P. 1
Risk Management Presentation April 22 2013

Risk Management Presentation April 22 2013

|Views: 3|Likes:
Published by George Lekatis
International Association of Risk and Compliance Professionals (IARCP)
http://www.risk-compliance-association.com

Every Monday
Top 10 risk and compliance management related news stories and world events
Do you want to receive (at not cost) every Monday the Top 10 risk and compliance management related news stories and world events that (for better or for worse) shaped the week's agenda, and what is next?
You can register at:
http://www.risk-compliance-association.com/Top_10_Risk_Compliance_Management_Stories_Events.html

Receive the New Member Orientation Newsletters
You will have the opportunity to learn (at not cost) what members registered before you have already learned. Understand better risk and compliance management, projects, careers, challenges and opportunities.
You can register at:
http://www.risk-compliance-association.com/New_Member_Orientation_Newsletters.html
International Association of Risk and Compliance Professionals (IARCP)
http://www.risk-compliance-association.com

Every Monday
Top 10 risk and compliance management related news stories and world events
Do you want to receive (at not cost) every Monday the Top 10 risk and compliance management related news stories and world events that (for better or for worse) shaped the week's agenda, and what is next?
You can register at:
http://www.risk-compliance-association.com/Top_10_Risk_Compliance_Management_Stories_Events.html

Receive the New Member Orientation Newsletters
You will have the opportunity to learn (at not cost) what members registered before you have already learned. Understand better risk and compliance management, projects, careers, challenges and opportunities.
You can register at:
http://www.risk-compliance-association.com/New_Member_Orientation_Newsletters.html

More info:

Categories:Types, Business/Law
Published by: George Lekatis on Jun 14, 2013
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PPTX, PDF, TXT or read online from Scribd
See more
See less

03/25/2014

pdf

text

original

Page |1

International Association of Risk and Compliance Professionals (IARCP)
1200 G Street NW Suite 800 Washington, DC 20005-6705 USA Tel: 202-449-9750 www.risk-compliance-association.com

Top 10 risk and compliance management related news stories and world events that (for better or for worse) shaped the week's agenda, and what is next

Dear Member, I really enjoyed this paper from the Financial Conduct Authority in UK with title:

―Applying behavioural economics at the Financial Conduct Authority‖
WOW! Now I know what was missing from the old FSA! They deserved to die. I love behavioural economics. This is one of the few areas we can explain that everybody (outside the financial services industry of course) is too stupid or has lost his mind, so it is not likely to understand what we do.

My summary of the paper: A fool and his money are soon parted.
It is science, of course. And, it is a really excellent paper, and you should study it. I t could become the manual for every expert witness in the financial services. All the good excuses are there. It this paper, one of the questions is: Why consumer choice in retail financial products and services is particularly prone to errors?
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

Page |2

Some answers:
1.Many products are inherently complex for most people. {My understanding: Most people are too small, too poor, too stupid} To add insult to the injury the paper continues: ―Faced with complexity, consumers can simplify decisions in ways that lead to errors, such as focusing only on headline rates‖

2.Decisions may require assessing risk and uncertainty. People are generally bad (even terrible) intuitive statisticians and are prone to making systematic errors in decisions involving uncertainty.
{My understanding: People are generally bad (even terrible) statisticians, ok, but can statistician predict the future using the ―history repeats itself‖ assumption? } 3. Some products permit little learning from past mistakes.

{My understanding: Even when people can learn from past mistakes in the financial markets, we can always make different mistakes.}
Read more (about how not to exploit continuously the fact that the others are stupid) at N umber 2. Again, it is an excellent paper. I love Figure 5 – especially what describes the MARKET It has never crossed my mind that we can describe the market in this way:

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

Page |3

Also… What is Intraday Liquidity Risk? We have the official definition from the Basel Committee on Banking Supervision (BCBS) ―Intraday Liquidity Risk is the risk that a bank fails to manage its intraday liquidity effectively, which could leave it unable to meet a payment obligation at the time expected, thereby affecting its own liquidity position and that of other parties.‖ Yes, we have a final rule, the introduction of monitoring tools for intraday liquidity. Under Pillar 2.

Why Pillar 2?
According to the paper (at N umber 1 below), the tools are being introduced for monitoring purposes only.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

Page |4

Internationally active banks will be required to apply these tools. National supervisors will determine the extent to which the tools apply to non-internationally active banks within their jurisdictions. However, ―banks and supervisors are not required to disclose these reporting requirements publicly. Public disclosure is not intended to be part of these monitoring tools‖.

