Your Risk Management Magazine
Prevention the best undertaking: ACI

Font size : + -

email print

THE AUSTRALASIAN Compliance Institute and the financial regulator have collaborated to produce a guide they hope will reduce the number of enforceable undertakings that ASIC has to issue.

An ACI working group, which included specialists from a range of companies such as Schroder Investment Management Australia, law firm Clayton Utz, ASIC and HSBC Bank, released a best practice guide last month.

“ASIC is really interested in ways and measures that will improve compliance,”ASIC’s working group member, Carole Ferguson, director, industry specialists –compliance, told ACI’s annual conference at the end of last year when the Compliance Issues from Enforceable Undertakings paper was first announced.

ACI CEO, Martin Tolar, said the document would “help to prevent and detect problems which can ultimately come as a large expense to financial services businesses”.

Annette Donselaar, chairwoman of the working group and chief compliance officer at the Hong Kong office of the American International Assurance Company, explained enforceable undertakings (EUs) are a “convergence of compliance and enforcement”.

EUs are a written agreement to redress a compliance failure to forestall further enforcement action, such as an enforcement action by ASIC, or a court order, according to the paper.

“We think that this paper can be used more broadly … within a range of compliance and broad practice measures to address the range of issues that result in enforceable undertakings,” she said.

Sometimes compliance personnel “can be a little bit disempowered”, as well, and she said it would also be an important document that could be given to senior management to help compliance officers carry out their role.

Donselaar stressed it is not a prescriptive document, but an attempt to distil some of the issues that led to enforceable undertakings in an effort to prevent more being given in future.

Too often, the paper states, compliance risks only become apparent when there has been a significant breach, and one of the key recommendations is to establish a clear knowledge of the organisation’s licensing and regulatory obligations and the need for a documented risk assessment and compliance program to address high compliance risk areas.

Other suggestions include: effective engagement of compliance officers with business personnel; the use of checklists to scope compliance actions and for ensuring they are completed; a formal review program of remediation plans and the currency of policies and procedures; a documented communication and training program; and breach reporting and escalation procedures.

Donselaar said despite the disparagement of the “checklist” approach to compliance, she said they do have their place to ensure important preventative measures have been carried out.

To this end, the paper includes a “best practice checklist” as a guide to prevent, detect and correct issues that give rise to EUs.

Research for the paper involved the assessment of the EUs that ASIC had issued throughout 2004–06. Donselaar said at the ACI conference one of the important findings was that most of those that received an EU did not have a documented risk assessment and compliance program.

However, she said many organisations had documented plans, but then never reviewed them: “people issue policies and procedures, but then they just get left.”

Ferguson added it was important not to see the approaches outlined in the paper as a “universal panacea”. For instance, she said compliance officers had to ensure they understood the areas they were overseeing.

“The NAB forex deal was an example where the compliance people really had trouble understanding what the dealers were doing,” she said. “Take the time to really understand the business.”

The paper states that it is “imperative” that the compliance program must consider both the operational elements in creating and delivering the compliance program together with the management and cultural issues to embed the program into the core of the organisation.

“This has been a great opportunity for compliance practitioners to recommend solutions to the industry on how common compliance failures can be prevented, corrected or detected. We believe the paper provides a useful and practical tool for the financial services industry,” added Donselaar.

  • Bookmark & Share
go back
Your comment
Risk management is the place for positive industry interaction and welcomes your professional and informed opinion.
eNewsletter

Breaking news, video interviews, opinion and analysis delivered straight to your inbox. Subscribe now
Categories

Home   |    Advertising   |    About Us   |    Contact Us   |    Privacy Policy  

© 2012 Key Media Pty Ltd.