risk regulations and compliance - volume 1api.ning.com/files/pq8pe*dabumuhdkjmgtd5rxmgwqt1w0... ·...
TRANSCRIPT
1
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 2
Copyrights
All rights reserved by the authors
To view our privacy policy, click the link below:
Privacy Policy
CONTENTS
Global Risk Series-Book 2 3
Contents
Copyrights ............................................................................................. 2
Contents ................................................................................................. 3
Introduction ........................................................................................... 5
Are EMIR implementation dates fixed? ............................................... 7
The CCP registration process .............................................................................. 8
When does clearing become mandatory? ............................................................ 8
Reporting .............................................................................................................. 9
Social Media Governance .................................................................... 11
DELL Leads The Way ........................................................................................ 12
Advertising financial products or services ........................................................ 13
Endorsements and testimonials in advertising ................................................ 14
Suitability of investment recommendations and products .............................. 14
SEC’s Books & Records Rules & FINRA Notice 10-06 .................................... 15
Business activities performed outside of firm activity ..................................... 15
Regulation S-P ................................................................................................... 16
Customer complaint filings ............................................................................... 16
Solutions ............................................................................................................. 17
My pick is the Market Leading GRC Platform MetricStream ......................... 18
Return on Compliance - The New ROI For Business Performance ... 19
Asset and License Management ........................................................................ 19
Automated IT Controls ...................................................................................... 20
Network Intelligence and Troubleshooting ...................................................... 21
Keeping Outsourced Vendors Compliant .......................................................... 21
Business Intelligence and Process Improvement ............................................. 21
MiFID II is coming – are you prepared? ............................................. 22
Solving Data Governance by Scaling Agile/Scrum ............................. 25
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 4
Derivatives regulation - a corporate treasurer’s nightmare .............. 28
End-user exemption under DFA ....................................................................... 29
End-user exemption under EMIR ..................................................................... 29
Visibility and control: the liquidity management mantra ................. 32
Trading swaps in a cleared world ....................................................... 34
Building a Global Tax Strategy .......................................................... 37
About the Tax Officers Summit XIV 2012 ........................................................ 40
About Marcus Evans Summits .......................................................................... 40
Cementing the Requirements of Dodd-Frank .................................... 42
About Marcus Evans .......................................................................................... 46
SOX Compliance with ERM: Managing the Risk of Misstatements .. 47
Setting priorities ................................................................................................ 48
Joining IT SOX and SOX compliance at the activity level ............................... 48
Assurance ........................................................................................................... 49
Saving money ..................................................................................................... 49
How SOX with ERM benefits the enterprise .................................................... 50
INTRODUCTION
Global Risk Series-Book 2 5
Introduction
Dear GlobalRisk Community member,
Regulation and Compliance Risks are the most
serious perceived threat both to global
corporations and small local based companies.
Understanding the issues around Regulatory
Compliance can be a difficult and frustrating
endeavor. Most Risk managers do not have a
legal background.
The language and requirements described in
legislation are not easy to pin to practical
working requirements. The problem is
compounded by the growing diversity of
regulations on a variety of levels — state, federal,
and international.
The second book in the Global Risk Series is
dedicated to Regulatory and Compliance affairs
to help you master this field.
Learn from some top experts in the industry as
they clearly explain how to tackle major
regulatory requirements. Check out their expert
tips and use the link at the end of each article to
navigate back to the website to leave your
comment or ask a question.
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 6
Special thanks go to members who contributed to
this report: Tom Riesack, Dheeraj Prasad, Mack
Frankfurter, Nicholas Downes, Jennifer Keljik,
Michele Westergaard, Steven Minsky.
ARE EMIR IMPLEMENTATION DATES FIXED?
Global Risk Series-Book 2 7
Are EMIR implementation dates fixed?
Posted by Tom Riesack on March 12, 2013 at 3:42pm
With ESMA’s (European Securities and
Markets Authority) regulatory technical
standards (RTS) codifying the European
Market Infrastructure Regulation (EMIR) into an
applicable set of rules entering into force on 15 March
2013, the implementation timeline for EMIR has now
become much clearer.
Tom Riesack
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 8
The CCP registration process
Under EMIR CCPs apply for authorisation with ESMA
to clear under EMIR. It is expected that this will happen
sooner rather than later. CCPs will have the required
paperwork ready to submit as soon as the regulatory
technical standards (RTS) enter into force. Rumours are
that up to 25 CCPs (EU as well as non-EU) might stand
in line to apply. The national competent authority then
has up to six months to review and approve the CCP
application and authorise the CCP.
When does clearing become mandatory?
The clearing obligation needs to be defined and put into
a respective regulatory standard. This is nothing more
than defining which products ought to be cleared via a
clearing house and in what time frame. The national
competent authorities (NCAs) will have one month to
notify ESMA of the classes of OTC derivatives already
cleared by CCPs in their jurisdiction. With the
authorisation of a CCP by a NCA a notification of the
clearing obligation should be issued to all market
participants. ESMA then has up to six months to prepare
a draft RTS specifying the classes of derivatives to be
cleared and from when.
ARE EMIR IMPLEMENTATION DATES FIXED?
Global Risk Series-Book 2 9
As for the clearing obligation, following the submission
by ESMA, the draft RTS will need to be endorsed by the
European Commission (one to three months) and non-
objected by the European Parliament and the Council
(one to three months) to become effective. The actual
date of application of the clearing obligation will depend
on the date of entry into force of these RTS and the
expected phase-in period per type of counterparty, to be
defined in the RTS.
