(The Economist | May 2019) Excerpt from the article Rise of the No Men The past decade has brought a compliance boom in banking. A recent episode of “Billions”, a television drama about Wall Street, captured the rainmakers’ frustration: so fed up is “Dollar” Bill Stern with having his wings clipped by Ari Spyros that the veteran trader rams the side of the compliance chief’s Porsche when he pulls out of the car park of their hedge fund, Axe Capital.

“Some financial firms, particularly small ones, are outsourcing compliance functions or specific projects. Compliance Risk Concepts, an American firm that takes on such work, has seen demand for its services grow by over 30% a year, says Mitch Avnet, its managing partner.”

But pity not finance’s in-house policemen, for they have had a golden decade since the crisis. While swathes of banking have labored under cutbacks and stiff capital requirements, their headcount and clout have grown. Banks fined for aiding corruption, money-laundering and sanctions-busting have beefed up their compliance, risk, legal and internal-audit teams. Compliance officers will never be the rock stars of finance, but they have moved from drums to rhythm guitar. And though some banks hint at having reached “Peak Compliance”, staffing and investment are likely to remain well above pre-crisis levels.

Click here to read the full article>>>(subscription required)

The post The Compliance Boom In Banking | The Economist appeared first on Compliance Risk Concepts.

by Dan Dorsky, Principal, Anti-Corruption and Ethics Practice.

An enforcement action jarring the financial services sector has been resolved. Och-Ziff Capital Management Group LLC agreed to pay a combined penalty of $412 million towards its settlement with the Department of Justice (“DOJ”) and Securities & Exchange Commission (“SEC”) related to the agencies’ Foreign Corrupt Practices Act (“FCPA”) investigation into bribery activity in Africa. It is a criminal violation of the FCPA to provide anything of value to a non-U.S. government official in exchange for a business advantage. According to Och-Ziff’s August Form 10-Q, this resolution “could have a material adverse effect on the Company’s business, financial condition or results of operations.”

The settlement, announced on September 29, 2016, represents the culmination of a long-simmering investigation launched in 2011. At that time, the SEC began issuing subpoenas into the conduct of multiple financial services businesses concerning their dealings with sovereign wealth funds. In other words, the government appears to have been concerned that banks, investment firms, private equity and/or hedge funds may have provided benefits to employees of these sovereign wealth funds in exchange for business.

Dan Dorsky, examines the SEC's order in the matter of Och-Ziff Capital Management Group LLC and discusses what this settlement means to the hedge fund giant and the industry.

Download Hedge Fund Rocked By Bribery Investigation

Enter your information below to download your complimentary copy of Dan Dorsky's Bulletin: Hedge Fund Rocked By Bribery Investigation

Email *

First Name *

Last Name *

Company Name *

Phone *

Δ

ABOUT DAN DORSKY

Mr. Dorsky’s background combines public service in the Department of Justice and work in the corporate sector as well as service in private practice and in the nonprofit sector. He has represented companies in dealings with the DOJ and the Securities and Exchange Commission in arriving at favorable resolutions.

Mr. Dorsky served as Senior Compliance Counsel at Tyco where, as part of the post-Dennis Kozlowski clean-up effort over a five-year period, he developed and implemented global compliance with the Foreign Corrupt Practices Act (FCPA). The company’s highly successful resolution with the Department of Justice and the Securities and Exchange Commission resulted in a Non-Prosecution agreement and no monitor. After the merger of Tyco’s Flow Control Division with Pentair, Mr. Dorsky most recently served as Pentair’s Vice President and Chief Compliance Officer, where he brought its Flow Control division to a successful resolution of its three-year period of self-reporting to the DOJ under Tyco’s FCPA settlement.

At Tyco, he led and oversaw global investigations, and helped conceive and drive the implementation of state-of-the-art compliance initiatives, such as Tyco’s groundbreaking Third Party Management Program. Click here to learn more about Mr. Dorsky.

The post Bulletin: Hedge Fund Rocked By Bribery Investigation By Dan Dorsky appeared first on Compliance Risk Concepts.

