Briefing Note: Jersey Financial Services Commission Onsite Examination Findings.

Compliance monkey

The Jersey Financial Services Commission (“JFSC”) conducted an onsite examination of one of its fiduciary licensee’s which has resulted in a public statement being issued. The findings provide an insight in to the areas that our sister Island regulator is focusing on and the regulatory action they are taking in respect of their findings. I believe that the key points of the onsite examination are as follows;

Anti-Money Laundering and Combatting Financing of Terrorism (“AML/CTF”)

The key points made in respect of the examination of the area of AML/CFT noted the following areas as failure to comply with the AML/CFT regulatory requirements:

  • Out of date CDD.
  • Lack of sufficient evidencing of source of funds and source of wealth.
  • Lack of evidence to demonstrate that CDD had been sufficiently evaluated.
  • Inadequate evidence of EDD having been undertaken on High Risk customers
  • Inadequate evidence of the review of risk assessments.
  • Providing registered office only business and the issuance of Powers of Attorney with little control of the risks and oversight expected to be applied to these products.

 

An investigation was also undertaken into a customer entity that had received funds that may have been connected to a fraud. The investigation found the following matters of concern:

  • Mind and management not with the Jersey appointed Directors but with the beneficial owners.
  • Lack of questioning and properly understanding the activities of the customer entity.
  • Allowing payments to be made by the Customer entity without knowing or assessing whether adequate funds would be available to complete transactions.
  • Over reliance on the ultimate beneficial owners instructions and did not challenge the rationale for acquiring assets.
  • Receiving loans which did not have formal loan agreements and were from entities that had the same beneficial owners.
  • Failing to understand the source of funds through the customer entity.
  • Failing to consider adverse information made available to it regarding the source of funds received by the customer’s entity.
  • Receiving funds without knowledge of the remitter and paying them out the next day.
  • Failing to keep adequate books and records for the customer entity
  • Being re-active instead of pro-active in the management of the customer entity.

 

Breaches of the Code of Conduct of Trust Company Business

The key points that led to breaches of the Jersey regulatory framework and principles for the conduct of Trust Company Business were as follows:

  • Failing to act with skill, care and diligence.
  • Failing to evidence in writing decisions made.
  • Failing to identify conflicts of interests.
  • Failing to ensure adequate review procedures were implemented to monitor Trust Company Business.
  • Failing to maintain adequate internal systems and controls.
  • Failing to exercise an adequate level of Corporate Governance.

These failures led to remedial action having to be implemented as follows:

  • Directors stepping down and the appointment of new local Directors and a new Non-Executive Chairperson.
  • Review in conjunction with an external resource of the processes and procedures of the business to effect changes to strengthen its systems and controls.
  • Initiation of a review process of customer files to remedy customer due diligence deficiencies.
  • Remediation programme has been put in place to rectify issues identified by the investigation.

In conclusion I believe that a robust compliance function and a compliance monitoring programme encompassing the regulatory framework would have alerted the business to its deficiencies and assisted in the evidencing of areas of concern that required remedial action that were subsequently identified by the JFSC .  I recommend that the points raised are taken in to account in any Financial Regulated or Registered Business and assessed against its current compliance framework. If you do find that you have issues of concern or that you cannot adequately evidence compliance to the regulatory framework my advice is to form a remediation plan and inform the Commission as soon as practical. A problem shared is a problem halved, I cannot give any guarantees that you will not face regulatory sanction but being open and honest has the potential to reduce or negate the use of regulatory sanctions, as William Mason Director General, mentioned in his December 2013 address to the Industry.  If the regulator in our sister Island is looking at these areas I believe that the Guernsey Commission will also be.

Part of the Problem or Part of the Solution?

Image

One of the great things about compliance is that you get to assist licensees in creating and maintaining a suitable compliance framework. It is not just about meeting the regulatory requirements, part of the role is to also make a compliance framework that is suitable to also achieve the aims and objectives of the licensee’s business. I have worked as a compliance consultant, compliance officer and MLRO in the Regulated, Prescribed and Registered sectors of our financial services industry and each Licensee I worked for or provided advice to, was unique in its aims and objectives as were their products and services. For a Licensee to be successful in their business, aims and objectives as well as adherence to regulatory requirements, make up a bespoke compliance solution.

