freedom to take legitimate risks (or taking ‘good’ risks) is an essential feature of a healthy market, but some minimum standards are required to ensure that firms are robust and able to withstand market and other economic shocks and the risks arising from their business model. Common features of international regulation include requirements that: z firms have robust internal controls and risk management practices to cope with the operational risks they take from day to day z firms have sufficient liquidity to meet their obligations as they arise z firms have robust controls and defences to protect against the risks of financial crimes being committed z firms have adequate reserves of good quality capital to protect against market shocks and fluctuations, and z senior managers responsible for running the firm meet appropriate tests of: z honesty and personal integrity z competence and skill, and z experience. In most sectors, minimum capital requirements are formulated by international bodies and adopted into local legislation and regulation. A move towards risk-based capital requirements means that after meeting minimum standards, firms have to calculate and allocate the additional capital required to support the specific risks that they run, having regard to their size, business and markets. In setting standards, regulators aim to instil confidence in the market overall, rather than in individual firms. As a result, regulators have not historically set out to avoid individual failures. Since, however, the collapse of a large provider could itself adversely affect 12 Unit 1. Why do we have to do what we do? market confidence, we have seen regulators and governments step in to prevent failures in these circumstances. Compare the following examples. Example: Lehman Brothers files for bankruptcy, 2008 In the US, there was a sense of shock that a firm such as Lehman Brothers – established in 1850 and perceived as one of the pillars of the investment community – could be allowed to fail. Yet no rescue package was made available, partly because of the firm’s status as an investment bank. As an investment bank, its failure, while shocking, did not directly affect the average person in the street and was therefore not expected to significantly reduce market confidence. Example: US government rescues Fannie Mae and Freddie Mac, 2008 By contrast, the collapse of mortgage guarantors Fannie Mae (short for Federal National Mortgage Association) and Freddie Mac (short for Federal Home Loan Mortgage Corporation) would have had a potentially catastrophic effect on market confidence. The US government therefore stepped in to guarantee the businesses. Fannie Mae and Freddie Mac do not lend directly to homebuyers, but buy mortgages from approved lenders and sell them to investors and offer guarantees to the original lenders. Between them they guarantee or own roughly half of the US mortgage market. Almost all US mortgage lenders, large or small, rely on Fannie Mae and Freddie Mac to some extent. The total guaranteed by the two businesses is approximately $6 trillion. At the time of writing in January 2023, Evergrande, China´s largest property developer, avoided a disorderly collapse in 2021 following intervention from the Chinese authorities. However, many firms in sectors such as construction services and building materials have had to absorb large losses because of Evergrande’s inability to pay its bills – leading to layoffs and redundancies. In fact, a widespread property downturn has emerged, which is impacting on China’s economy. The contagion effect of Evergrande’s ongoing difficulties on local and global markets is concerning, with some speculating that it may be China’s ‘Lehman Brothers moment’. The firm’s defaults on its obligations may cause banks to lend less which could lead to a credit crunch where firms struggle to borrow at affordable rates. Both traditional and digital stock markets have already been impacted, with both Bitcoin and Ethereum values dropping. It is unclear how Chinese regulators will respond. Any official resolution is expected to result in losses to institutional investors, individuals who have paid large deposits to have their homes built, as well as numerous banks, suppliers and employees. Some argue that a bailout is unlikely as it may send the wrong message given the government’s aim to reign in corporate debt. 13 Unit 1. Why do we have to do what we do? The fate of Evergrande is currently unclear, but what is apparent is that the situation contributes more uncertainty to a global economy already weakened due to the COVID-19 pandemic. Example: Energy market stability and the 2021/22 energy crises Energy market stability is central to sustainable economic activity and social welfare. Shortages in energy supply or sudden changes in energy prices (brought on by supply-demand imbalances) cause economic disruptions and affect the daily life of individuals. Volatility is felt at a macroeconomic level, bringing consequences like reduced investment, increased unemployment and lower production. The 2021/22 energy crisis serves as a good example of this: rapid global economic recovery from the COVID-19 pandemic means that countries are demanding substantially more energy than before, a demand that is not been met by sufficient supply, causing a surge in prices that may derail the recovery and hamper the transition to greener energy. Geopolitical uncertainty following the invasion of Ukraine by Russia, and the subsequent closing of the Nordstream 1 gas pipeline adds to the issues being faced. The energy demand and supply chain is truly global. For example, countries in the EU import fuels from Russia, and these imports are banned following the invasion of the Ukraine. In addition to the embargos, producer and consumer countries have conflicting price objectives – producer countries want them higher and consumer countries want them lower. Consequently, each would advocate for different regulatory measures, posing challenges for regulators in selecting appropriate market intervention policies. In late 2022, the EU and the US agreed a price cap on the price of Russian oil6 in order to restrict the revenue Russia receives, and thereby reduce its ability to continue with its invasion plans. The global nature and interdependence between producer and supplier countries can also have a negative impact on international geopolitical relations, with the US reported as having expressed concern that Russia may be using oil and gas as a political weapon. The EU Commission has been asked to investigate whether the actions of the Russian state-owned company Gazprom, in not increasing supply to the EU, are designed to keep market prices high.7 Faced with all-time high energy bills in 2022 across Europe, member countries like Spain have called for an EU-wide policy. However, with many suppliers being outside the EU, it is unclear how much power the EU can exert. The stakeholders in this market often have conflicting objectives, for example the profit and commercial objectives of energy firms versus 6. US Department of the Treasury, ‘Factsheet: Limiting Kremlin Revenues and Stabilizing Global Energy Supply with a Price Cap on Russian Oil’, 2 December 2022: https://home.treasury.gov/news/press-releases/jy1141 – accessed January 2023 7. Jillian Ambrose, ‘What caused the UK’s energy crisis?’, The Guardian, 21 September 2021: https://www.theguardian.com/business/2021/sep/21/what-caused-the-uks-energy-crisis – accessed January 2023 14 Unit 1. Why do we have to do what we do? governmental climate goals of lower carbon use and cleaner energy. A deep understanding of these objectives is central to generating balanced, effective regulation. Energy market stability is a global imperative, requiring regulation at a global level. Some of the key regulators and institutions are the G20, the International Energy Forum (IEF), the International Energy Agency (IEA), the Organization of the Petroleum Exporting Countries (OPEC), the International Renewable Energy Agency (IRENA), and the UK energy regulator the Office of Gas and Electricity Markets (Ofgem). Some of the regulatory initiatives used to preserve market stability include: z management of spare production capacity, for example OPEC seeks to mitigate oil price volatility by managing spare capacity z investment in local energy infrastructure and supply z international trade protection and collaboration z dialogue between policymakers and market participants z cooperation between energy institutions, and z increased competition amongst energy suppliers by facilitating market access for smaller energy companies. 