For the eyes of the supervisors only… Pillar 2 … these Basel iii secrets …
But also:
―National supervisors will determine the extent …‖ Another national discretion… another opportunity to say bye-bye harmonized approach to implement Basel I I I . Read more at Number 1 below. Welcome to the Top 10 list.

Best Regards,

George Lekatis President of the I ARCP General Manager, Compliance LLC 1200 G Street N W Suite 800, Washington DC 20005, USA Tel: (202) 449-9750 Email: lekatis@risk-compliance-association.com Web: www.risk-compliance-association.com HQ: 1220 N. Market Street Suite 804, Wilmington DE 19801, USA Tel: (302) 342-8828

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

Page |5

BIS: Basel Committee on Banking Supervision (BCBS)

Monitoring tools for intraday liquidity management - final document, April 2013
This document is the final version of the Committee's Monitoring tools for intraday liquidity management. It was developed in consultation with the Committee on Payment and Settlement Systems to enable banking supervisors to better monitor a bank's management of intraday liquidity risk and its ability to meet payment and settlement obligations on a timely basis.

Applying behavioural economics at the Financial Conduct Authority
April 2013
Kristine Erta, Stefan H unt, Zanna I scenko, Will Brambley A rapidly growing literature on behavioural economics shows that some errors made by consumers are persistent and predictable. This raises the prospect of firms designing business models that do not focus on competing on price and quality. Behavioural economics enables regulators to intervene in markets more effectively, and in new ways, to counter such business models and secure better outcomes for consumers.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

Page |6

Thematic peer review on the FSB Principles for Reducing Reliance on Credit Rating Agency (CRA) Ratings
The goal of the Principles is to end mechanistic reliance on CRA ratings by banks, institutional investors and other market participants.

Stress testing banks – what have we learned?
Speech by Mr Ben S Bernanke, Chairman of the Board of Governors of the Federal Reserve System, at the ―Maintaining financial stability: holding a tiger by the tail‖ financial markets conference, sponsored by the Federal Reserve Bank of Atlanta, Stone Mountain, Georgia

APRA releases consultation package on disclosure of composition of capital and remuneration
The Australian Prudential Regulation Authority (APRA) today released a consultation paper and draft prudential standard relating to Pillar 3 disclosures on the composition of capital and on remuneration by authorised deposit-taking institutions (ADIs) in Australia.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

Page |7

ESMA 2013 Regulatory Work Programme
ESMA has published its 2013 Regulatory Work Programme which is based on its 2013 Work Programme, published in October 2012, and provides a detailed breakdown of the of the individual workstreams as outlined in the 2013 Work Programme.

Islamic finance and the European challenge
Opening address by Mr Ignazio Visco, Governor of the Bank of I taly, at the IFSB Forum ―The European challenge‖, organized by the I slamic Financial Services Board (IFSB) and hosted by the Bank of Italy, Rome, 9 April 2013.

COMMODITY FUTURES TRADING COMMISSION, SECURITIES AND EXCHANGE COMMISSION

Identity Theft Red Flags Rules
Joint final rules and guidelines.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

Page |8

Department of H ome Affairs SUMMARY OF RESPONSES TO TH E CONSULTATI ON ON TH E MONEY LAUNDERING AND TERRORIST FINAN CING CODE 2013
The Department of Home Affairs (DHA) issued the Money Laundering and Terrorist Financing Code 2013 with a view to replacing the Proceeds of Crime (Money Laundering) Code 2010 and the Prevention of Terrorist Financing Code 2011.

Regulation of Cross-Border OTC Derivatives Activities: Finding the Middle Ground
By Chairman Elisse Walter, U.S. Securities and Exchange Commission, American Bar Association Spring Meeting, Washington D.C.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

Page |9

BIS: Basel Committee on Banking Supervision (BCBS)

Monitoring tools for intraday liquidity management - final document, April 2013
This document is the final version of the Committee's Monitoring tools for intraday liquidity management. It was developed in consultation with the Committee on Payment and Settlement Systems to enable banking supervisors to better monitor a bank's management of intraday liquidity risk and its ability to meet payment and settlement obligations on a timely basis. Over time, the tools will also provide supervisors with a better understanding of banks' payment and settlement behaviour. The framework includes:  the detailed design of the monitoring tools for a bank's intraday liquidity risk  stress scenarios  key application issues  the reporting regime Management of intraday liquidity risk forms a key element of a bank's overall liquidity risk management framework. As such, the set of seven quantitative monitoring tools will complement the qualitative guidance on intraday liquidity management set out in the Basel Committee's 2008 Principles for Sound Liquidity Risk Management and Supervision.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 10

It is important to note that the tools are being introduced for monitoring purposes only and that internationally active banks will be required to apply them.
National supervisors will determine the extent to which the tools apply to non-internationally active banks within their jurisdictions. Basel I I I: The Liquidity Coverage Ratio and liquidity risk monitoring tools (January 2013), which sets out one of the Committee's key reforms to strengthen global liquidity regulations does not include intraday liquidity within its calibration. The reporting of the monitoring tools will commence on a monthly basis from 1 January 2015 to coincide with the implementation of the LCR reporting requirements. An earlier version of the framework of monitoring tools was issued for consultation in July 2012. The Committee wishes to thank those who provided feedback and comments as these were instrumental in revising and finalising the monitoring tools.