Reporting
After the RTS enter into force, trade repositories (TRs)
can immediately start sending their applications to
ESMA. It is believed that up to eight TRs intend to
apply. ESMA then has up to two months to authorise
and register a TR but the exact duration of the
registration process will depend on several factors
including whether the application is complete, when it is
filed, and whether additional information has to be
submitted to ESMA.
Once the TRs have been registered, ESMA has up to 90
working days to enforce reporting to TRs for Interest
Rate Swaps and Credit Default Swaps (there are ongoing
discussions whether this already includes listed products
or OTC only). All other product types will need to be
reported from 1 January 2014 onwards. Reporting start
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 10
dates for certain asset classes are only applicable if a TR
has been registered for this asset class.
With timelines becoming clearer market participants
now have guidelines for their own implementation
projects. Those that have started already will feel
relieved that some of the dates have moved back (again).
But if you haven't initiated your own projects the time to
start is now.
Read this article on the website Click Here
SOCIAL MEDIA GOVERNANCE
Global Risk Series-Book 2 11
Social Media Governance
Posted by Dheeraj Prasad on February 17, 2013 at 2:00pm
BREAKING NEWS: Reed Hastings, the CEO of
Netflix an active Facebook user commonly posts
about the success of Netflix, often thanking
users of the service for their loyal support, which sounds
like the first line from a book on how to correctly promote
a product using social media. But Hastings may have
become a little too comfortable sharing certain aspects of
the company’s information. In July of this year, he
posted to his 240,000+ Facebook subscribers that
“Netflix monthly viewing exceeded 1 billion hours for the
first time....” SEC issued Netflix a Wells Notice, which
means SEC staff will recommend that the SEC issue
either a cease-and-desist action and/or a civil injunction
against Netflix and Hastings over the alleged violation.
(Source: Risk Management Monitor Link)
Did Hastings violate rules regarding selective disclosure?
Should all companies, especially those the size of Netflix,
have legal counsel review all social media posts
representing the company’s views? Should every
company employ a social media risk manager?
Here is a storified version I just published from my
twitter feed.
Dheeraj Prasad
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 12
DELL Leads The Way
Dell was one of the first companies to realize the
enterprise side risks around Social Media usage and
came up with a very innovative and industry leading
Social Media Certification through its Social Media
University.
Amy Fowler-Tennison is Dell’s SMaC University
Program Lead. Dell’s Social Media and Community
University program or SMaCU. The program is designed
to educate Dell team members on our overall social
media strategy, governance and principles. While many
social media training classes and documents are
available online, our program focuses specifically on how
Dell team members can use these tools to build authentic
and long lasting relationships with our customers.
The certification program was established last year to
equip team members to be effective Brand Ambassadors
for our company. Any team member, regardless of their
function or business unit, that wants to engage on behalf
of Dell in the social media space is required to complete
SMaC Professional Certification. Once certified, team
members receive an official certificate and they can start
interacting with customers within their area of expertise.
They can also request new social media pages, groups or
SOCIAL MEDIA GOVERNANCE
Global Risk Series-Book 2 13
accounts to be created with approval from the social
media leadership team.
Social Media Policy
Policy is a guiding light that governs organization and
individual behaviour. Building a Social Media Policy is
just the right FIRST step for an organization to start the
journey towards de-risking itself. Getting Started With
Your Social Media Policy is a very useful Step 1 for
organizations that are just beginning to build a Social
Media Policy.
Regulated companies have to be conscious about the
following aspects to stay compliant. (Source: Hearsay
Social).
Advertising financial products or services
Many regulated industries, such as life insurance and
securities, have strict rules on advertising language and
archiving procedures. For example, many states’
insurance laws provide keywords that cannot be used in
life insurance advertisements. Make sure your
employees are trained to avoid prohibited terms.
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 14
Endorsements and testimonials in
advertising
If you are a financial adviser, the SEC Adviser’s Act Rule
206(4)-1 bans client testimonials in advertisements
altogether. Hearsay Social recommends that investment
advisers disable LinkedIn’s recommendation function. If
you choose to enable the LinkedIn recommendation
function, pay special attention to third-party content, as
your employees’ recommenders may think they are doing
you a favor by providing a high level of detail about an
investment, product, or service. In reality, comments
may trigger suitability, monitoring, and archiving
violations. Similar challenges and concerns arise from
Facebook’s “like” function.
Suitability of investment recommendations
and products
Any recommendation to buy or sell a security must be
specific to each prospective investor to whom it is made.
As a result, specific investment products, services, or
valuations should never be recommended via social
media, as unsuitable investors will have access to the
recommendation on public social media sites.
SOCIAL MEDIA GOVERNANCE
Global Risk Series-Book 2 15
SEC’s Books & Records Rules & FINRA
Notice 10-06
Together, SEC Rules 17a-3 and 17a-4 of the Securities
Exchange Act and FINRA Notice 10-06 instruct broker-
dealers that they must 1) create a written social media
policy reasonably designed to supervise firm
communications, 2) train employees on the policy, 3)
distribute only suitable content, 4) pre-approve static
content, 5) monitor static and interactive content, and 6)
capture and archive firm advertisements and sales
literature for a minimum period of 3 years in an indexed,
readily retrievable format. For more information on
these regulations, please consult our whitepaper The
Financial Professional’s Guide to Brand and Regulatory
Compliance on Social Media. SEC Rule 204-2(a) of the
Investment Adviser’s Act of 1940 sets out similar
content, monitoring, and archiving rules for registered
investment advisers (RIAs) on investment
recommendations, advertisements, and other “business
as such.”