2.2 Protecting consumers Protecting consumers is another essential component of market confidence. Whether a customer is depositing their wages in a bank account or investing substantial balances of pension fund assets with a fund manager, they have broadly similar concerns: z is the provider secure so that the customer can access their money when they need it? z can the provider be trusted to look after their investment so that they will get back the sum invested (and any return due on it)? And, z if something goes wrong, such as the provider going out of business, will their investment be protected? That is, are they eligible for compensation? Protection designed to satisfy these concerns is achieved by setting regulatory standards, usually called conduct of business rules, to prevent misleading, unethical, manipulative and fraudulent practices. Typically, conduct of business rules cover all dealings with the customer, including: z marketing and promoting investments z selling practices z provision of information, pre- and post-sale z after-sales service z complaint-handling processes and procedures, and z safekeeping of customers’ assets. Regulations vary according to the type of product, with more risky products generally being subject to more comprehensive and stricter standards. Given the wide range of customers, it is usual to weight the protection in favour of those who are least experienced, such as individual customers dealing on their own account, rather than businesses investing 15 Unit 1. Why do we have to do what we do? their assets. Example: Big Pharma Big Pharma is the nickname given to the world´s largest pharmaceutical corporations like Pfizer, Roche and Johnson & Johnson. Consumer protection is particularly important in the health industry and regulators in this space seek to protect consumers by ensuring that drugs and medical devices meet safety, quality and efficacy standards, and that consumers receive relevant and accurate product information. Big Pharma is often criticised for spending billions a year on advertising, while proportionately less is spent on research and development. It is noteworthy that from 1991 to 2015, Big Pharma firms entered into 373 settlements for marketing fraud with settlements totalling $35.7 billion.8 Fraud scandals, together with claims of mismanagement and greed, lead to mistrust in the industry and some argue that this mistrust and lack of confidence in the sector may have contributed to COVID-19 vaccine scepticism. Consumer protection is considered in much greater detail in section 5 of this unit. 2.3 Preserving the integrity of the market 2.3.1 Financial crime and market confidence Preserving the integrity of the market is an important regulatory objective. Financial crimes, especially money laundering, have long been a cause for concern to banks and other financial service providers. Example The conviction of the gangster Al Capone for tax evasion in 1931 is widely believed to be one of the earliest successfully prosecuted money laundering cases. At the time, the Mafia was investing the proceeds of criminal activities, such as prostitution, gambling and bootleg alcohol sales, by buying up launderette businesses. Launderettes offered cash‑based services enabling gangsters to use apparently legitimate activities to disguise the true source of the funds. However, the first time the term money laundering was used to describe the criminal activity was during the Watergate scandal surrounding former US President Richard Nixon in the 1970s. Historically, the face-to-face relationship between banker and customer made it easier to satisfy the know your customer (KYC) requirements. In recent years, however, the growth of banking using the Internet and other remote methods has highlighted an even greater threat to the global banking system from proceeds of crime and terrorist financing. 8. Kristin Compton, ’Big Pharma and Medical Device Manufacturers’, Drugwatch, 13 September 2021: https://www.drugwatch.com/manufacturers/ – accessed January 2023 16 Unit 1. Why do we have to do what we do? Example Already an area of international focus, the subject of financial crime, and particularly terrorist funding, came under close and immediate scrutiny in the wake of the 9/11 attacks on the US. This focus is even more pronounced today because of the activities of organised terrorists, and international efforts to identify and eliminate their sources of funding. Money laundering and other financial crimes are examined in more detail in Unit 6. 2.3.2 Market abuse A stable market depends on all users having equal access to accurate and up-to-date information on which to base their investment decisions. The use or misuse of information to gain an advantage – whether to buy or sell shares – potentially distorts the market and undermines its integrity. Example To indicate clearly to stock market investors in the UK that it will not tolerate market abuse, the FCA remains vigilant for instances of it, and combines its efforts with those of law enforcement to take action in the criminal courts. The outcomes of the court cases and those that are in progress are published on the FCA website as a deterrent to others. 2.3.3 Competition, innovation and transparency Fair competition can bring benefits to consumers and other stakeholders. It encourages product and service innovation, new ways of servicing consumer needs and can lead to better pricing. Anti-trust laws are regulations which encourage competition and are particularly important in monopoly sectors like energy, personal computer operating systems and telecommunications. However, competition must be in the interest of consumers – too much could cause confusion or even lead to an eventual withdrawal of choice if it becomes uneconomic for firms to continue to offer products or services. Innovation has the potential of offering consumers choices in alternative methods of delivery, different sources of funding and greater use of technology. Initially it may be aimed at a narrow sector of the market, but as its popularity grows it becomes more mainstream, and the benefits can therefore be appreciated more widely. Regulation must not deter innovation, but at the same time must continue to offer adequate consumer protection. A transparent market means no surprises. Firms must publish details of their activities and performance to help consumers to make informed choices. In promoting market integrity, regulators expect firms to be clear, fair and not misleading in all their interactions with consumers and other stakeholders. 17 Unit 1. Why do we have to do what we do? Example: The 1998 Microsoft anti-trust case The US Department of Justice accused Microsoft of trying to monopolise the personal computer market by making it difficult for consumers to install competing software on computers operated by Microsoft’s operating system, bundling programs into its operating system which meant that consumers had to buy the Microsoft Windows operating system to access a particular Microsoft application, and making it difficult to uninstall the company’s browser, Internet Explorer. Microsoft provided its browser software for free, which led to an increase in its market share and the eventual downfall of its main rival Netscape. The company was found guilty and ordered to separate into two distinct entities, one for the operating system and the other for software products. There are multiple ongoing anti-trust cases against the big technology companies. The biggest is currently against Google, which is accused of harming competition in search and online advertising.9 At just under 90%, Google has the largest share of the global search market. 