We are in an ever-changing business and regulatory climate, it’s not just the rules and the regulations that are changing but the approach the Commission takes in its supervision to Licensees. This leads to a real business problem for Directors in ensuring that their business meets the requirements and expectations of the Commission as well having to meet its own business aims and objectives. Compliance professionals can assist Licensees through their greater exposure to changes in industry practice and their exposure to the Commission and an understanding of the current supervision expectations. It’s really a no brainer having a compliance professional on tap and this will take away the worry of ensuring you are meeting the regulatory requirements and expectations while having a compliance framework that meets the aims and objectives of your business, or is it?

Having worked in many sectors of our financial services industry undertaking various roles to do with regulatory compliance and anti-money laundering and countering financing of terrorism does not mean that I am the font of all practical or theoretical knowledge in this area to be paid homage to and worshipped, I can assure you all I am not always right! Like everyone I am strong in some areas, adequate in others, and weak in a few (well maybe one or two). I always ensure that anything I undertake is something I can do well, and I believe it is refreshing to Directors when I turn round and tell them that what they are asking is out of my remit and refer them to compliance professional’s or experts who is more suitable. It is what compliance professionals and experts are there to provide isn’t it?

For compliance professionals contracts are their bread and butter.  This can lead them to grab everything that comes their way, with potentially their financial security coming at the expense of the quality of service and relations with a Licensee.  There is also the potential to obtain contracts for the financial security of the compliance professional rather than the financial best interest of the Licensee, leading to conflicts of interests.  I have previously advised Licensees to keep projects in-house due to the cost involved and more importantly that they were actually best placed to do the work themselves. It was great to be contacted later to be advised by the Licensee that they had decided that they were actually best placed to do the work and offered me a smaller contract which they did not have the expertise to undertake on their own.  Honesty means that Licensees will come back to you and also recommend your services, trust is a currency of the highest value.

Part of any compliance professional’s work is in writing and producing compliance documents and programmes to facilitate the Licensee’s compliance framework. It is all too easy for Licensees, who do not have the necessary compliance expertise in this area to unknowingly engage and pay for an all singing all dancing document that meets the regulatory requirements and some more, but won’t easily facilitate the achievement of the businesses aims and objectives. I once assisted a Licensee on review of the suitability of their compliance procedures that had been previously provided by a compliance professional. Their manual was at a very high level having a multitude of committees and quangos written into their procedures that would not be out-of-place in a global financial institution but totally unworkable for a firm that employed less than ten people locally and had a Board of six directors (inclusive of two employees). Though this document showed the theoretical prowess of the previous consultant, the manual was unworkable for the Licensee’s business and showed a lack of understanding of the regulatory framework. The Licensee had abandoned trying to follow the draconian requirements of this manual and had instead reverted to good industry practice, leading to the corporate governance headache of not following their own procedures. In this case the Licensee ended up paying twice to ensure that they had a suitable compliance procedures for their business.

Unfortunately there are compliance professionals out there who take on business they can’t service or do not have the expertise to manage effectively and/or facilitate adequately. There are compliance professionals who gold plate policies and procedures to impress their knowledge on the Licensee and obviously fail by not tailoring the policies and procedures to the business, leading to further costs being incurred by the Licensee. Unfortunately some compliance professionals negatively portray the Commission as a Vlad the Impaler archetype to scare Licensees into taking on unnecessary work due to potential misunderstanding of the rules or regulations or work the licensee would be best place to undertake themselves.

What can a Licensee do to minimise getting something that they do not require and ensure that they get the service they have paid for? It is all about doing your due diligence and I believe that the following points will be able to help a licensee.

  • Understand what knowledge and qualifications a compliance professional has.  They should be able to provide qualifications and a resume.
  • Get references or speak to previous customers of the compliance professional to get a feel of the suitability of the compliance consultant. The benefits of Guernsey is that it is quite easy to find out about people.
  • Talk to the compliance professional get a feel of their experience and knowledge, are they just about enhancing themselves, are they financially independent and are they interested in actually providing something that will enhance your business.
  • Is the compliance professional informing you as to potential or actual the regulatory issues or are they about scaring you into using their service.
  • Has the compliance professional got the capability and capacity? If it’s a firm is the actual person that will be undertaking work for you qualified, suitable and have the time?
  • Shop around with other compliance professional’s to see what they have to say about the work you need to be undertaken.