Business activities performed outside of
firm activity
Because securities firms may be held responsible for the
personal conduct of employees, it is especially crucial
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 16
that financial services companies prohibit their
employees from using personal social media sites for
professional use. Make sure your policy creates clear
boundaries on personal vs. professional accounts.
Regulation S-P
In addition to Regulation FD, financial institutions
should also consult the SEC’s Regulation S-P, privacy
rules promulgated under section 504 of the Gramm-
Leach-Bliley Act. This regulation concerns the disclosure
of nonpublic personal information about customers.
Nonpublic information includes any list, description, or
other grouping of consumers (and publicly available
information pertaining to them) that is derived without
using any personally identifiable financial information
that is not publicly available.
Customer complaint filings
FINRA requires that member firms report statistical
information regarding written customer complaints
relating to annuities and life settlement products. Make
sure to report customer complaints transmitted via social
media and handle them according to established
complaint handling procedures. This may require
workflow functionality.
SOCIAL MEDIA GOVERNANCE
Global Risk Series-Book 2 17
Solutions
CMP.LY Social Media disclosure solutions allow you to
mitigate risk, fulfill regulatory obligations and reduce
the overhead of social initiatives. Our easy-to-implement
social media disclosure platform leaves plenty of room for
companies of all sizes — even those in the most highly
regulated industries — to run effective and creative
programs.
HearSaySocial Enterprise-ready compliance for
regulated companies, including FINRA, IIROC, SEC,
and FSA regulated financial firms. Delight and equip
your compliance team with pre-approval workflow, real-
time alerts, supervision and approval trails.
Attensity Enterprise organizations recognize that
today’s social customers are actively talking about their
products and services on millions of sites across the
social web. Buried in these conversations are valuable
insights that can have a significant impact on their
business.
The Attensity Pipeline collects data from more than 150
million social media and online sources including the full
Twitter Firehose, public Facebook and Google Plus posts,
YouTube, Reddit, Pinterest, LinkedIn, blogs, forums, and
video and review sites. It uses the full power of
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 18
Attensity’s patented semantic engines to transform the
chaos of social chatter into actionable information for the
enterprise.
My pick is the Market Leading GRC Platform
MetricStream
MetricStream Compliance Management Solution
provides a common framework and an integrated
approach to manage all compliance requirements faced
by an organization. It enables companies to manage
cross-industry mandates and regulations such as SOX,
OSHA, EH&S, and FCPA as well as industry focused
regulatory guidelines from FDA, FERC, FAA, HACCP,
AML, Basel II, and Data Retention laws.
Read this article on the website Click Here
RETURN ON COMPLIANCE - THE NEW ROI FOR BUSINESS PERFORMANCE
Global Risk Series-Book 2 19
Return on Compliance - The New ROI For
Business Performance
Posted by Dheeraj Prasad on February 17, 2013 at 2:00pm
The business community spends a lot of time
worrying over the hidden costs of compliance
and risk management programs--but what
about the hidden returns?
Business Executives are looking to find ways to gain far
more value beyond risk mitigation or regulatory
conformance from the monitoring and policy enforcement
technology and procedures they put in place to support
compliance program. They just need to know where to
look. According to governance, risk and compliance
experts, there are a multitude of likely places where
enterprises can uncover added value from the compliance
investments they've already made.
Let us take the example of IT Security and Compliance.
The following benefits add value to a business.
Asset and License Management
Jason Creech, director of policy compliance for Qualys.
says he worked with one enterprise that saved close to $2
million simply by eliminating systems that their audit
tools had shown had not been logged into in over a year.
Dheeraj Prasad
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 20
"IT GRC programs with precise knowledge of exactly
what version software is running on each end-point can
give very accurate estimates when planning or justifying
an enterprise-wide software upgrades," says Tim "TK"
Keanini, chief research officer for nCircle. "This data also
helps govern commercial license agreements and
effectively monitors open source software deployed on
the network."
In this age of stiff penalties and lawsuits meted out by
the Business Software Alliance (BSA), the added value
that an audit tool that can double as a tool for
enumerating not just licensed applications being used,
but also unlicensed can pay big dividends in avoiding
more than malware risk, Creech says.
"I am sure any organization would want to know how
prevalent unlicensed app usage is in their environment
before the BSA knocks on their door," he says.
Automated IT Controls
Many organizations today are deploying automated
firewall management solutions to comply with
requirements set out by mandates like PCI DSS
According to Caroline Leies, managing director at
MorganFranklin, she once worked with a client that was
able to reduce the cost of IT controls by 10 percent as a
RETURN ON COMPLIANCE - THE NEW ROI FOR BUSINESS PERFORMANCE
Global Risk Series-Book 2 21
result of unexpected dividends from compliance-related
monitoring.
Network Intelligence and Troubleshooting
Monitoring utilities and Automated Vulnerability Tools
like security information and event management (SIEM)
tools are great for correlating security incidents, but
they're also quite useful as troubleshooting tools during
network-wide deployment projects.
Keeping Outsourced Vendors Compliant
With increase in outsourcing and deployment of IT
processes to global supply of IT vendors, compliance is a
critical factor that is on the mind of the CIO and
business leaders. Automated Audit tools and a GRC
platform is key to proactively managing risk.