2.4 Overlapping objectives It should be noted that the objectives discussed in sections 2.1 to 2.3 are not mutually exclusive. See Figure 1 below. Confidence Integrity Protection 9. Nicolás Rivero, ‘A cheat sheet to all of the antitrust cases against Big Tech in 2021’, Quartz, 29 September 2021: https://qz.com/2066217/a-cheat-sheet-to-all-the-antitrust-cases-against-big-tech-in-2021/ – accessed January 2023 18 Unit 1. Why do we have to do what we do? Activity Consider the following to understand the interaction between the objectives. Customers are concerned that their savings are at risk and cause a run on the bank. Which objectives are at risk here? Answer Concerns about the ability to access savings in full suggests a failure of the consumer protection objective. A run on the bank is likely to cause loss of confidence in the banking system in general, possibly causing similar situations at other banks. This suggests a failure of the market confidence objective. Any failure could be the start of concerns about the integrity of the overall market infrastructure so it could, in due course, give rise to a potential failure of the market integrity objective. The above effects are illustrated in Figure 2 below. Confidence Integrity Protection Activity A major bank is implicated in a money laundering scandal. Which objectives are affected here? Answer The risk that ‘dirty’ money may enter the system could give rise to concerns about the system’s integrity. This suggests a failure of the market integrity objective. 19 Unit 1. Why do we have to do what we do? The risk of the impacts of the scandal spreading to the rest of the market may lead to wider concerns about other banks, suggesting a failure of the market confidence objective. Although there may not be immediate concerns about protection, any loss of confidence in the system could cause customers to think about moving their money, so it is important to consider the long-term consequences for consumer protection. These effects are illustrated in Figure 3 below: Confidence Integrity Protection The examples in the activities above highlight how the failure of any one objective may – directly or indirectly – lead to failure of another. Activity How would you go about identifying the regulatory objectives of your own business sector? Answer Understand the purpose of the business sector and the role it plays. Understand the context of your business and sector. What are the internal and external issues that are relevant to its purpose and that affect its ability to achieve its intended objectives? Consider regulatory aspects, social and cultural contexts and the economic situation in the jurisdiction/s in which your business operates. Understand the needs and expectations of stakeholders and interested parties, including customers, competitors, regulators, shareholders and suppliers. 20 Unit 1. Why do we have to do what we do? For example, the purpose of telecommunications is the exchange of communication or information across distances. Communication is fundamental to how society operates, and telecommunications are the foundation of the digital ecosystems of businesses, governments, families and communities, and is a key driver of innovation and economic growth. Consider the important role that telecommunications played during the COVID-19 pandemic, by bringing people together during lockdown and allowing businesses to continue functioning. Telecommunications is clearly an essential industry and, like the financial sector, the objectives for regulation are to protect consumers (for example by increasing access and protecting privacy), avoid market failure by maintaining confidence and stability, and ensuring that the market is working properly by promoting market integrity and competition. Lower prices for international phone calls, SMS and data are an indicator of the level of competition, and regulators must often intervene to ensure this competition is fair. An example of this is the EU Roaming Regulation, which ended roaming charges for Europeans traveling within the EU. 3. How and why has regulation developed over time? In this section, we will look at the factors that determine the features of regulatory frameworks. The aim is to identify common themes and considerations; the roles, powers and methodologies of regulators will be reviewed in Unit 2. 3.1 Factors determining the shape of regulation Almost all financial services markets are subject to some form of regulation. In the UK and US, financial services have a reputation for being heavily regulated. Not all jurisdictions are subject to the same regulatory burden as many others adopt a lighter-touch approach. The extent and scope of regulation imposed is determined by a number of factors (see below). Constitution. The approach of different jurisdictions to how they develop national law may influence the different ways in which regulation is adopted in that country. Example US legislative powers come from the country’s written constitution and Bill of Rights, and the differences between federal and state laws. This has led to a heavily prescriptive rules-based system which relies on the allocation of these rights, and both the national and state legislature issuing regulations. Nature of market/product. The characteristics of the market will often determine the approach to regulation. Example Offshore financial centres (OFCs) are often believed to be low-tax regimes, usually with a lower burden of regulation than mainstream regimes, and with resistance to detailed regulation in certain areas (in fact, 21 Unit 1. Why do we have to do what we do? this is now becoming more a perception than a reality). Examples of OFCs include the Dubai International Financial Centre (which operates under a separate regulatory regime from the rest of the UAE), the Channel Islands of Jersey and Guernsey, the British Virgin Islands, the Cayman Islands, etc. Example The Swiss banking system is founded on the principle of privacy, which is strictly guarded and enforced by statute. Swiss law restricts information sharing with third parties, for example tax authorities and foreign governments, unless a court order has been obtained. Anonymity is obtained by means of numbered – rather than named – accounts, although to satisfy international money laundering requirements, all accounts must be linked to an individual whose identity has been verified. The effect of legislation in the US which requires US citizens to declare their interest income on overseas investments to the US tax authorities (the Foreign Account Tax Compliance Act – FATCA) means that Swiss banks have had to comply with disclosure requests in recent years, and this has reduced the strength of the secrecy laws. Experience. Lessons learnt from experience, particularly in relation to financial scandals, are a major driver of regulatory change. A list of key events that have affected the shape of international regulation can be found in section 3.3.1 below. Market or world events. Events such as 9/11 and the 2007–08 financial crisis have had a significant impact on world regulation. Political pressures and preferences. These tend to have a stronger influence over local, rather than international, regulatory developments. 3.2 Sources of regulation Regulation can come from a number of different sources. The first is legislation, the statutory codification of rules capable of enforcement through a court of law or judicial tribunal. Legislation may take the form of primary or secondary legislation, or rules set by a regulator. 3.2.1 Primary legislation This is the main source of law of a jurisdiction, often referred to as ‘statutory law’. Statutes are usually issued by the national parliament or another legislative body. The terminology used to describe statutory law varies by jurisdiction. Countries whose legal system is broadly based on the English legal system refer to a statutory law as an ‘Act’. These jurisdictions include: z the US z the Bahamas z Bermuda z Singapore, and z the Isle of Man. 22 Unit 1. Why do we have to do what we do? Others refer to statutes as ‘laws’, for example: z Cayman z Jersey, and z Guernsey. Still others refer to them as ‘ordinances’, for example: z Gibraltar z Hong Kong, and z Turks & Caicos Islands. Primary legislation often sets the framework of regulation, leaving the detailed requirements to be spelt out in secondary legislation. 