Monitoring tools for intraday liquidity management April 2013 Introduction
1. Management of intraday liquidity risk forms a key element of a bank‘s overall liquidity risk management framework. In September 2008, the Basel Committee on Banking Supervision (BCBS) published its Principles for Sound Liquidity Risk Management and Supervision (the Sound Principles), which provide guidance for banks on their management of liquidity risk and collateral. Principle 8 of the Sound Principles focuses specifically on intraday liquidity risk and states that:
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 11

―A bank should actively manage its intraday liquidity positions and risks to meet payment and settlement obligations on a timely basis under both normal and stressed conditions and thus contribute to the smooth functioning of payment and settlement systems.‖
2. Principle 8 identifies six operational elements that should be included in a bank‘s strategy for managing intraday liquidity risk. These state that a bank should: (i)have the capacity to measure expected daily gross liquidity inflows and outflows, anticipate the intraday timing of these flows where possible, and forecast the range of potential net funding shortfalls that might arise at different points during the day; (ii)have the capacity to monitor intraday liquidity positions against expected activities and available resources (balances, remaining intraday credit capacity, available collateral); (iii)arrange to acquire sufficient intraday funding to meet its intraday objectives; (iv)have the ability to manage and mobilise collateral as necessary to obtain intraday funds; (v)have a robust capability to manage the timing of its liquidity outflows in line with its intraday objectives; and (vi)be prepared to deal with unexpected disruptions to its intraday liquidity flows. 3.In January 2013, the BCBS published Basel I I I: The Liquidity Coverage Ratio and liquidity risk monitoring tools, which sets out one of the Committee‘s key reforms to strengthen global liquidity regulations. The objective of the Liquidity Coverage Ratio (LCR) is to promote the short-term resilience of the liquidity risk profile of banks, but does not include intraday liquidity within its calibration. 4.The BCBS, in consultation with the Committee on Payment and Settlement Systems (CPSS) has developed a set of quantitative tools to enable banking supervisors to monitor banks‘ intraday liquidity risk and
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 12

their ability to meet payment and settlement obligations on a timely basis under both normal and stressed conditions.
The monitoring tools will complement the qualitative guidance in the Sound Principles. 5. Given the close relationship between the management of banks‘ intraday liquidity risk and the smooth functioning of payment and settlement systems, 4 the tools will also be of benefit to central bank or other authorities responsible for the oversight of payment and settlement systems (overseers). It is envisaged that the introduction of monitoring tools for intraday liquidity will lead to closer co-operation between banking supervisors and the overseers in the monitoring of banks‘ payment behaviour. 6.It is important to note that the tools are being introduced for monitoring purposes only. Internationally active banks will be required to apply these tools. These tools may also be useful in promoting sound liquidity management practices for other banks, whether they are direct participants of a large-value payment system (LVPS) or use a correspondent bank to settle payments. National supervisors will determine the extent to which the tools apply to non-internationally active banks within their jurisdictions. 7.Consistent with their broader liquidity risk management responsibilities, bank management will be responsible for collating and submitting the monitoring data for the tools to their banking supervisor. It is recognised that banks may need to liaise closely with counterparts, including payment system operators and correspondent banks, to collate these data.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 13

However, banks and supervisors are not required to disclose these reporting requirements publicly.
Public disclosure is not intended to be part of these monitoring tools. 8. The following sections of this document set out: •The definitions of intraday liquidity and intraday liquidity risk and the elements that constitute a bank‘s intraday liquidity sources and usage • The detailed design of the intraday liquidity monitoring tools • The intraday liquidity stress scenarios • The scope of application of the tools • The implementation date and reporting frequency

I I . Definitions and sources and usage of intraday liquidity A. Definitions
9. For the purpose of this document, the following definitions will apply to the terms stated below. •Intraday Liquidity: funds which can be accessed during the business day, usually to enable banks to make payments in real time •Business Day: the opening hours of the LVPS or of correspondent banking services during which a bank can receive and make payments in a local jurisdiction •Intraday Liquidity Risk: the risk that a bank fails to manage its intraday liquidity effectively, which could leave it unable to meet a payment obligation at the time expected, thereby affecting its own liquidity position and that of other parties.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 14

•Time-specific obligations: obligations which must be settled at a specific time within the day or have an expected intraday settlement deadline.