Business Intelligence and Process
Improvement
Perhaps the most impactful hidden benefit of compliance
programs to the overall bottom line of the business are
the analytics that can offer actionable data to improve
business processes. (Adapted from a news on
http://www.darkreading.com/compliance/)
Read this article on the website Click Here
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 22
MiFID II is coming – are you prepared?
Posted by Tom Riesack on February 13, 2013 at 11:30am
After EMIR, Basel III and Dodd Frank, MiFID
II is now on the horizon. Are you keeping up
with the latest regulatory developments in the
market?
Alarmed by the impact of the latest financial crisis,
regulators globally have released a set of new
regulations. While most financial institutions are
already working diligently on the implementation of
EMIR, Basel III and Dodd Frank, the change in the EU
Council presidency to Ireland and the current
consultations around MiFID II give further incentives to
have a closer look at the challenges that the revision of
the Markets in Financial Instruments Directive (MiFID)
brings to market participants.
The final implementation challenges for Dodd Frank,
EMIR and Basel III are still coming, but now is the time
to prepare for MiFID II
The original MiFID legislation was introduced in 2007.
Since then, a number of changes to the marketplace have
taken place, including the rise of high-frequency trading.
The financial crisis has shown that transparency is key
to ensuring financial market stability, therefore a review
Tom Riesack
MIFID II IS COMING – ARE YOU PREPARED?
Global Risk Series-Book 2 23
of this critical piece of legislation was ordered and is now
in the final stages of the rule-making process.
While its impact concerns all areas of the securities
market and organisations involved in this space (e.g.
sell-side and buy-side banks, corporate end-users,
trading and post-trade venues, CCPs, CSDs) the
question that should be asked is not “Will I be
impacted?” but rather “How do I proceed?”
Better be involved before you get involved
Being a complex piece of regulation, MiFiD II requires a
thorough analysis to identify the impact it will have on
financial services firms. While the regulation affects the
full value chain, the main focus can be broken down to
the following areas:
Market Structure: Introduction of Organised
Trading Facilities (OTFs) and regulatory
requirements for Multilateral Trading Facilities
(MTFs)
Trade Automation: Introduction of tighter rules
governing the use of high frequency and algorithmic
trading
OTC Derivatives and Commodities: Extension to
further products not yet part of MiFID as well as
stricter regulation of commodities and corresponding
derivatives
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 24
Transparency: New requirements on transaction
reporting and data consolidation as well as on pre-
and post-trade transparency
Investor Protection: Strengthening client
protection and information disclosure
Organisational Requirements: Strengthening
customer rights and revision of sales staff incentives
(inducements)
Quick and decisive action may yield the chance to realise
synergies from the regulation and find new business
opportunities
Adapting to the required changes of MiFID II will no
doubt be costly and take a huge effort but there is light
at the end of the tunnel. A smart and structured
approach will enable institutions to leverage solutions
that have already been introduced as part of other
regulatory efforts.
With the start of this new blog series, Capco will report
selected developments and challenges regarding MiFID
II, and will run a forum for discussion. In regular
releases we plan to post updates on this topic, diving
deeper into certain parts of the regulation and, thus,
probe our understanding of the challenges ahead.
Blog authored Florian Zimmermann, Nicky Heber and Tom Riesack
Read this article on the website Click Here
SOLVING DATA GOVERNANCE BY SCALING AGILE/SCRUM
Global Risk Series-Book 2 25
Solving Data Governance by Scaling
Agile/Scrum
Posted by Mack Frankfurter on December 10, 2012 at 5:04pm
When all is said and done, regulatory
requirements comes down to data management.
Legislation like Sarbanes-Oxley and Dodd-
Frank have ushered in the necessity of adopting a data
governance program to align information accountabilities
amongst stakeholders, and to foster intelligent
collaboration between the business and technology.
“Data governance is a set of processes that ensures that
important data assets are formally managed throughout
the enterprise. Data governance ensures that data can be
trusted and that people can be made accountable for any
adverse event that happens because of low data quality. It
is about putting people in charge of fixing and preventing
issues with data so that the enterprise can become more
efficient. Data governance also describes an evolutionary
process for a company, altering the company’s way of
thinking and setting up the processes to handle
information so that it may be utilized by the entire
organization. It’s about using technology when necessary
in many forms to help aid the process. When companies
desire, or are required, to gain control of their data, they
Mack Frankfurter
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 26
empower their people, set up processes and get help from
technology to do it.”[3]
Key is providing checks and balances between those who
create/collect information, and those who
consume/analyze information. In any enterprise, much
less a large institution, this is not an easy task.
Some stakeholders are concerned with operational
systems and data; while others care mostly about
analysis, reporting, and decision-making. In fact, the
needs of stakeholders who are concerned about data
quality and controlling access to information may conflict
with stakeholders who want to increase the ability to
acquire and share content, records, and reports. In
addition, these needs must consider risk management,
data security, and legal issues. To make matters more
complicated, stakeholders tend to have different
vernaculars to describe their assumptions, requirements,
drivers, and constraints.
The question is how to best implement data governance
within an organization? It is one thing for a company to
desire or be required “to gain control of their data,” but it
is all together another issue to “empower their people”
and do it in practice.
SOLVING DATA GOVERNANCE BY SCALING AGILE/SCRUM
Global Risk Series-Book 2 27
The answer to the above question may exist in applying
Agile/Scrum methodologies and scaling the agile mindset
across the enterprise by implementing a matrix
organization.