3.2.2 Secondary legislation This is generally issued in the form of orders, regulations or statutory instruments (often referred to as subordinate legislation). It may be issued by the legislature itself, or primary legislation may include powers delegating authority for setting secondary legislation to another body – such as a regulator. As stated above, secondary legislation often provides the more detailed requirements, or may be used if there is a phased implementation of the legislation over a period of time. Example The FSMA 2000 sets the primary legislation in the UK. This is underpinned by secondary legislation that provides the additional details required, including: z the Regulated Activities Order z the Financial Promotions Order. The FSMA, the Bank of England Act 1998 and the Banking Act 2009 have been amended by the Financial Services Act 2012, which led to the replacement of the Financial Services Authority (FSA) with two new regulators, the FCA and the PRA. Further information on this act can be found at: http://www.legislation.gov.uk/ukpga/2012/21/contents Secondary legislation has the advantage of being easier to change than primary legislation and so can be adapted to address evolving issues or toughened up if it is not working. In the context of financial services, secondary legislation is often (but not always) drafted by a regulatory body which is empowered to do so by primary legislation. 3.2.3 Regulation set by a regulator The regulator sets the regulations. Depending on the constitution, these may or may not take the form of secondary legislation. Any set of binding requirements may be referred to as regulations. In the context of financial services, these usually mean 23 Unit 1. Why do we have to do what we do? the set of authoritative rules, and these are usually found in the rulebook, handbook or sourcebook of the relevant regulator. Regulation may take the form of principles, rules, high-level standards or detailed requirements. All these are binding and therefore capable of being enforced in the event of non-compliance. Rules and principles will be examined in more detail in Unit 2 when we look at how regulators approach standard-setting. Regulators may also issue guidance in certain areas, which, while not binding, may be considered persuasive. In some areas, regulators will go as far as offering a ‘safe harbour’, that is, immunity from enforcement, if firms choose to follow published guidance. 3.2.4 Self-regulation This is where the industry itself seeks to regulate conduct by issuing its own voluntary codes and ‘rules’. Monitoring compliance, and taking enforcement actions, are the responsibility of the self-regulatory organisations (SROs) which issue the codes. The main weakness with self-regulation is the limited powers of enforcement. While SROs often have the power to fine firms, they do not have judicial powers, and some may also only have limited powers to prevent firms continuing in business. This lack of ability to impose meaningful sanctions may be considered a significant weakness in this approach. 3.3 The regulatory timeline This section sets out significant dates and pivotal legislation that have shaped the international regulatory landscape, with a focus on the financial sector. Each regulated industry and sector will have its own significant events on its timeline. From the 1990s, global integration of financial services markets has increasingly resulted in greater internationalisation of financial services. While certain centres, for example the US, the UK and Japan, remain key players, the dominance of one centre is less obvious. Internationalisation brings great opportunities, but it also brings great risks. As we have seen in the past decade, a failure in one financial market is now likely to have a significant impact on other financial centres and economies. From its origins, the financial services industry has grown to become one of the most innovative global industries. The crucial role that it plays in all developed economies was clear during the credit crunch, where weaknesses in the financial services sectors led to global recession. 3.3.1 Key events that have shaped the current regulatory environment While national or regional regulation is more likely to be affected by political pressures and local custom and practice, regulation having international significance tends to be shaped by lessons learnt from financial scandals or major market events. Some of the events that have shaped international regulation over the years are described below. 1929 – Wall Street crash The 1929 stock market crash in the US and the resulting bank failures led to the passing of the Banking Act 1933. The Banking Act, also known as the Glass–Steagall Act after the people responsible for establishing the law, was passed as an emergency measure to 24 Unit 1. Why do we have to do what we do? counter the failure of almost 5,000 banks during the Great Depression and established the Federal Deposit Insurance Corporation to insure customer accounts. It prohibited any one bank from both accepting deposits and underwriting securities. This ensured that if a bank made significant losses underwriting securities, deposits would not be adversely affected. The Act’s main provisions were eventually repealed in 1999 (by the Gramm–Leach–Bliley Act) but the concept of deposit protection survives and is replicated in the regulatory structures of all major financial services jurisdictions. Indeed, in January 2009 US President Barack Obama made a speech which outlined proposals that would effectively bring back some of the Glass–Steagall provisions. The legislation containing these proposals is the Dodd–Frank Wall Street Reform and Consumer Protection Act (the Dodd–Frank Act) although there was some dilution of this legislation in the US during the Trump presidency. 1988 – Basel Accord Following a series of bank failures in Europe, the Basel Committee issued minimum capital requirements for European banks in a recommendation known as the Basel Accord (or Basel I). This was updated in June 2004 under the title of Basel II and in December 2010 as Basel III. The role of the Basel Committee is considered further in Unit 2, section 5.1. 1991 – The Bank of Credit and Commerce International (BCCI) BCCI was set up in Pakistan in 1972 and grew to become a major international bank operating in 78 countries. In 1991 the bank was the subject of a scandal involving money laundering, fraud, bribery and corruption, resulting in its failure. BCCI is sometimes jokingly referred to as the ‘Bank of Cocaine and Corruption International’ by commentators in response to the scandal. 1990s – Mis-selling of retail financial services products in the UK In the late 1990s and early 2000s, a series of unfolding mis-selling scandals in the UK led to heightened regulatory scrutiny of a number of retail financial services products sold in the 1980s and 1990s. In some cases, a formal review of past business and a programme for compensation was instigated. Products affected include: z pensions transfers and opt outs z additional voluntary contributions (AVCs) to pensions z mortgage endowments z split capital investment trusts z State Earnings-Related Pension Scheme (SERPS), and z more recently, the sale of payment protection insurance (PPI). What is mis-selling? Mis-selling is the sale of a product that is not suitable for the customer’s needs. There are a number of reasons why a product may not be suitable, but the most common is that the customer does not understand the risks associated with the product and takes on either undue risk, or a risk they were simply not made fully aware of. In the case of PPI, the customer may have been sold PPI bundled with the purchase of a product or service while being unable at any time, because of the PPI underwriting terms, to make a claim on it, perhaps for age-restriction, employment status or health reasons. 25 Unit 1. Why do we have to do what we do? The total bill for reviewing and compensating customers disadvantaged by mis-selling ran to many billions of pounds, the cost of which was borne by the firms that mis-sold the products. Many of the issues arose when the various SROs (see section 3.2.4 above) were regulating the industry. Concerns over investor protection were one of the key drivers behind the UK decision in 1997 to set up the FSA as the single regulator. One of the FSA’s statutory objectives was to secure an appropriate degree of investor protection. This was reinforced in its high-level Principles for Business, since adopted by the FCA, and which include the following criteria: z a firm must pay due regard to the interests of its customers and treat them fairly z a firm must pay due regard to the information needs of its clients and communicate information to them in a way which is clear, fair and not misleading, and z a firm must take reasonable care to ensure the suitability of its advice and discretionary decisions for any customer who is entitled to rely upon its judgement. 