B. I ntraday liquidity sources and usage
10. The following sets out the main constituent elements of a bank‘s intraday liquidity sources and usage. (The list should not be taken as exhaustive.) (i) Sources

Own sources •Reserve balances at the central bank; •Collateral pledged with the central bank or with ancillary systems that can be freely converted into intraday liquidity; • Unencumbered assets on a bank‘s balance sheet that can be freely converted into intraday liquidity; •Secured and unsecured, committed and uncommitted credit lines available intraday; • Balances with other banks that can be used for intraday settlement. Other sources • Payments received from other LVPS participants; • Payments received from ancillary systems; • Payments received through correspondent banking services.
(ii) Usage •Payments made to other LVPS participants; • Payments made to ancillary systems; • Payments made through correspondent banking services; •Secured and unsecured, committed and uncommitted credit lines offered intraday; • Contingent payments relating to a payment and settlement system‘s failure (eg as an emergency liquidity provider).
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 15

1 1. I n correspondent banking, some customer payments are made across accounts held by the same correspondent bank.
These payments do not give rise to an intraday liquidity source or usage for the correspondent bank as they do not link to the payment and settlement systems. However, these ‗internalised payments‘ do have intraday liquidity implications for both the sending and receiving customer banks and should be incorporated in their reporting of the monitoring tools.

I I I. The intraday liquidity monitoring tools
12. A number of factors influence a bank‘s usage of intraday liquidity in payment and settlement systems and its vulnerability to intraday liquidity shocks. As such, no single monitoring tool can provide supervisors with sufficient information to identify and monitor the intraday liquidity risk run by a bank.

To achieve this, seven separate monitoring tools have been developed (see Table 1).
As not all of the tools will be relevant to all reporting banks, the tools have been classified in three groups to determine their applicability as follows: •Category A: applicable to all reporting banks; •Category B: applicable to reporting banks that provide correspondent banking services; and • Category C: applicable to reporting banks which are direct participants.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 16

A. Monitoring tools applicable to all reporting banks (i) Daily maximum intraday liquidity usage
13. This tool will enable supervisors to monitor a bank‘s intraday liquidity usage in normal conditions. It will require banks to monitor the net balance of all payments made and received during the day over their settlement account, either with the central bank (if a direct participant) or over their account held with a correspondent bank (or accounts, if more than one correspondent bank is used to settle payments). The largest net negative position during the business day on the account(s), (ie the largest net cumulative balance between payments made and received), will determine a bank‘s maximum daily intraday liquidity usage. The net position should be determined by settlement time stamps (or the equivalent) using transaction-by-transaction data over the account(s). The largest net negative balance on the account(s) can be calculated after close of the business day and does not require real-time monitoring throughout the day.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 17

14. For illustrative purposes only, the calculation of the tool is shown in figure 1.
A positive net position signifies that the bank has received more payments than it has made during the day. Conversely, a negative net position signifies that the bank has made more payments than it has received. For direct participants, the net position represents the change in its opening balance with the central bank. For banks that use one or more correspondent banks, the net position represents the change in the opening balance on the account(s) with its correspondent bank(s).

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 18

15.Assuming that a bank runs a negative net position at some point intraday, it will need access to intraday liquidity to fund this balance.
The minimum amount of intraday liquidity that a bank would need to have available on any given day would be equivalent to its largest negative net position. (In the illustration above, the intraday liquidity usage would be 10 units.) 16.Conversely, when a bank runs a positive net cumulative position at some point intraday, it has surplus liquidity available to meet its intraday liquidity obligations. This position may arise because the bank is relying on payments received from other LVPS participants to fund its outgoing payments. (In the illustration above, the largest positive net cumulative position would be 8.6 units.) 17.Banks should report their three largest daily negative net cumulative positions on their settlement or correspondent account(s) in the reporting period and the daily average of the negative net cumulative position over the period. The largest positive net cumulative positions, and the daily average of the positive net cumulative positions, should also be reported. As the reporting data accumulates, supervisors will gain an indication of the daily intraday liquidity usage of a bank in normal conditions.