At the end of the day it is the Licensee and its Directors who are responsible for the suitability of their compliance framework and adherence to it, the Commission will hold them accountable for any failings regardless of who undertook the work. A compliance professional can be part of the problem if you do not do your due diligence on them or understand the needs of your business but, if you have done your research and you are aware of the requirements that you need to meet, they can definitely be part of the solution in achieving a suitable and sufficient compliance framework that meets the regulatory obligations, expectations and the business aims and objectives of the Licensee.

Diversity in the Boardroom

Lloyds Banking Group have committed to diversifying its business dynamics by pledging to make 40% of its senior executives women by 2020.  This good news story has though, been followed up by the news the Women attendees at Davos have slightly decreased, in essence still showing that the female proportion of the world population remains largely undervalued, unrecognised and potentially discriminated against.  Why is it that this amazing untapped natural resource remains under used and underappreciated?

It is well-known that to have a successful business you need to have an entrepreneurial Board that considers the risks faced and applies their collective experience to the issues while individually challenging ideas and mitigating risk.  Diversity in the Boardroom allows a safeguard against reckless behaviour or the undertaking of risk for self-interest allowing entrepreneurial spirit to flourish.  Diversity brings different skills, knowledge and backgrounds allowing the Board to collectively become stronger allowing greater stewardship of a Business whilst decisions and business opportunities can be openly challenged and investigated. With this in mind why is it that there is still a gender gap? Why is the Boardroom still the domain of the male executives in general? Should we go further than gender itself in order to continue to ensure that our financial industry remains at the forefront of the international finance sector and global financial community?

I believe that the reason that the Boardroom remains a bastion of the Male senior executive is down to education, opportunity and succession planning. Without education or equal opportunities the calibre and number of candidates to undertake these roles is significantly reduced. Whilst without the long-term succession planning of a business, education and career advancement opportunities for employees cannot be identified or put in place, this worryingly may lead to potential candidates becoming disillusioned.

Throughout my various roles I have had the opportunity to work with people of all genders and I truly believe that this has allowed me to develop personally for the better and has advanced me in my role as a compliance specialist.  I have always fitted a person to role in respect of knowledge and experience they possess rather than preconceived ideas of gender. I now find myself in a position where some of these people have succeeded in obtaining their goals, some have even surpassed me and this gives me the hunger to continue to challenge myself and achieve. I can’t help but smile at their achievements.

I have been lucky enough to be invited into the Boardroom to deliver my reports and provide advice.  Where the Board has been diversified by gender, I found that they were more confident, open to challenge and discussion. These Boards reviewed in-depth my reports and advice and sought through their individual integrity to collectively come to a decision that benefited the company from a holistic approach of regulation, best practice and the business of the company.

It is unfortunate to say that I have also delivered my reports and advice to Boards that have been male orientated and at times had a stagnant corporate governance culture.  In some of these cases my reports and advice were treated more as hindrance to the business and not considered in-depth due to a lack of challenge by the other Board members.  This has led to regulatory consequences that could have been avoided with the regulator pointing to a failure in corporate governance.  I can’t help but feel sadden by the cost in remedial action and reputation and the personal cost this has caused, due to a lack of diversification.

Though I believe in diversification I am against positive discrimination, as this can unintentionally lead to the achievements of people being discounted and discredited, this serves no purpose but to demoralise the person or a workforce and at worst create distrust and aggression through bullying.  By businesses taking the Lloyds example, over a period of time they can establish suitable practices for education and opportunity for all persons and allowing for successful succession planning to be put in place.  Allowing for people of any gender to be enthused to obtain education and seek challenging opportunities, this can only lead to a better and stronger corporate governance culture.

While the negative connotations surrounding gender must be challenged and put to the annals of history, I believe that the attributes of a person must be considered above gender.  It is often too easy to follow a fashion and rather than enhancing the Board or the Company, you increase the likelihood of a weak or defunct corporate governance system with a greater potential for reduced productivity or business capability, reputational damage and regulatory sanction. It also does not assist in the challenging of gender inequality.