1995 – Collapse of Barings Bank Unauthorised derivatives trading by derivatives broker Nick Leeson in Singapore led to losses of over £800 million and the collapse of Barings Bank. Founded in 1806, Barings was the oldest and one of the best-known names in banking. The cause of the collapse was attributed to lack of systems and controls, especially appropriate oversight of trading activities. This led to a detailed review of systems and controls including senior management responsibilities by the Bank of England, then responsible for banking supervision, and formed the basis for the FSA’s Senior Management Arrangements, Systems and Controls (SYSC) requirement when it took over responsibility for banking supervision in 2001. 2001 – Collapse of Enron False accounting, fraud and weak systems and controls, particularly in relation to corporate governance, contributed to the downfall of Enron, one of the largest US corporations at the time of its collapse. This led to widespread reforms and reviews including: z the reform of international accounting standards z the introduction of the Sarbanes–Oxley Act 2002 (SOX), with an objective to protect investors by improving the accuracy and reliability of corporate disclosures made under US securities laws, and z a review of corporate governance codes in many jurisdictions. 2001 – 9/11 attacks on the United States The terrorist attacks in New York, Washington and Pennsylvania on 11 September 2001 and the subsequent ‘war on terror’ were the catalyst for comprehensive changes in anti money laundering (AML) and wider financial crime requirements worldwide. 26 Unit 1. Why do we have to do what we do? Examples In the US, the USA PATRIOT Act (the ‘Patriot Act’) was signed by President Bush on 26 October 2001, just seven weeks after the 9/11 attacks. The Act contains over 900 pages of legislation and has far-reaching consequences for financial institutions both within the US and throughout the world (see Unit 6). The events of 11 September 2001 also led to the development of a range of international best practice principles designed by the United Nations and the Financial Action Task Force (FATF – see Unit 2, section 5.6). These are aimed at preventing terrorist funding. In the UK, the Proceeds of Crime Act 2002 was passed in the wake of the 9/11 attacks to extend the definition of money laundering and make it easier to obtain confiscation orders in relation to any type of property gained as a result of criminal activity. 2003 – The Spitzer Review In 2003, Eliot Spitzer, New York State Attorney General, made allegations that 12 leading investment banks had compromised the quality of their stock research in order to win lucrative investment banking business. This led to a review of conflicts of interest management within investment banks and stricter controls on the separation of research and investment banking activities. 2007/08 – The ‘credit crisis‘ The ‘credit crisis’ deserves special consideration here given its unprecedented scale and impact on global markets. What is the credit crisis? The credit crisis is the term the world media have adopted to describe the problems in the financial markets arising from the lack of availability of affordable credit for businesses and individuals. What caused it? The cause is generally attributed to exceptional levels of repossessions and default in the US sub-prime mortgage market (mortgages to consumers with either limited or damaged credit history). Between 2004 and 2006 US interest rates rose from 1% to 5.35%. This increase in the cost of borrowing caused a fall in house prices and record levels of default on mortgages, particularly sub-prime mortgage loans. As much of the US sub-prime mortgage market had been securitised (sold on to other banks across the world to raise funds through ‘collateralised debt obligations’) the crisis spread. As sub-prime loans had been packaged with other, less risky, loans, banks were not able to immediately calculate their exposure to the US losses. While the extent of these losses remained impossible to assess, banks were unable or reluctant to lend to one another, because they could not adequately identify the risk 27 Unit 1. Why do we have to do what we do? of default. In turn, banks were less willing to lend to their customers. This sparked a global liquidity crisis or ‘credit crunch’. Customers who had previously depended on credit were unable to renew their facilities at the end of the existing term. Key events during the credit crunch A timeline setting out some of the key events affecting the banking sector is set out below. April–July 2007: the collapse in the US sub-prime mortgage market leads to concerns that loans sold on to other banks will not be repaid. As a consequence, banks become cautious about lending to each other. September 2007: the run on the UK mortgage bank Northern Rock is the first sign of a loss of confidence in the UK banking sector. January 2008: world stock markets suffer their largest losses in a day since 11 September 2001. February 2008: Northern Rock – a UK mortgage lender – is temporarily nationalised by the UK government in an attempt to restore consumer confidence in the banking system. July 2008: in the US, the financial authorities are forced to step in to bail out the country’s largest mortgage loan guarantee firms, Fannie Mae and Freddie Mac. September 2008: Lehman Brothers, a US investment bank with a substantial workforce in London, files for bankruptcy. The UK government announces that the mortgage bank Bradford & Bingley will also be nationalised. Arrangements follow those put in place for Northern Rock. Under pressure from the UK government, Lloyds TSB announces a bid of £12 billion to rescue Halifax Bank of Scotland (HBOS), the UK’s largest mortgage lender. October 2008: the US agrees a $700 billion rescue package for the US financial services sector. The UK government announces details of a rescue package for the banking system worth at least £50 billion. Other European governments follow suit. A number of Icelandic banks go into liquidation, leaving many private investors with large losses. 2010 and 2012: Greece, Ireland, Portugal and Spain all receive bail outs from the EU. 2013: an aid package is agreed with Cyprus which involves investors forfeiting a portion of their deposits and the closure of the nation’s second largest bank. Plans are agreed to create a single European supervisory mechanism to oversee the largest 150 banks in EU. June–July 2015: European Central Bank ends emergency funding. Greece closes banks and imposes capital controls. Voters overwhelmingly reject EU bailout terms in July referendum. 28 Unit 1. Why do we have to do what we do? 2016: agreement reached between Greece and the other Eurozone nations for additional debt relief over a period of years from 2018 onwards, together with further financial aid amounting to €11.5 billion to allow the country to repay some upcoming loan maturities. Changes prompted by the credit crunch Changes prompted by the credit crunch have been many and diverse. The enactment of the Dodd–Frank Act was a response to the credit crunch. It brought about the most significant changes to financial regulation in the US since the 1930s, amending almost every part of the US financial services industry, including preventing the US government from bailing out failing banks with taxpayers‘ money. The UK regulatory landscape was restructured from a unitary regulatory model to a twin peaks format, following criticism of the FSA during the credit crunch and a change of UK government, by the enactment of the Financial Services Act 2012. Macroeconomic regulation has been accepted as necessary by the international financial community, broadening out from the activities of the Bank for International Settlements (see Unit 2, section 5.2) and into local country regulation. The European Central Bank assumed the role for macro-prudential regulation in Eurozone countries, where it supervises the activities on individual central banks in each of those nations. 2008 – The Madoff Scandal In December 2008, a $50 billion fraud came to light. The fraud was perpetrated over a 20-year period by a previously well-respected hedge fund manager, Bernard ‘Bernie’ Madoff, who had been operating a ‘Ponzi-style’ scheme, using new investments to pay off existing investors rather than investing them for future returns. For more details, see section 5 below. 