(ii) Available intraday liquidity at the start of the business day
18. This tool will enable supervisors to monitor the amount of intraday liquidity a bank has available at the start of each day to meet its intraday liquidity requirements in normal conditions.
Banks should report both the three smallest sums by value of intraday liquidity available at the start of each business day in the reporting period,
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 19

and the average amount of available intraday liquidity at the start of each business day in the reporting period.
The report should also break down the constituent elements of the liquidity sources available to the bank. 19.Drawing on the liquidity sources set out in Section I I B above, banks should discuss and agree with their supervisor the sources of liquidity which they should include in the calculation of this tool. Where banks manage collateral on a cross-currency and/ or cross-system basis, liquidity sources not denominated in the currency of the intraday liquidity usage and/ or which are located in a different jurisdiction, may be included in the calculation if the bank can demonstrate to the satisfaction of its supervisor that the collateral can be transferred intraday freely to the system where it is needed. 20.As the reporting data accumulates, supervisors will gain an indication of the amount of intraday liquidity available to a bank to meet its payment and settlement obligations in normal conditions.

(iii) Total payments
21. This tool will enable supervisors to monitor the overall scale of a bank‘s payment activity. For each business day in a reporting period, banks should calculate the total of their gross payments sent and received in the LVPS and/ or, where appropriate, across any account(s) held with a correspondent bank(s). Banks should report the three largest daily values for gross payments sent and received in the reporting period and the average daily figure of gross payments made and received in the reporting period.

(iv) Time-specific obligations
22. This tool will enable supervisors to gain a better understanding of a bank‘s time specific obligations.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 20

Failure to settle such obligations on time could result in financial penalty, reputational damage to the bank or loss of future business.
23. Banks should calculate the total value of time-specific obligations that they settle each day and report the three largest daily total values and the average daily total value in the reporting period to give supervisors an indication of the scale of these obligations.

B. Monitoring tools applicable to reporting banks that provide correspondent banking services (i) Value of payments made on behalf of correspondent banking customers
24.This tool will enable supervisors to gain a better understanding of the proportion of a correspondent bank‘s payment flows that arise from its provision of correspondent banking services. These flows may have a significant impact on the correspondent bank‘s own intraday liquidity management.

25.Correspondent banks should calculate the total value of payments they make on behalf of all customers of their correspondent banking services each day and report the three largest daily total values and the daily average total value of these payments in the reporting period.

(ii) Intraday credit lines extended to customers
26. This tool will enable supervisors to monitor the scale of a correspondent bank‘s provision of intraday credit to its customers.

Correspondent banks should report the three largest intraday credit lines extended to their customers in the reporting period, including whether these lines are secured or committed and the use of those lines at peak usage.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 21

C. Monitoring tool applicable to reporting banks which are direct participants
(i) I ntraday throughput
27. This tool will enable supervisors to monitor the throughput of a direct participant‘s daily payments activity across its settlement account. Direct participants should report the daily average in the reporting period of the percentage of their outgoing payments (relative to total payments) that settle by specific times during the day, by value within each hour of the business day. Over time, this will enable supervisors to identify any changes in a bank‘s payment and settlement behaviour.

IV. Intraday liquidity stress scenarios
28.The monitoring tools in Section I I I will provide banking supervisors with information on a bank‘s intraday liquidity profile in normal conditions. However, the availability and usage of intraday liquidity can change markedly in times of stress. In the course of their discussions on broader liquidity risk management, banks and supervisors should also consider the impact of a bank‘s intraday liquidity requirements in stress conditions. As guidance, four possible (but non-exhaustive) stress scenarios have been identified and are described below. Banks should determine with their supervisor which of the scenarios are relevant to their particular circumstances and business model. 29.Banks need not report the impact of the stress scenarios on the monitoring tools to supervisors on a regular basis.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 22

They should use the scenarios to assess how their intraday liquidity profile in normal conditions would change in conditions of stress and discuss with their supervisor how any adverse impact would be addressed either through contingency planning arrangements and/ or their wider intraday liquidity risk management framework.

Stress scenarios (i) Own financial stress: a bank suffers, or is perceived to be suffering from, a stress event
30.For a direct participant, own financial and/ or operational stress may result in counterparties deferring payments and/ or withdrawing intraday credit lines. This, in turn, may result in the bank having to fund more of its payments from its own intraday liquidity sources to avoid having to defer its own payments. 31.For banks that use correspondent banking services, an own financial stress may result in intraday credit lines being withdrawn by the correspondent bank(s), and/ or its own counterparties deferring payments. This may require the bank having either to prefund its payments and/ or to collateralise its intraday credit line(s).