The Board need the best people for the job at hand regardless of gender and we are in times where decisions made by Boards are being challenged by various stakeholders.  There are high-profile cases where failure of a business was down to self-interest, and unacceptable risk taking due to a failed corporate governance framework that could have been avoided by diversification of the Board by suitable qualified and knowledgeable persons, allowing for the challenge of business practices and decisions.

The need for effective reporting at Board level

The current financial crisis has brought many failings to the forefront, none more so than the failings of the Corporate Governance framework in businesses. The Corporate Governance framework allows for both business objectives and ethical drivers to be incorporated into a business whilst seeking to protect both the Business, its stakeholders and investors or customers. Are failings in Corporate Governance solely as documented in the newspapers and media reports down to the Board’s greed and disregard for its stakeholders, or was the compliance framework in these businesses defunct by opaque reporting by key functions?

We have been lucky in Guernsey to have been insulated from the crisis at large, but I know from experience and we all know from the Commissions industry presentations that Corporate Governance is a key regulatory theme that will be assessed on their regulatory visits to licensees, to assess the risk and reward culture of a business and assist in mitigating these risks successfully. While it has been acknowledged by the Commission that they believe that this is a healthy area, could there be licensees that have put together a good document but the statements made by them do not resemble their Business or their Business’s current prudential business plan or their current regulatory compliance status?

What must be remembered is that any Corporate Governance assessment undertaken by the regulator on a licensee will look at a multitude of documents and reports that make up the core of any Board meeting, such as compliance reports, risk mitigation, internal audit as well as the business plan. These reports must be factual, clear and concise and encompass the whole status of the business in order that the directors can evidence their oversight and rationale for their understanding of the business. Theses documents and reports must all fall into the Corporate Governance assessment by the Board of the Business.

Has the Board questioned the effectiveness of its compliance framework, from the Compliance monitoring programme to the actual board reports it receives? Has the Board allowed the compliance function and other key functions to provide an independent review or are these key functions in fear of upsetting the Board and reporting only what they deem the Board should know or focus on? The importance of independent, full and factual reporting by these key functions is of the up most importance. It is vitally important that those of us who undertake these key roles provide effective reporting on all areas of the Business so that the Board can discharge their obligations successfully. We must not be in fear of providing reports that show areas that require action or gaps as by doing so we only assist the Board in becoming ineffective.

I have been privileged to have worked for and with Boards who have proactively sought to allow their key functions to independently report to them allowing the Board to successfully document and encompass their key functions in to their Corporate Governance framework. This has assisted the Business in the formulation of strategy, goals and effective work practices. For those licensees who I have assisted in remedial work in this area, though it has been hard to start off with the end result has been commented on by these Boards as being beneficial to their Business, optimising understanding and discussion on current and future business opportunities, obligations and assisting in evidencing of why certain opportunities were not followed up.

In my experience the failings in a Business’s Corporate Governance framework are down to opaque and ineffective reporting by the Business’s key functions leading to the blind following the blind. Where ineffective compliance reporting or monitoring has been identified during a regulatory visit the Board are often criticised and this is generally reported by the Commission as a failure in Corporate Governance. While the business of the Business is vital the understanding of the Board as to its current regulatory compliance is as important and cannot be underestimated. If the Board are aware of issues that require to be enhanced or remediated it can deal with them, most of the time hand in hand with fulfilling its business objectives, but to be effective the Board must have the oversight by effective reporting.

The culture of Corporate Governance must not be seen as a tick box exercise or as a regulatory obligation that serves no practical use to a business. I would advocate that a good culture need not be expensive in time or cost but rather a tool to optimise the Business for all stakeholders. As stakeholders move from being passive the need to document and show your culture of Corporate Governance becomes more of a focal point in the overall success of your Business and its cost effectiveness, and in the next few blogs I will go more in to detail on this. An effective Corporate Governance framework adds to safeguarding a business by requiring effective reporting from the key functions allowing for the dynamism and entrepreneurial spirit that has become part of our industry to be exercised by the Board in the continual development of its products and services.