2014 – the LIBOR and FOREX scandals Examples of market manipulation were uncovered in both the LIBOR benchmark rate and the foreign exchange rate mechanisms, when it was revealed that traders from many firms in many different jurisdictions were colluding to set rates according to their trading positions, rather than according to the interaction between supply and demand. 2014 – Tesco plc. In 2014 Tesco issued a series of profit warnings prior to an announcement in September that it had overstated its profits by £250 million (later revised to £326 million). In one day, £2 billion was wiped off the firm’s value. The UK Serious Fraud Office (SFO) charged three executives with fraud, and the firm posted a £6.4 billion loss in 2015. 2016 – The Panama Papers The Panama Papers are documents obtained from a Panama-based offshore services provider called Mossack Fonseca. The documents were received by the German newspaper Süddeutsche Zeitung and shared by the International Consortium of Investigative Journalists (ICIJ) with the Organized Crime and Corruption Reporting Project (OCCRP). 29 Unit 1. Why do we have to do what we do? The more than 11.5 million documents obtained by the ICIJ – emails, bank accounts and client records – represent the inner workings of Mossack Fonseca for four decades from 1977 onwards. They reveal the offshore holdings of individuals and companies from more than 200 countries and territories. They recount example after example of ethical and legal wrongdoing by clients and provide evidence of a firm happy to act as a gatekeeper to the secrets of its clients, even those who turn out to be crooks, members of the Mafia, drug dealers, corrupt politicians and tax evaders. The leak also provides details of the hidden financial dealings of 128 politicians and public officials around the world. The records show how a global industry of law firms and big banks provided financial secrecy to politicians, fraudsters and drug traffickers as well as billionaires, celebrities and sports stars. These are among the findings of a year-long investigation by the ICIJ, Süddeutsche Zeitung and more than 100 other news organisations. The files expose offshore companies controlled by the prime ministers of Iceland and Pakistan, the king of Saudi Arabia and the children of the president of Azerbaijan. They also include at least 33 people and companies blacklisted by the US government because of evidence that they’ve done business with Mexican drug lords, terrorist organisations like Hezbollah or rogue nations like North Korea and Iran. ‘These findings show how deeply ingrained harmful practices and criminality are in the offshore world,’ said Gabriel Zucman, an economist at the University of California, Berkeley and author of The Hidden Wealth of Nations: The Scourge of Tax Havens. Zucman, who was briefed on the media partners’ investigation, said the release of the leaked documents should prompt governments to seek ‘concrete sanctions’ against jurisdictions and institutions that sell offshore secrecy. 2017–2018 – Danske Bank In one of the biggest money-laundering scandals in history, up to €200 billion of non‑resident money flowed through Danske Bank’s Estonian branch from 2007 to 2015 as part of the so-called Global Laundromat scheme. The scandal had many consequences, including: z the CEO resigned and was charged with neglecting his responsibilities z the bank’s former finance director was charged with failing to prevent the suspicious transactions z investigations were instituted by multiple regulators across Europe and the US z the bank was ordered to leave Estonia z the Danish authorities fined the bank $1.9 million z the share price dropped by more than 50% in 2020 , and z German authorities raided Deutsche Bank’s headquarters over suspicions connected to case, and ongoing criminal investigations. 30 Unit 1. Why do we have to do what we do? The case also highlighted the importance of whistleblowers in revealing such scandals. Howard Wilkinson, the former head of markets in Estonia, raised concerns in a memo to senior executives in 2013, but was mostly ignored. 2018 – Patisserie Valerie Trading in Patisserie Valerie (a UK bakery with a high street presence) shares was suspended after the board of directors found secret accounts with overdrafts of around £10 million, created by the finance director, Chris Marsh. Six people were arrested (including Mr Marsh) and the firm was placed into administration, prior to being sold for a fraction of its previous value. 2019 – Brexit The UK exit from the EU, referred to as ‘Brexit’, took place on 31 December 2019. After much regulatory uncertainty, the EU and UK finally reached a post-Brexit deal (the Trade and Cooperation Agreement) at the 11th hour at the end of 2020, effective 1 January 2021. The deal emphasises maintaining existing standards, but also allows for divergence. Differing views on the future of the EU among member states suggest that more political change can be expected in the coming years, bringing with it significant regulatory and compliance changes. Whilst these undoubtedly present challenges, they also offer a competitive advantage for compliance officers able to navigate the changing international waters. 2020 – Wirecard Wirecard collapsed owing its creditors almost $4 billion, in what may be the biggest corporate scandal in recent German history. Criticism of the German financial services regulator, BaFin, resulted in the European Commission asking the EU regulator, the European Securities and Markets Authority (ESMA), to investigate whether the collapse could have been prevented, and if the national regulator had enforced its reporting requirements properly. 2020 – Westpac, one of Australia´s four big banks, pays the largest fine in Australian history In September 2020, Westpac agreed with AUTRAC to pay a A$1.3 billion penalty relating to failures to properly report over 19.5 million International Funds Transfer Instructions (IFTIs), amounting to over $11 billion dollars related to possible child exploitation. 2020 – COVID-19 At the time of writing (January 2023) the ongoing global COVID-19 pandemic is likely to have long-lasting impacts on the regulatory environment. These impacts could range from financial resilience, forbearance with customers whose employment and income has been affected, regulatory intervention over dividend payments to shareholders and responding to increased financial crime risks and threats. 31 Unit 1. Why do we have to do what we do? Examples of where financial services firms may need to focus their attention include: z credit management – there will be an increase in the numbers of non-performing loans in both retail and commercial portfolios, as borrowers struggle to meet repayments z revenue compression – caused by lower margins, reduced revenues from loan repayments, and a general decline in trade z providing customer service and advice – the move away from direct advice and service to remote and online servicing will lead to challenges as diverse as minimising physical infection risks among colleagues to educating and training customers on using new apps, and z cost controls, operating models and innovation – profits will be lower, leading to the need for more strategic decisions on activity that will future-proof the business. In response, governments, central banks, regulators and various international bodies have taken action to try to protect and strengthen the systems and institutions upon which we all depend. For instance, initiatives have focused on government-backed loans, keeping interest rates low, regulator flexibility (for example the European Central Bank allowing banks to operate below capital and liquidity requirements), and support packages like that of the Monetary Authority of Singapore (MAS), in order to sustain and strengthen the capabilities of the financial services and FinTech sectors. As the pandemic is now a known risk, new challenges are arising. Some of these challenges relate to creating a suitable post-COVID workplace for both staff and customers, agreeing on a continued hybrid working model, an increased focus on corporate culture and conduct risk, the aptness of existing technology, leveraging the power of data analytics, managing compliance risk, enhancing fraud controls and adapting or introducing practices for those affected by COVID-19 (such as bereavement policies, rest options for those suffering from ‘long COVID’, etc). The pandemic has tested organisations’ resilience and some regulators, like the FCA and PRA, have started to set expectations regarding how firms should demonstrate their resilience through identifying their important business services and demonstrating how they would be recovered under conditions of stress. 