Figure 1. Iron Triangle Waterfall / Agile Paradigm Shift
Continue reading Solving Data Governance by Scaling
Agile/Scrum
Read this article on the website Click Here
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 28
Derivatives regulation - a corporate
treasurer’s nightmare
Posted by Tom Riesack on December 4, 2012 at 7:00am
By Tom Riesack and Ute Herzog
In the ‘new normal’ of highly regulated
financial markets, corporate treasurers are
feeling the reverberations in their daily activities.
Corporates are using swaps to hedge their commercial
risks, stemming from currency, interest and commodity
price exposure. To mitigate such risks treasurers have a
whole arsenal of instruments ready to deploy such as
swaps, forwards and options as well as individually
structured products.
Under current bilateral trading agreements, corporates
typically do not put up any collateral with mostly one-
way netting agreements in place and sometimes no
netting agreements at all. Swap activities and the
resulting mark-to-market valuations are covered by
extended credit lines of their financial counterparties.
Pending regulations for the financial sector (especially
Dodd-Frank Act (DFA), EMIR and Basel III) will have a
direct impact on corporates who are classified within
these frameworks as non-financial end-users. Whereas
Tom Riesack
DERIVATIVES REGULATION - A CORPORATE TREASURER’S NIGHTMARE
Global Risk Series-Book 2 29
Dodd-Frank and EMIR require standardised swaps to be
centrally cleared, Basel III introduces the CVA (credit
value adjustment) charge which makes bilateral swaps
vastly more expensive as the amount of core capital
required is three times higher than before.
But corporates are granted exemptions under DFA and
EMIR:
End-user exemption under DFA
Exemption from mandatory clearing and trading if
swaps are used “to hedge or mitigate commercial
risk”
Notification to the Commodity Futures Trading
Commission required
Board approval to opt out of the central clearing
requirement
End-user exemption under EMIR
No clearing obligation as long as certain thresholds
are not breached
Thresholds apply to all trades not “objectively
measurable as reducing risks”, which means not
used to hedge commercial risks
Current thresholds for credit and equity derivatives
are € 1bn and for interest rate, FX, commodity and
other derivatives, € 3bn
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 30
Here’s the catch – no such exemption has been granted
under Basel III until now. The result is the application of
a CVA charge by financials when calculating the core
capital consumption needed for deals with corporates
although such trades would not be required to be cleared.
The respective cost of trading is likely to be transferred
to corporates making their hedging activities more
expensive. One estimate by a group of 17 large German
corporates puts this fi... and consequently there is still
industry confusion about which exemptions will be
granted.
The European Association of Corporate Treasurers
(EACT) is at the forefront of lobbying efforts to bring in
line the CVA charge application with EMIR exemptions.
But currently, corporate treasurers’ use of swaps could
move in different directions if an exemption under Basel
III is not achieved. Firms may:
Keep going as before and bear the additional cost of
trading
Adjust current processes to enable central clearing
of swaps, which would alleviate the cost stemming
from the CVA charge but would require corporates
to put up collateral that they typically do not have
DERIVATIVES REGULATION - A CORPORATE TREASURER’S NIGHTMARE
Global Risk Series-Book 2 31
Reduce or effectively stop the hedging of their
commercial risks to take on the risk rather than the
cost.
As David Lawton, Director of Markets at the FSA put it
in a recent ...: “These are not challenges that will go
away overnight […] I would encourage you to engage as
much as possible. Consider whether you need to amend
existing or enter into new bilateral credit support
documentation to meet new margin requirements.
Review existing operational processes to ensure they
conform with the new technical standards. Provide
notifications in good time to regulators if intending to
rely on exemption.”
Read this article on the website Click Here
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 32
Visibility and control: the liquidity
management mantra
Posted by Nicholas Downes on November 27, 2012 at 3:23pm
Liquidity has moved further and further up
banking executives’ agendas thanks to the
growing industry focus as well as regulatory
demands for more liquidity to be available in banks.
Following the 2008 crash, liquidity has established itself
as a risk concern for banks like never before – the failure
of Northern Rock was essentially one of liquidity not
funds. As a result, liquidity management strategies
continue to be at the forefront of any strategic risk plan.
A fundamental challenge for banks is that increasing
amounts of liquidity are needed to support clearing and
settlement, customer business flows and regulatory
requirements. This is happening in parallel with rising
costs of cash and high quality collateral while supply
remains restricted. To illustrate the extent of the issue,
it’s been estimated that European banks will need
approximately €2 trillion in qualifying assets to meet
new regulatory requirements.
As liquidity is a key resource, banks are reforming their
liquidity operating models so that systems give real-time
visibility to liquidity information. Visibility and control is
Nicholas Downes
VISIBILITY AND CONTROL: THE LIQUIDITY MANAGEMENT MANTRA
Global Risk Series-Book 2 33
now the mantra for effective liquidity management. This
trend for visibility and control meets its greatest
challenge in the supervision and management of
currencies that are cleared and settled indirectly through
agents. Pressure is rising from regulators and central
banks for banks with significant cash flows to be direct
members of clearing and settlement systems. Changes to
risk policies and pricing among leading settlement banks
are also driving rationalisation of correspondent banking
models and arrangements. Large networks with
replicated capacity are being trimmed down and demand
is growing for improved intraday information services.
