Identifying Compliance related Risks

Following on from my article dated 14 June on “Building an effective compliance framework,” let’s start with identification of compliance related risks. The compliance function as a second line of defence unit, helps business by challenging the process of identification and mitigation of risks, and maintains an oversight over these risks.

A typical financial institution faces numerous compliance related risks, all of which are categorised as non-financial risks; these include the risk of :

· not identifying and verifying clients adequately

· not responding to regulatory change and new regulations issued, in time and effectively

· devising products which are not fit for a proposed customer segment

· mis-selling products, including to vulnerable customers

· marketing and other disclosures on products not being clear and robust

· inadequate complaint handling on a particular product

· inadequate segregation of clients’ monies and clients’ assets

· potential market abuse on capital and equity markets

· not managing conflicts of interest properly

· not having appropriate control barriers to manage the flow of information

· not managing and executing trades on a market properly

· not adhering to cross border regulations when transacting in a new jurisdiction

· breaching sanctions

· not identifying bribery and corruption

A compliance function will help a business within a financial institution, to capture all relevant risks and understand the impact and likelihood of each risk; it will also ensure that the business has built preventative controls which are robust, so that the residual risk which remains is acceptable to the organisation’s overall risk appetite.

This exercise needs to be done by the business and refreshed periodically. Managing this risk impact analysis as a live document is ideal in order to ensure that an organisation does not increase its risk exposure inadvertently. Such an increase could result in significant losses and could also attract regulatory fines.

Has your financial institution or business identified risks appropriately and put in a robust framework to mitigate these risks?

SYG Consulting can help you to conduct a risk assessment as well as advise on what good looks like!