2020 – The FinCEN Files In the US, as in other jurisdictions, entities covered by AML laws are obliged to file reports to the regulator in the case of suspicious activities or transactions on client accounts. This is done in an effort to assist regulators in combatting crime. The so-called ´FinCEN Files´ case relates to more than 2,500 leaked documents, most of which were suspicious activity reports (SARs) that banks sent to FinCEN – the US Financial Crimes Enforcement Network. As reported by the BBC,10 the case highlighted multiple shortfalls in the AML programmes of numerous banks, including HSBC who allegedly allowed fraudsters to move millions of dollars of stolen money around the world, even after it learned from US investigators the scheme was a scam, and JPMorgan who apparently allowed a company to move more than 10. BBC, ’FinCEN Files: All you need to know about the documents leak’, 21 September 2020: https://www.bbc.com/ news/uk-54226107 – accessed January 2023 32 Unit 1. Why do we have to do what we do? $1 billion through a London account without knowing who owned it, later discovering that the company might be owned by a mobster on the FBI’s 10 Most Wanted list. The fact that so many banks are involved makes the case different to other leaks, like the 2016 Panama Papers which covered documents from the law firm Mossack Fonseca, or the 2015 Swiss Leaks relating to documents from HSBC. The case raised the question of why these banks did not act on their suspicions. Furthermore, it established an impression of banks following a ‘tick-box’ approach in filling out their reports, without any concern for the outcome and whether it in fact assists authorities in investigating possible crimes or not – a classic case of making it SEP (‘someone else’s problem’). The events also raise questions about the effectiveness of FinCEN in investigating these reports. Robert Mazur, former US Federal Agent and author of The Infiltrator, pointed out that ‘Another piece of the puzzle falls at the doorstep of a law enforcement community that apparently isn’t focused or adequately resourced to effectively use the information in the sea of SARs that are filed each year’. Mazur suggests that: Those in financial institutions, FinCEN, and law enforcement agencies must be held more accountable. Having a system such as SAR filing and evaluation done in a black hole with no apparent real scrutiny of how well or poorly this system is being administered creates a scenario that, if compromised, could cause important information to never see the light of day.11 2021 – The end of the Trump era The 4-year Donald Trump presidency ended in 2021. According to Transparency International’s Corruption Perceptions Index (CPI) published in January 2021:12 With a score of 67, the US reaches its lowest score on the CPI since 2012. The Administration’s attack on the Foreign Corrupt Practices Act, the US anti bribery law that serves as a global gold standard, attacks on whistle-blowers, the challenge to oversight of pandemic relief funding and efforts to promote false claims of widespread voter fraud to undermine a free and fair Presidential election are all troubling trends. President Donald Trump campaigned on a promise of exposing issues ranging from special interests in government, to the use of shell companies by criminals, corrupt individuals and terrorists. However, a series of scandals, resignations and allegations of unethical behaviour suggests that he has only made the culture more entrenched and mistrusted. In 2019 he was formally impeached by the House of Representatives for abuse of power and obstructing Congress. Joe Biden was inaugurated as US President in January 2021. Biden spearheaded the Obama administration’s fight against corruption and in January 2021, Congress adopted a landmark anti-corruption and AML law banning the use of anonymous shell companies. In addition, the new law provides for beneficial ownership requirements applying 11. Robert Mazur, ‘FinCEN Files Confirm the Elephant in the Room’, RiskScreen KYC360, 30 September 2020: https://kyc360.riskscreen.com/article/fincen-files-confirm-the-elephant-in-the-room/ – accessed January 2023 12. Transparency International, ‘CPI 2020: AMERICAS’, 28 January 2021: https://www.transparency.org/en/news/cpi- 2020-americas – accessed January 2023 33 Unit 1. Why do we have to do what we do? to smaller companies (with up to 20 employees), and gives FinCEN authorisation to create a non‑public beneficial ownership database. Further, the law seeks to increase international cooperation and information sharing. Current Democratic lawmakers are also attempting to repeal some Trump legislation, for example the rule relating to methane emissions, and the rule that limits the power of small shareholders to present proposals related to environmental, social and governance (ESG) issues. However, the 2021 CPI revealed no changes to the score achieved by the US. 2021 – The European Commission AML package Presently, individual member states are being relied upon to implement the EU Directives. However, various money laundering scandals, like those at Danske Bank and ING, have extended across multiple jurisdictions and highlighted the ineffectiveness of the current EU supervisory approach to money laundering, as well as the weaknesses in local law enforcement within EU member states. In an effort to strengthen the AML framework, the European Commission launched an AML package in 2021. Its main areas of focus are: z a proposal to transfer parts of the existing AML Directives to a single rulebook/ regulation, which will then be directly applicable in the member states without the need for transposition into local law z a new cross-border Anti Money Laundering Authority (AMLA), which will take over from the current European Banking Authority (EBA), and is intended to possess direct supervisory powers over all regulated entities cross the EU including powers to impose fines, and z a coordination and support mechanism for member states’ financial intelligence units (FIUs). Although promising, it will take some time for this to have any impact, as member states still need to agree to the plan and the implementation of the package. Additionally, the AMLA is only expected to be operational in 2026 and the transformation of the existing EU rules into a single rulebook will take time, especially considering that some member states have not even implemented the current EU rules. October 2021 – The Pandora Papers Like the Panama Papers in 2016 and the Paradise Papers in 2017, the Pandora Papers relate to documents leaked to the ICIJ that expose the offshore corporate network that guards the anonymity of the true owners of companies, allowing individuals to hide their identities, their assets and their involvement in these companies. While the practice is not itself illegal, these often complex and opaque corporate structures present opportunities to conceal the traceability of assets and to circumvent laws.13 This in turn facilitates crimes like money laundering, tax evasion and corruption which are cloaked in secrecy – further complicating criminal investigations, and preventing justice and personal accountability. 