As many bank departments use liquidity on a daily
basis, there must be enhanced controls in place and
banks must demonstrate active management, allocation
and pricing of liquidity. In addition, the payment
processes that handle intraday cash flows must provide
real-time control over scheduling and exposure to
external accounts and counterparties. Banks must take
steps to adjust their liquidity management strategies or
risk being hit by expensive collateral costs or
unfavourable liquidity risk profiles.
Nick Downes, principle consultant, Logica, part of CGI
Read this article on the website Click Here
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 34
Trading swaps in a cleared world
Posted by Tom Riesack on October 31, 2012 at 6:43am
Meet Joe. Joe is a swaps trader within a small
institution that has a straightforward hedging
strategy at both the micro and macro level.
Being a price-taker, Joe has built and maintained broker
relationships that enable him to easily get a swap priced
at an acceptable level provided counterparty limits allow.
Joe’s back office is practicing weekly collateral exchange
with various counterparties in cash. As such, Joe lives in
a very comfortable world.
But Joe is in for a nasty surprise. The practice of looking
for a good price from a trusted broker dealer is about to
be turned upside down. Regulations spanning from Basel
III and CRD IV to Dodd-Frank and EMIR will make the
decision of where to trade what and with whom a lot
more complicated. Deciding on a trade has become
extremely varied across cleared trades, electronic trading
and bilateral trades. A number of additional influencing
factors play a significant role with the added
complication that these factors are not always correlated.
Some factors are the:
cost of clearing
Tom Riesack
TRADING SWAPS IN A CLEARED WORLD
Global Risk Series-Book 2 35
size and cost of posting initial margin, at the CCP as
well as bilaterally
cost of collateral transformation
cost of capital
These are some examples of what Joe needs to consider
in the future:
If the intended swap is eligible for clearing, what
will the clearing cost be?
Collateral now needs to be posted daily, and not only
variation margin but also initial margin. And
margin posted to the clearing broker needs to be
paid on the same day. Where does Joe fund that
money from?
Which clearing broker do I use?
o This involves thinking about the impact on
initial margin requirements that the change of
the swap portfolio held at that clearing broker
would result in
o Interest on initial margins at clearing houses
typically does not yield market rates as clearing
houses take a cut, e.g. EONIA -30 basis points,
which would mean an interest loss as Joe needs
to fund the amount posted as initial margin at
market rates
o Would it now make sense to backload some
existing bilateral trades into clearing to reduce
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 36
the initial margin? How does that offset
correlate with the cost of backloading?
This train of thought is endless and it puts Joe in a very
dire situation. There is no immediate remedy such as an
algorithm that could be employed to help with his
trading decision. This calls for a set of strategic trading
policies that Joe should adhere to which should be
combined with regular reviews of such policies and their
resultant cost of trading.
The incoming regulations will no doubt be costly but
being smart and strategic in dealing with the
consequences ensures that the cost will not break Joe’s
or your business.
Next week marks the last instalment of the OTC blog
series, this time covering the impact of the new regulatory
regimes on corporates.
Read this article on the website Click Here
BUILDING A GLOBAL TAX STRATEGY
Global Risk Series-Book 2 37
Building a Global Tax Strategy
Posted by Jennifer Keljik on September 4, 2012 at 6:44pm
Melton L. Spivak, a speaker at the marcus evans Tax Officers
Summit XIV 2012, stresses the importance of having an
international network of contacts to help construct a global tax
strategy.
Interview with: Melton L. Spivak, Vice President of Property Tax, JPMorgan
Chase & Co.
Tax Officers must continuously build an education around the changes in tax
laws and procedures, says Melton L. Spivak, Vice President of Property Tax,
JPMorgan Chase & Co. Developing a matrix system that is relative to the
company and looking out for tax exemptions, are how property taxes can be
better managed and money saved, he adds.
A speaker at the marcus evans Tax Officers Summit XIV 2012, in Las Vegas,
Nevada, November 8-10, Spivak talks about the process for administrating
property tax being completely decentralized and how that is why organizations
fail to recognize property tax.
What strategies should tax professionals follow to manage property tax and save
money?
Professionals must stay current on changes in tax laws
and procedures. They should centralize all tax notices,
compliance forms and tax bills, and make sure that these
bills are the right ones. Opportunities for tax
exemptions, abatements and rebates should be chased.
Corporate professionals have to develop their own matrix
systems relative to their company. Companies that lease
a lot of properties should make sure that tax escalations
Jennifer Keljik
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 38
are audited. Maintaining a good relationship with tax
authorities is also an essential part of the strategy.
How can global tax directors prepare for the future in
these economic circumstances?
An international network of contacts must be built to fit
the needs of the corporation. These resources can then be
utilized to foster a global tax strategy. Successful
planning requires insight of political and tax issues.
Most importantly, tax professionals must never
compromise their integrity.
External connections can lead tax professionals to
information that is internally unavailable, and with this
knowledge they can gather advice on how to do a better
job.
Why do organizations fail to recognize property tax?
The administration, payment and approval of property
tax is typically decentralized. As a result, no methodical
way of determining where the tax opportunities are can
be calculated.
What advice could you give on property rates?
Corporate property tax managers should be preparing for
the 2015 Revaluation of the UK property tax/rates
system. These costs will be better handled by engaging
with a carefully selected rating surveyor who will review
BUILDING A GLOBAL TAX STRATEGY
Global Risk Series-Book 2 39
and propose an adjustment plan, or negotiate the
rateable values for corporations with significant
exposure to property rates.
How can tax executives efficiently benefit from tax
credits?