Today, there is a new paradigm of regulatory expectations, creating increasingly daunting compliance and operational risk management challenges on FINRA registered broker-dealers. Many of these challenges are related to the governance and control environments, specific to the data that is so heavily relied upon to ensure broker-dealers continue to meet the ever expanding list of ongoing regulatory and compliance requirements, aimed at customer protection and market integrity. Given FINRA’s 2016 examination and regulatory priorities, it is evident that data management and data integrity is and will continue to be a focal point for regulators for the foreseeable future. Understanding the magnitude of data related issues that have surfaced within our industry, CRC is committed to providing our clients and prospects with practical solutions to data related risks specific to broker-dealers. Based on the above, CRC is pleased to announce our joint guide with Gresham Computing on Data Integrity and Governance for FINRA registered broker-dealers. This guide provides insight into the discrete data related issues faced by broker-dealers, offering readers an opportunity to understand the common data related struggles faced by our entire industry, as well as a solution aimed at alleviating these issues in a cost-effective and practical manner.

Download Complimentary Whitepaper

Submit the following to be taken to your complimentary copy of the Regulatory Compliance Series Data Integrity and Governance whitepaper for FINRA registered broker-dealers.

Email *

First Name *

Last Name *

Company Name *

Phone *

Δ

The post Regulatory Compliance Series - Data Integrity and Governance [whitepaper] appeared first on Compliance Risk Concepts.

CRC Announces Forthcoming Whitepaper Addressing Data Quality and Data Integrity Issues Impacting Broker-Dealers

CRC is pleased to announce a forthcoming whitepaper written in conjunction with Gresham Computing plc addressing data quality and data integrity issues impacting FINRA Registered broker-dealers.

As we’ve all recently learned in FINRA’s Regulatory and Examinations Priorities Letter for 2016, FINRA is focusing on the following areas specific to broker-dealer data:

• Operational breakdowns specific to changes from legacy to new compliance systems
• Technology governance and change management practices related to algorithm maintenance (including order-routing algorithms)
• Back-office and vendor system changes
• Lifecycle development and new system implementation
• Data quality controls and reporting practices
• Verification of the accuracy of data sources relied upon to conduct monitoring and surveillance

Since CRC’s inception in 2013, our organization has dedicated itself to helping financial services firms address regulatory issues in a practical and actionable manner.

Our forthcoming whitepaper will not only pinpoint the issues most / if not all broker-dealers are facing as it relates to their data management – it will provide insight into a practical solution that will efficiently and cost effectively assist broker-dealers in mitigating the discrete regulatory risks specific to data quality and integrity.

Sign up and be among the first to receive this exclusive whitepaper:

 Click Only Once Please!  Processing may take up to 90 seconds

The post See Ya Lata – Bad Data! appeared first on Compliance Risk Concepts.

Goldman Sachs Group, Inc. will report earnings on 10/15/2015 before the market opens. Last week Goldman publicized that it would announce its earnings via Twitter (@Twitter). The talk since the publication has been about the use of social media and Twitter becoming a viable and safe competitor in the field of company news distributors. That talk and the Twitter announcement by Goldman (@GoldmanSachs) maybe helping to drive Twitter stock price upwards. The timeline below suggests that Goldman, Twitter & Square (@Square) are tightly entwined. It
isn’t clear that there is any customer harm from the relationships or other type of wrongdoing. However the timeline is an interesting window into actions that appear isolated and how they may be related:

5/18/12 – Goldman Sachs is third banker on the Facebook IPO loosing out to Morgan Stanley and JP Morgan 11/7/13 – Goldman Sachs leads Twitter IPO with Investment Banker Anthony Noto as the lead banker 5/13/14- Anthony Noto resigns from Goldman Sachs 7/1/14 - Anthony Noto announced as the CFO for Twitter and according to executive compensation filings the highest paid executive at Twitter 7/1/15 – Jack Dorsey becomes interim CEO of Twitter – Anthony Noto is widely speculated to become CEO. 7/24/15 - Square with Jack Dorsey at the helm filed for an IPO at the same time Twitter states that Jack Dorsey who is interim Chair of Twitter will not be permanent as long as he is at Square. 8/5/15 – 8/7/15 – 3 Executive Insiders at Twitter purchase shares of Twitter: Jack Dorsey, Interim CEO; Anthony Noto, CFO; and Peter Fenton, Independent Director (Is a director truly independent when they own shares of a company?) 9/30/15 – Jack Dorsey named permanent CEO of Twitter 10/7/15 – Goldman Sachs announces that it will release its earnings on Twitter – speculation arises that Twitter has found a mechanism for income via earnings releases.