(ii) Counterparty stress: a major counterparty suffers an intraday stress event which prevents it from making payments
32. A counterparty stress may result in direct participants and banks that use correspondent banking services being unable to rely on incoming payments from the stressed counterparty , reducing the availability of intraday liquidity that can be sourced from the receipt of the counterparty‘s payments.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 23

(iii) A customer bank‘s stress: a customer bank of a correspondent bank suffers a stress event
33. A customer bank‘s stress may result in other banks deferring payments to the customer, creating a further loss of intraday liquidity at its correspondent bank.

(iv) Market-wide credit or liquidity stress
34.A market-wide credit or liquidity stress may have adverse implications for the value of liquid assets that a bank holds to meet its intraday liquidity usage. A widespread fall in the market value and/ or credit rating of a bank‘s unencumbered liquid assets may constrain its ability to raise intraday liquidity from the central bank. In a worst case scenario, a material credit downgrade of the assets may result in the assets no longer meeting the eligibility criteria for the central bank‘s intraday liquidity facilities.

35.For a bank that uses correspondent banking services, a widespread fall in the market value and/ or credit rating of its unencumbered liquid assets may constrain its ability to raise intraday liquidity from its correspondent bank(s).
36.Banks which manage intraday liquidity on a cross-currency basis should consider the intraday liquidity implications of a closure of, or operational difficulties in, currency swap markets and stresses occurring in multiple systems simultaneously.

Application of the stress scenarios
37.For the own financial stress and counterparty stress, all reporting banks should consider the likely impact that these stress scenarios would have on their daily maximum intraday liquidity usage, available intraday

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 24

liquidity at the start of the business day, total payments and time-specific obligations.
38.For the customer bank‘s stress scenario, banks that provide correspondent banking services should consider the likely impact that this stress scenario would have on the value of payments made on behalf of its customers and intraday credit lines extended to its customers. 39.For the market-wide stress, all reporting banks should consider the likely impact that the stress would have on their sources of available intraday liquidity at the start of the business day. 40.While each of the monitoring tools has value in itself, combining the information provided by the tools will give supervisors a comprehensive view of a bank‘s resilience to intraday liquidity shocks. Examples on how the tools could be used in different combinations by banking supervisors to assess a bank‘s resilience to intraday liquidity risk are presented in Annex 3.

V. Scope of application
41. Banks generally manage their intraday liquidity risk on a system-by-system basis in a single currency, but it is recognised that practices differ across banks and jurisdictions, depending on the institutional set up of a bank and the specifics of the systems in which it operates. The following considerations aim to help banks and supervisors determine the most appropriate way to apply the tools. Should banks need further clarification, they should discuss the scope of application with their supervisors.

(i) Systems
42. Banks which are direct participants to an LVPS can manage their intraday liquidity in very different ways.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 25

Some banks manage their payment and settlement activity on a system-by-system basis.
Others make use of direct intraday liquidity ‗bridges‘ between LVPS, which allow excess liquidity to be transferred from one system to another without restriction. Other formal arrangements exist, which allow funds to be transferred from one system to another (such as agreements for foreign currency liquidity to be used as collateral for domestic systems). 43. To allow for these different approaches, direct participants should apply a ‗bottom-up‘ approach to determine the appropriate basis for reporting the monitoring tools. The following sets out the principles which such banks should follow: •As a baseline, individual banks should report on each LVPS in which they participate on a system-by-system-basis; •I f there is a direct real-time technical liquidity bridge between two or more LVPS, the intraday liquidity in those systems may be considered fungible. At least one of the linked LVPS may therefore be considered an ancillary system for the purpose of the tools; •I f a bank can demonstrate to the satisfaction of its supervisor that it regularly monitors positions and uses other formal arrangements to transfer liquidity intraday between LVPS which do not have a direct technical liquidity bridge, those LVPS may also be considered as ancillary systems for reporting purposes. 44. Ancillary systems (eg retail payment systems, CLS, some securities settlement systems and central counterparties), place demands on a bank‘s intraday liquidity when these systems settle the bank‘s obligations in an LVPS.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 26

Consequently, separate reporting requirements will not be necessary for such ancillary systems.
45.Banks that use correspondent banking services should base their reports on the payment and settlement activity over their account(s) with their correspondent bank(s). Where more than one correspondent bank is used, the bank should report per correspondent bank. For banks which access an LVPS indirectly through more than one correspondent bank, the reporting may be aggregated, provided that the reporting bank can demonstrate to the satisfaction of its supervisor that it is able to move liquidity between its correspondent banks. 46.Banks which operate as direct participants of an LVPS but which also make use of correspondent banks should discuss whether they can aggregate these for reporting purposes with their supervisor. Aggregation may be appropriate if the payments made directly through the LVPS and those made through the correspondent bank(s) are in the same jurisdiction and same currency.