13. ICA, ‘Pandora Papers’: https://www.int-comp.org/landing-pages/pandora-papers/ – accessed January 2023 34 Unit 1. Why do we have to do what we do? The leak revealed the secret assets and covert deals of politicians and people in public office, heads of state and multi-millionaires. Well-known names included former UK PM Tony Blair and his wife Cherie Blair, Claudia Schiffer, Julio Iglesias and Shakira. Below are some of the regulatory responses to the problem of concealed beneficial ownership covered in the ICA dedicated page related to the leak. z In 2013 the G8 summit committed to a common set of principles that would increase tax and beneficial ownership transparency. z In 2014 FATF published a report showing how companies and other legal arrangements have been misused. This concluded that the misuse of corporate vehicles could be significantly reduced if information regarding both the legal owner and the beneficial owner, the source of the corporate vehicle’s assets, and its activities were readily available to the authorities. z In 2018 the Fifth EU Money Laundering Directive (5MLD) required EU member states to establish beneficial ownership registers. z In June 2021 G7 Finance Ministers committed to strengthen national registers of beneficial ownership. These developments reflect increased commitment to tackle the problem, but many argue that they don’t go far enough. Transparency International has longed campaigned on this issue and in August 2021 published five recommendations aimed at establishing greater transparency. In the US, the proposed Enablers Act would require American lawyers, investment advisors, accountants and other gatekeepers who facilitate the flow of foreign assets into the US to conduct due diligence on their foreign clients.14 4. Our regulated environments Taking together all of the factors, elements, components, etc. which have an interest or a stake in an industry or sector, we can begin to build a picture of our regulated environment. We also use words like ‘stakeholders’ – any person, group, entity or organisation which is impacted by the sector in question. The stakeholders are not restricted to just those directly affected, either. Examples of directly impacted stakeholders include: z the firms in the industry or sector z the regulators of those firms, and z the consumers who purchase products and services from those firms. It would be too simplistic to suggest these are the only stakeholders, as the following are also involved: z the governments, who determine the broad policies and priorities of the regulators z society as a whole, as the firms in the sector generate gross domestic product (GDP), pay taxes and employ citizens; society members are also consumers and voters 14. Will Fitzgibbon, ´US lawmakers call for crackdown on financial ‘enablers’ after Pandora Papers´, ICIJ, 27 October 2021: https://www.icij.org/investigations/pandora-papers/us-lawmakers-call-for-crackdown-on-financial-enablers- after-pandora-papers/ – accessed January 2023 35 Unit 1. Why do we have to do what we do? (and therefore could influence government policy relating to regulation) z local communities benefit from employment by firms as employees support local businesses and services and spend their salary locally z employees are also stakeholders, both because of their livelihoods and because they are impacted by regulation, and z the media – whether published, broadcast or social – report and comment on the activities of firms in the sector. This in turn could lead to societal pressures on the firms or the governments. These are just a few examples of the possible stakeholders. Depending on the industry, there could be more. For example, if the industry is based on raw material extraction, the physical environmental impacts of operations will have significant effects on different stakeholders, such as environmental action groups (which could be local communities, could put pressure on government policy on regulation, etc.). From a practical perspective, the environment can be influential over the ways in which firms conduct their business. Compliance with laws and regulations in the different jurisdictions in which they do business is essential, and to a large extent, compliance is not an exact science with ‘standard’ responses. The biggest influence on how a firm is regulated (and therefore its response to being regulated) is often the culture in the country in which it is trading. The extent and depth of regulation – which (as mentioned above) is often dictated by cultural values – will drive the business model, and this in turn shapes the employment requirements and practices, products and services offered, and consumer segments targeted. In conclusion, the regulated environment shows similarities and differences in the objectives of its stakeholders, and the demands and influences of one or more of its stakeholder groups can change over time. Compliance functions and compliance professionals need to recognise this dynamic nature of the regulated environment, and be prepared and able to respond accordingly. 5. Consumer and investor protection – and new developments For the purpose of this section, ‘an investor’ is any financial services customer, not simply those that are engaged in more traditional investment activities. The term includes small savers as well as governments investing billions of dollars of taxpayers’ money. In practice, however, protection is weighted towards those with least experience of the markets so, generally, investor protection is taken to mean protection for retail, or individual, customers. As we saw in section 2.2 above, in most jurisdictions, consumer protection is one of the core regulatory objectives. While acknowledging the need for consumers to take some responsibility for their financial decisions, it is accepted that many consumers do not really understand the very complex details of the financial products and services that they buy. They are even less likely to understand how the marketplace for those products and services must perform to generate the returns that they expect. One key objective of regulation, therefore, is to help redress the imbalance in favour of consumers. To achieve this, there are a number of ways in which regulation attempts to provide the necessary levels of protection. 36 Unit 1. Why do we have to do what we do? Generally, only authorised firms can offer financial services. Before being permitted to offer financial services, firms must meet and maintain certain requirements, including the ‘fit and proper’ requirement for senior management. This is considered further in Unit 2, section 4.1. Regulators set conduct of business rules designed to provide customers with all the information they need both before and after the sale of the product or service. Conduct of business requirements are considered further in Unit 2, section 4.2. Regulators supervise authorised firms to ensure they are meeting the required standards. Steps taken to supervise and monitor firms are considered further in Unit 2, section 4. Regulators have the power to investigate and take enforcement action against firms that fail to meet the required standards. Despite the regulations designed to protect investors, sometimes things do go wrong. Although this often affects only individual investors, historically serious systemic failures have occurred that have greatly reduced market confidence. Example In 2008, the US Agency for International Development reported that inadequate bank supervision in the US in the 1980s and early 1990s had contributed to the failure of over 700 banks, with losses to the US taxpayer of $120 billion. Examples of other investor protection failures appear in the regulatory timeline in section 3.3 above. To ensure that concerns over investor protection are addressed appropriately, regulators have implemented additional safeguards: z strict rules and guidelines on complaints handling to ensure that customers are treated fairly z independent review of complaints in the form of an ombudsman or other independent oversight z compensation for investors affected by market failures. Compensation schemes came under scrutiny during the credit crunch as limits set before that time have proved too low in addressing investor concerns in the subsequent period. Case study: Northern Rock In September 2007, Northern Rock, the UK’s fifth largest mortgage lender, suffered the first run on a UK bank for 140 years, as a result of problems stemming from the credit crunch. Like other banks, Northern Rock used its retail deposits to fund its operations. However, it relied more heavily than other banks on raising additional liquid funds through the wholesale markets. Consequently, when banks stopped lending to each other, Northern Rock was affected more than most. 37 Unit 1. Why do we have to do what we do? The shortage of available liquidity led Northern Rock to seek an additional loan facility from the Bank of England and HM Treasury through the Emergency Liquidity Funding (ELF) provision. Although originally required as a precautionary measure, reporting about this emergency funding request caused panic among Northern Rock’s customers. Long queues formed outside branches as customers tried to remove their savings.

ICA International Advanced Certificate in Governance, Risk and Compliance (Unit 1) PDF

Document Details

Tags

Related

Summary

Full Transcript