Is Goldman’s support of Twitter related to the decision for Square to choose Goldman for its Lead Banker? Is the use of Twitter the best for shareholders and the investing public or was it a strategic relationship decision? Would Goldman have won the Square IPO without supporting Twitter?

The post Goldman, Twitter & Square Entwinement appeared first on Compliance Risk Concepts.

Emmanuel Olaoye, Thomson Reuters

As the Financial Industry Regulatory Authority embraces the cloud and expands its monitoring technology for the big data era, firms may feel pressure to increase their own capacity to provide data.

As the Financial Industry Regulatory Authority expands its monitoring technology for the big-data era, firms may feel pressure to increase their own capacity to provide data. Some compliance experts are questioning, however, whether the regulator’s emphasis on technology will be effective in rooting out compliance deficiencies and wrongdoing, and suggest concerns over issues such as data privacy may make firms wary.

FINRA, the industry funded brokerage regulator, is moving its market-surveillance technology to “the cloud” in a push that began in 2014 and will carry on into next year.

Moving its data operations to third-party “cloud computing” data centers will allow FINRA’s analysts to more efficiently store and retrieve, and better analyze, the vast amounts of market data that FINRA collects, said FINRA Chief Executive Rick Ketchum. For example, the regulator analyzes about 20 billion market transactions a day, more than seven times the number of likes and status updates posted by Facebook users.

Money that FINRA collects from fines, which it is barred from using on staff or other operations, has helped fund the tech push. FINRA’s overall spending on computer operations and data communications rose to $40 million in 2014, from $31.2 million the year before.

The regulator is also using enhanced data analytics to identify exam targets based on risk factors in their business models, and to narrow the focus of individual exams, FINRA spokesman George Smaragdis said.

Said Ketchum, in a letter last year on FINRA exam priorities: “All the data that we’re gathering and analyzing is also helping us see effective and sometimes ineffective compliance practices.”

Mitch Avnet, a founding partner of the consultancy Compliance Risk Concepts, said: “The fact that a regulator is adding to their technology budget to get better information will hopefully send firms themselves to invest in technology ... to get better information in terms of their supervision and compliance.”

Firms regulated by FINRA face pressure to keep up with the technological advances. “You want to follow on from what [FINRA] is doing,” said Linda Riefberg, a former chief counsel in FINRA’s enforcement division and now a partner at the law firm Cozen O’Connor Riefberg. “If they come in and they ask for a lot of trading records, it is going to take you the resources to deliver it and you will have to analyze it.”

Mitch Avnet, a founding partner of the consultancy Compliance Risk Concepts, said: “The fact that a regulator is adding to their technology budget to get better information will hopefully send firms themselves to invest in technology ... to get better information in terms of their supervision and compliance.”

Firms can continue to supply data to FINRA as they are accustomed, through an electronic-exchange software application, Smaragdis said.
The process allows for them to securely submit, manage and track FINRA information requests, he said. An industry veteran who has been a vocal critic of Wall Street regulation questioned whether FINRA’s tech emphasis will yield substantive improvements in prevention or enforcement.

read the entire article here: http://tabbforum.com/opinions/finra-technology-upgrade-raises-data-standards-for-firms?print_preview=true&single=true

The post FINRA Technology Upgrade Raises Data Standards for Firms appeared first on Compliance Risk Concepts.

Compliance Chiefs' Top Worry: Culture written by Peter Ortiz.  Visit Ignites/Financial Times (paid subscription) to read the entire article.. 

Compliance training has moved from instruction on regulatory requirements and how not to flout them to a more intense focus on fostering an ethics-friendly culture, compliance chiefs say. Recently released results of a survey of 763 professionals who deal with compliance or legal responsibilities show that 90% cite creating a culture of ethics and respect as the top training objective.

Complying with laws and regulations (89%) and preventing future misconduct (82%) came in second and third, according to the Navex Global 2014 Ethics and Compliance Training Benchmark report. The Navex survey spanned 39 industries, including banking and financial services. Survey co-author Ingrid Fredeen notes that strong oversight by the Securities and Exchange Commission and other regulators helped fund firms stand out.