(ii) Currency
47.Banks that manage their intraday liquidity on a currency-by-currency basis should report on an individual currency basis. 48.If a bank can prove to the satisfaction of its supervisor that it manages liquidity on a cross-currency basis and has the ability to transfer funds intraday with minimal delay – including in periods of acute stress – then the intraday liquidity positions across currencies may be aggregated for reporting purposes. However, banks should also report at an individual currency level so that supervisors can monitor the extent to which firms are reliant on foreign exchange swap markets.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 27

49. When the level of activity of a bank‘s payment and settlement activity in any one particular currency is considered de minimis with the agreement of the supervisor23 a reporting exemption could apply and separate returns need not be submitted.

(iii) Organisational structure
50.The appropriate organisational level for each bank‘s reporting of its intraday liquidity data should be determined by the supervisor, but it is expected that the monitoring tools will typically be applied at a significant individual legal entity level. The decision on the appropriate entity should consider any potential impediments to moving intraday liquidity between entities within a group, including the ability of supervisory jurisdictions to ring-fence liquid assets, timing differences and any logistical constraints on the movement of collateral. 51.Where there are no impediments or constraints to transferring intraday liquidity between two (or more) legal entities intraday, and banks can demonstrate this to the satisfaction of their supervisor, the intraday liquidity requirements of the entities may be aggregated for reporting purposes.

(iv) Responsibility of home and host supervisors
52. For cross-border banking groups, where a bank operates in LVPS and/ or with a correspondent bank(s) outside the jurisdiction where it is domiciled, both home and host supervisors will have an interest in ensuring that the bank has sufficient intraday liquidity to meet its obligations in the local LVPS and/ or with its correspondent bank(s). The allocation of responsibility between home and host supervisor will ultimately depend upon whether the bank operating in the non-domestic jurisdiction does so via a branch or a subsidiary.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 28

For a branch operation
•The home (consolidated) supervisor should have responsibility for monitoring through the collection and examination of data that its banking groups can meet their payment and settlement responsibilities in all countries and all currencies in which they operate. The home supervisor should therefore have the option to receive a full set of intraday liquidity information for its banking groups, covering both domestic and non-domestic payment and settlement obligations. •The host supervisor should have the option to require foreign branches in their jurisdiction to report intraday liquidity tools to them, subject to materiality.

For a subsidiary active in a non-domestic LVPS and/ or correspondent bank(s)
•The host supervisor should have primary responsible for receiving the relevant set of intraday liquidity data for that subsidiary.

•The supervisor of the parent bank (the home consolidated supervisor) will have an interest in ensuring that a non-domestic subsidiary has sufficient intraday liquidity to participate in all payment and settlement obligations.
The home supervisor should therefore have the option to require non-domestic subsidiaries to report intraday liquidity data to them as appropriate.

VI. Implementation date and reporting frequency
53.The reporting of the monitoring tools will commence on a monthly basis from 1 January 2015 to coincide with the implementation of the LCR reporting requirements. 54. Sample reporting templates can be found in Annex 2.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 29

As noted above, the tools apply to internationally active banks.
National supervisors will determine whether other banks should apply the reporting requirements. Banks should also agree with their supervisors the scope of application and reporting arrangements between home and host authorities. 55. If customer banks are unable to meet this implementation deadline because of data availability constraints with their correspondent bank(s), consideration may be given by supervisors to phasing-in their implementation to a later date (preferably no later than 1 January 2017).

Annex 1 Practical example of the monitoring tools
The following example illustrates how the tools would operate for a bank on a particular business day. Assume that on the given day, the bank‘s payment profile and liquidity usage is as follows:

1. Direct participant Details of the bank‘s payment profile are as followings:
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 30

Payment A: 450 Payment B: 100 – to settle obligations in an ancillary system Payment C: 200 – which has to be settled by 10 am Payment D: 300 –on behalf of a counterparty using some of a 500 unit unsecured credit line that the bank extends to the counterparty Payment E: 250 Payment F: 100 The bank has 300 units of central bank reserves and 500 units of eligible collateral.
A(i) Daily maximum liquidity usage: largest negative net cumulative positions: 550 units largest positive net cumulative positions: 200 units A(ii) Available intraday liquidity at the start of the business day: 300 units of central bank reserves + 500 units of eligible collateral (routinely transferred to the central bank) = 800 units A(iii) Total payments: Gross payments sent: 450+100+200+300+250+100 = 1,400 units Gross payments received: 200+400+300+350+150 = 1,400 units A(iv) Time-specific obligations: 200 + value of ancillary payment (100) = 300 units B(i) Value of payments made on behalf of correspondent banking customers: 300 units B(ii) Intraday credit line extended to customers: Value of intraday credit lines extended: 500 units Value of credit line used: 300 units C(i) Intraday throughput