Depending on the amount of money involved and the
complexity of the credits, staff must be trained to handle
the tax credit process. Tax consultants or attorneys can
also be retained to maximize the available benefits.
What are some of the technology issues that they will have
to face in the future?
Government tax authorities will have to employ
sophisticated technologies to gather, analyze, validate
and process information to determine tax liabilities.
Global corporations will need to have the right software
to deal with growing informational demands, and find
ways of saving and recovering income from incorrect tax
bills. Training will be necessary to keep them ahead of
the curve.
Contact: Jennifer Keljik, marketing manager, marcus
evans, Summits Division
Tel: 312.540.3000 x6592
Email: [email protected]
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 40
About the Tax Officers Summit XIV 2012
This unique forum will take place at the Red Rock
Casino, Resort & Spa, Las Vegas, Nevada, November 8-
10, 2012. Offering much more than any conference,
exhibition or trade show, this exclusive meeting will
bring together esteemed industry thought leaders and
solution providers to a highly focused and interactive
networking event. The Summit includes presentations on
corporate tax management, global property tax
management, marketing the tax department, transfer
pricing, and identifying mitigating transfer pricing risks.
The Finance Network – marcus evans Summits group
delivers peer-to-peer information on strategic matters,
professional trends and breakthrough innovations.
Please note that the Summit is a closed business event
and the number of participants strictly limited.
About Marcus Evans Summits
Marcus Evans Summits are high level business forums
for the world’s leading decision-makers to meet, learn
and discuss strategies and solutions. Held at exclusive
locations around the world, these events provide
attendees with a unique opportunity to individually
tailor their schedules of keynote presentations, think
tanks, seminars and one-on-one business meetings. For
BUILDING A GLOBAL TAX STRATEGY
Global Risk Series-Book 2 41
more information, please contact summits-
Read this article on the website Click Here
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 42
Cementing the Requirements of Dodd-
Frank
Posted by Michele Westergaard on September 4, 2012 at 11:10pm
Interview with Houman B. Shadab, Associate
Professor of Law at New York Law School.
Houman B. Shadab is an Associate Professor of
Law at New York Law School. He is an internationally
recognized expert in financial law and regulation whose
research focuses on hedge funds, derivatives, and
securitization. Professor Shadab is a director of the
Center on Financial Services Law and the Editor-in-
Chief of the Journal of Taxation and Regulation of
Financial Institutions.
Marcus Evans had the privilege to hear from Houman B.
Shadab. Below he shares with us his perspective on key
issues facing the clearing and settlement process,
including how the Dodd Frank Act will affect the
regulatory landscape and how to prepare for the new
requirements.
Who do you think will feel the biggest impact of the
incoming regulations and why?
Houman B. Shadab: Dealer banks will probably feel the
biggest impact of the new regulatory framework as they
Michele Westergaard
CEMENTING THE REQUIREMENTS OF DODD-FRANK
Global Risk Series-Book 2 43
are one of the primary direct targets of the new
regulations. This impact will not only be due to the new
capital and margin requirements and general compliance
burden, but also due to the sea change in moving from a
bilateral, telephone-negotiated OTC derivatives market
to one where transactions are increasingly intermediated
electronically by clearinghouses and trading platforms.
The great shift from a bilateral environment to an
intermediated one will also provide new business
opportunities for the institutions and firms that directly
provide central clearing and trading services, and for
third parties that help make the process more efficient
and less risky, including brokers and providers of data
and collateral management systems. Asset managers
and other buy-side participants will also feel the impact
of the new regulations in the form of developing the
infrastructure required to trade in a centrally cleared
environment.
How smoothly is the regulatory process running and are
things running according to the anticipated timeline?
HS: It has been about two years since the Dodd Frank
Act was passed and so far the regulatory process is
running far behind its official schedule. In the area of
derivatives rulemaking, regulators have missed about
half of their deadlines for final rules. The regulatory
process is moving slower than mandated due to the
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 44
enormous volume of new rules required, the complexity
of the rules, and the fact that many rulemakings must be
coordinated among different regulatory bodies.
Regulators are also moving at a measured pace in
response to the large volume of input from industry and
other interested parties.
Is change for the better and how will it benefit the C&S
process?
HS: Overall, the operational and market structure
changes to the C&S process that began prior to the
financial crisis will make it more robust, efficient, and
transparent. Changes mandated by or that result from
the regulatory overhaul may also have the same effect.
But the movement towards a cleared environment will
also introduce new types of costs and risks to the C&S
process. For example, elevating the importance of
clearinghouses raises the stakes for regulators in
properly overseeing the operations of a new class of “too
big to fail” institutions. In this way, reducing
counterparty risks may increase systemic ones. Another
example of a new cost to the C&S process comes from
less cross-margining across different positions. Collateral
demands and operational costs may increase to the
extent central clearing does not enable as much cross-
margining as bilateral trading previously did.
CEMENTING THE REQUIREMENTS OF DODD-FRANK
Global Risk Series-Book 2 45
To what extent do you believe extra-territoriality will be
an issue?
HS: The extra-territorial reach of domestic laws in light
of changing local rules and market practices will be an
important issue for the foreseeable future. Derivatives
transactions often take place across two or more
jurisdictions and no two jurisdictions are developing the
exact same regulations or requirements. National
regulators are aware that their rules will lack any teeth
if they can be avoided simply by being carried out by
foreign subsidiaries or affiliates. Accordingly, Title VII of
the Dodd-Frank Act and other national derivatives
regimes will necessarily have an extra-territorial aspect
that may need to be addressed as part of a firm’s routine
compliance and operational practices.