“The key takeaway I have for CCOs is if you are in a position where you are looking at effectiveness, then budget for measurements of effectiveness,” Fredeen says. “Don’t just assume completion equals effectiveness, otherwise it won’t happen.”

Jim Volk, CCO for SEI Investment Manager Services says that the best training program will do little good unless the organization’s top executives lead by example.

“If people are following the rules but doing it kicking and screaming, then you are not really changing the culture,” he says. “If the culture is good, then the nuts and bolts will take care of themselves.”

Volk stresses that firms should invest in high-quality training that includes presentations with powerful graphics that sink in, rather than issuing lengthy documents for employees to pore over. SEI also uses video where employees and hired actors demonstrate good and bad compliance action. In one scenario, an employee’s personal views expressed on social media get improperly tied to SEI.

“The point is when you invest the time to make it more vibrant and to catch their attention, it makes it more memorable and lets them know if we in invest in [the presentations] that much it must be important,” Volk says.

To prepare his compliance staff, Todd Spillane, CCO of Invesco, encourages them to sharpen their presentation skills by participating in a weekly public speaking group in Invesco’s Houston headquarters. He has joined in on those meetings along with more junior staff.

The survey also found that 45% of respondents say their organizations plan to implement more training for middle managers.

Mitch Avnet, managing partner at Compliance Risk Concepts, notes that firms lacking “consistent and cohesive training and messaging to mid-level managers” place their organizations at great risk.

“Employees who don’t think they can take an issue to their direct manager ... are in turn likely to go externally with their issues,” Avnet writes in an e-mail response to questions. “An organization must create an awareness and culture encouraging employees to raise their hands — bring issues to their direct mangers with no fear of repercussions.”

The post M. Avnet Commentary | Ignites Financial Times Article appeared first on Compliance Risk Concepts.

HAVE YOUR CAKE AND EAT IT TOO:

Improve Efficiency and Turbocharge Your Threat Discovery
Compliance in Financial Services White Paper

"Compliance organizations have had good success leveraging new technologies to improve efficiency, but recent trends as discussed will increasingly force compliance leaders to take action to mitigate the risks arising from the data and regulation explosion. Those leaders that act on these challenges by deploying solutions to achieve the twin pillars of increased efficiency and improved detection effectiveness will see significant and lasting returns on their investment..."

Download the full version now:

The post Compliance In Financial Services White Paper appeared first on Compliance Risk Concepts.

As members of the Financial Services Industry, we find ourselves in the position of having an inordinate amount of confidential information at our disposal. Given the overwhelming regulatory scrutiny we are under, failure to adhere to regulatory requirements can lead to fines, sanctions and reputation risk / damage. More importantly, data breaches can lead to irreparable damage to our clients and counterparties. Now, more than ever – it’s imperative that we ensure documentation messaging and communications are as secure as they can be.

Attention: Hedge Fund Managers

The push to fortify compliance procedures and reporting transparency is more critical than ever. Hedge Fund Managers are challenged by evolving compliance requirements and finding themselves in need of a two way secure and encrypted solution that enables the following:
• Delivery of accurate asset performance under management
• Delivery investment strategy information packets
• Performance of audit checks & balances on qualified investors
• Customized ad-hoc reporting throughout the communication lifecycle
• Digital traceability of messaging records
• Tamper proofing of authorized parties

Want to Learn More? – Compliance Risk Concepts Can Help!

To learn more about an exciting e-delivery tool with public-key infrastructure (PKI) that enables all of the above, please complete the following information:

Upon receiving your contact information, we will follow-up and schedule a quick introductory call to discuss this exciting technology and the services Compliance Risk Concepts provides to help address the needs of the Hedge Fund community.

The post Are you Insecure? – The First Step is Acknowledging You Need Help! appeared first on Compliance Risk Concepts.

Compliance, Operational and Financial Risk teams face complex challenges in creating appropriate “control” environments. Many factors impact and influence our ability to provide valuable oversight and insight to the discrete risks we face daily. These include:

✓ Increasing transactional volumes
✓ Required transactional data existing on numerous platforms and systems
✓ Inconsistent data formats
✓ Manually intensive monitoring and testing protocols that yield little or
no value to our business partners

The Manual Approach
To a certain extent, many organizations are still auditing and reviewing financial and transactional data manually. It is still very common for risk management functions to utilize “flat files” (and yes – Excel spreadsheets) in an effort to pinpoint potential issues. While surveillance and monitoring efforts are needed, these manual approaches are marginally effective at best. Even more troubling is that in many instances - Compliance, Operational and Financial Risk teams aren’t exactly sure which “behaviors” they are trying to identify. Outside of standardized scenario analysis, what other anomalies and trends are in need of review and investigation?