Do you believe regulatory harmonization/ co-operation is
realistic and how do you think the regulatory process
could work towards this?
HS: Pure harmonization of regulatory requirements
across jurisdictions is neither realistic nor desirable. A
better and more feasible alternative to harmonization is
substituted compliance (or “mutual recognition”), which
entails a regulatory body exempting compliance with its
own rules so long as an entity is complying with a foreign
regime of comparable quality. Recently, the Commodity
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 46
Futures Trading Commission released guidance on how
to interpret the Dodd-Frank Act’s extra-territorial
application. That guidance relies largely on the concept
of substituted compliance in determining whether U.S.
rules apply to non-U.S. swap dealers or non-U.S.
branches and affiliates of U.S. swap dealers. Going
forward, we should expect to see other regulatory bodies
rely on substituted compliance as an alternative to
harmonization.
Houman B. Shadab will be a speaker at the upcoming
Collateral Management Conference, November 5-7, 2012
in New York, NY. For more information please contact
Michele Westergaard, Senior Marketing Manager, Media
& PR, Marcus Evans at 312-540-3000 ext. 6625 or
About Marcus Evans
Marcus Evans conferences annually produce over 2,000 high
quality events designed to provide key strategic business
information, best practice and networking opportunities for
senior industry decision-makers. Our global reach is utilized
to attract over 30,000 speakers annually, ensuring niche
focused subject matter presented directly by practitioners
and a diversity of information to assist our clients in
adopting best practice in all business disciplines.
Read this article on the website Click Here
SOX COMPLIANCE WITH ERM: MANAGING THE RISK OF MISSTATEMENTS
Global Risk Series-Book 2 47
SOX Compliance with ERM: Managing the
Risk of Misstatements
Posted by Steven Minsky on June 12, 2012 at 2:00pm
First, what is Sarbanes-Oxley (SOX)
compliance? It is the legal requirement for
public companies that senior management state
that their company’s financial reporting is accurate.
Sounds simple? The expense and the value are all in the
execution. How is that done? Simply put, the flow of
information from the financial reports themselves is
traced and connected to the activities that generate that
information and the resources that are depended upon to
generate that information. That sounds like, and can be,
a very difficult and time consuming process, but that is
where Enterprise Risk Management steps in to manage
the complexity.
How ERM Software benefits SOX
An ERM approach to SOX 404 compliance will
dramatically reduce control maintenance and compliance
testing activities as well as reduce your external audit
fees. What in specific you ask?
Steven Minsky
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 48
Setting priorities
Most organizations find it difficult to determine
objectively and systematically across business silos what
makes an operational control “key” or prioritize test
activities based on materiality of the risk of the control
they are evaluating. Risk assessments identify which
risks, and which controls over those risks within each
business process are scored the highest.
Joining IT SOX and SOX compliance at the
activity level
Any automated financial control depends on an
underlying IT system to run and be accurate. Most
organizations evaluate IT SOX compliance by one group
and the internal controls over financial reporting in
another without a direct connection between the two.
Connecting the specifics of all the touch points in IT and
vendor management to a control dramatically reduces
the scope of work for what needs to be tested. For
example, if an IT resource to a material control has not
changed within the past year, there is no need for
retesting. But most organizations not being able to
connect IT to key controls end up testing for SOX
compliance too many applications because their IT group
cannot determine what specific controls depend on what
SOX COMPLIANCE WITH ERM: MANAGING THE RISK OF MISSTATEMENTS
Global Risk Series-Book 2 49
parts of their IT infrastructure. The result is not only
wasted resources internally, but wasted expense paying
external auditors large fees do check and recheck this
redundancy!
Assurance
Having everything in one place and connected through a
risk taxonomy makes automated fact checking easy.
Combined with the setting of priorities in point #1 above
ensures you that your organization's most material
issues are covered by appropriate controls and testing is
up-to-date so that management has full transparency
and confidence in making their attestations.
Saving money
Removing the unnecessary redundancy and overlap
between IT SOX and SOX business controls reduces SOX
compliance testing and sign-off of testing activities.
Finally it reduces the external audit fees companies are
paying to review all of this unnecessary redundancy and
overlap. Look up your company’s audit fees disclosed in
your organization’s 10k to see what a 15-20% reduction
of that number is worth to your company each year.
Multiply that number by 2 times to get a sense of the
time your organization is putting in preparing for that
audit and supporting that audit.
RISK REGULATION AND COMPLIANCE VOLUME 1
Global Risk Series-Book 2 50
How SOX with ERM benefits the enterprise
CFOs need greater transparency into operational
activities, not just financial reporting accuracy. In the
process of achieving SOX compliance, a lot of valuable
information is collected that should be used to help other
functional areas and bring value to the rest of the
organization far beyond just SOX.
By using your ERM software to streamline SOX
compliance, like the six degrees of separation theory, all
the relationships between the activities and the effects of
the outcome of these activities can be used for other
purposes like business continuity, IT access rights
auditing, user defined application management, PCI
compliance, and so much more. Not only does this result
in a reduction of all these other activities by 40-60% due
to the reuse of information, but short term cost savings
are just the beginning as all this information becomes
connected to board strategy and performance
management goal achievement at virtually no additional
cost or time commitment. The result is better business
decisions and better performance management.
Watch this 5 min video for a case study on how others
add value to their existing SOX programs and reduce the
time to get their work done.
Read this article on the website Click Here