The logical next step in solving these issues is to implement automation of internal processes. This can eliminate duplication of efforts and significant time spent slicing and dicing information manually. That said, we all know how hard it is to get prioritized in the IT Project queue. Most IT resources are allocated to revenue generating projects and initiatives. Unless a project is regulator-mandated or your organization is “out of compliance,” it’s not likely you’ll go to the top of the list. This is not something we like to hear in the risk management space – but it’s the reality of the world we live in (especially in a tough economic cycle).

Question: What are the chances of getting IT resources allocated to embed “tests” into production systems?
Answer: Not likely!

Next Question: What are the chances if your requirements are not fully vetted or pinned down?
Answer: I can think of a couple of colourful metaphors. However, I will refrain and keep it clean. So all I will say is - Good Luck!

GO BIG OR GO HOME? – Not Quite…

Without internal IT support to build and support functionality, more and more organizations are turning to vendor based solutions. Since most organizations are seeking a “magic pill” or “panacea” or “one stop shopping” to solve all of our risk management oversight issues, they often look at mainstream solutions that are expensive, oversized, inflexible or are not designed to address the specific issues their organization is trying to solve. Organizations can find themselves “over-buying” and wind up not implementing many of the features of a platform. It’s tough enough to build a business / use case for these tools, without the danger of purchasing costly but unneeded functionality.

There is Another Way!

Compliance Risk Concepts recently partnered with Nomos Software, an innovative technology company that builds testing protocols for business and customer data. With the Nomos solution in place, an organization can quickly and economically build lightweight web-based applications that automate the testing and monitoring executed manually by risk management, operations, compliance and audit professionals on a daily or other periodic basis.

Additionally, the Nomos solutions provides complete transparency and visibility, enabling risk professionals to have “behind-the-scenes” access to the logic and parameters utilized in each of the testing and monitoring protocols.

State of Flux?

Not a problem! Nomos can roll out small changes to the tests very rapidly while the overall requirements are pinned down. Once finalized, the suite of tests and monitoring protocols can be integrated into straight-through processing systems to provide a fully automated solution set.

Uses / Applicability

The Nomos solution can be used for any file-based financial or transactional data. Examples of use cases include:

✓ Payments
✓ Corporate Actions
✓ Securities and Derivatives Transactions
✓ Any other types of information that needs to be tested,
monitored or audited.

How does it Work? - Roles and Responsibilities

CRC and Nomos work closely together to provide a seamless integration of testing and monitoring protocols into an organization’s production financial and transactional data.CRC works with the client to define core data requirements, scenarios and tests, red flags, use cases, issues management and resolution. Once defined, Nomos will create a testing protocol that enables the client to evolve their once manual testing / monitoring environment into an automated and efficient process.

Want to Learn More?

If you would like to learn how you could automate your manual testing / monitoring environment, please feel free to reach out to us directly to set up a complimentary discovery meeting with CRC and Nomos. You may contact us by email at mavnet@compliance-risk.com or by telephone at (646) 346-2468.

The post Don’t Hate – Automate! appeared first on Compliance Risk Concepts.

Thank You for your interest.

I look forward to connecting with you at the next CRC Compliance Roundtable.

One of the primary drivers for Compliance Risk Concepts (CRC) is to raise the awareness level and thought process related to real world compliance and risk issues in a “down to earth,” realistic and relatable way. The Compliance Roundtable serves as a great platform to make that happen.

As we continue to grow, I  personally thank all of you for the continued support, enthusiasm and confidence demonstrated toward CRC and the brand we are building within the industry. As always, we’d love to hear how you think we are doing.  Feel free to suggest topics or issues you would like to see discussed.

I invite you to download our FREE Compliance in Financial Services white paper: HAVE YOUR CAKE AND EAT IT TOO: Improve Efficiency and Turbocharge Your Threat Discovery.

Sincerely,
Mitch Avnet
Managing Partner
Compliance Risk Concepts

The post THANK YOU appeared first on Compliance Risk Concepts.