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 31

2. Bank that uses a correspondent bank Details of the bank‘s payment profile are as followings: Payment A: 450 Payment B: 100 Payment C: 200 – which has to be settled by 10am Payment D: 300 Payment E: 250 Payment F: 100– which has to be settled by 4pm The bank has 300 units of account balance at the correspondent bank and 500 units of credit lines of which 300 units unsecured and also uncommitted. A(i) Daily maximum intraday liquidity usage: largest negative net cumulative positions: 550 units largest positive net cumulative positions: 200 units A(ii) Available intraday liquidity at the start of the business day: 300 units of account balance at the correspondent bank + 500 units of credit lines (of which 300 units unsecured and uncommitted) = 800 units A(iii) Total payments: Gross payments sent: 450+100+200+300+250+100 = 1,400 units Gross payments received: 200+400+300+350+150 = 1,400 units

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 32

A(iv) Time-specific obligations: 200 + 100 = 300 units

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 33

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 34

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 35

Annex 3 Combining the tools
The following is a non-exhaustive set of examples which illustrate how the tools could be used in different combinations by supervisors to assess a bank‘s resilience to intraday liquidity risk:
(1)Time-specific obligations relative to total payments and available intraday liquidity at the start of the business day If a high proportion of a bank‘s payment activity is time critical, the bank has less flexibility to deal with unexpected shocks by managing its payment flows, especially when its amount of available intraday liquidity at the start of the business day is typically low. In such circumstances the supervisor might expect the bank to have adequate risk management arrangements in place or to hold a higher proportion of unencumbered assets to mitigate this risk. (2)Available intraday liquidity at the start of the business day relative to the impact of intraday stresses on the bank‘s daily liquidity usage If the impact of an intraday liquidity stress on a bank‘s daily liquidity usage is large relative to its available intraday liquidity at the start of the
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 36

business day, it suggests that the bank may struggle to settle payments in a timely manner in conditions of stress.
(3)Relationship between daily maximum liquidity usage, available intraday liquidity at the start of the business day and the time-specific obligations If a bank misses its time-specific obligations, it could have a significant impact on other banks. If it were demonstrated that the bank‘s daily liquidity usage was high and the lowest amount of available intraday liquidity at the start of the business day were close to zero, it might suggest that the bank is managing its payment flows with an insufficient pool of liquid assets. (4)Total payments and value of payments made on behalf of correspondent banking customers If a large proportion of a bank‘s total payment activity is made by a correspondent bank on behalf of its customers and, depending on the type of the credit lines extended, the correspondent bank could be more vulnerable to a stress experienced by a customer. The supervisor may wish to understand how this risk is being mitigated by the correspondent bank. (5) Intraday throughput and daily liquidity usage: If a bank starts to defer its payments and this coincides with a reduction in its liquidity usage (as measured by its largest positive net cumulative position), the supervisor may wish to establish whether the bank has taken a strategic decision to delay payments to reduce its usage of intraday liquidity. This behavioural change might also be of interest to the overseers given the potential knock-on implications to other participants in the LVPS.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 37

Applying behavioural economics at the Financial Conduct Authority
April 2013 Kristine Erta, Stefan H unt, Zanna I scenko, Will Brambley A rapidly growing literature on behavioural economics shows that some errors made by consumers are persistent and predictable. This raises the prospect of firms designing business models that do not focus on competing on price and quality. Behavioural economics enables regulators to intervene in markets more effectively, and in new ways, to counter such business models and secure better outcomes for consumers. The UK Parliament has created the Financial Conduct Authority (FCA) and has given it an additional objective and duty to promote effective competition, which we believe should be on price and quality (rather than on false focal points or strategies to exclude rivals at point-of-sale).

To achieve this, the FCA will first need to undertake integrated analysis of economic markets.
In other words, it will need to understand how information problems, consumers‘ behavioural errors and firms‘ competitive strategies combine to produce observed market outcomes. This involves some change from the existing practice of most conduct regulators, with one of the biggest changes relating to greater focus on understanding consumer behaviour. This paper first sets out what behavioural economics tells us about consumer decision-making in financial markets. This is based on an extensive review of the available literature.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 38

It then discusses how behavioural economics can be, and should be, used in the regulation of financial conduct.
While I recognise that this is an independent piece of research, this paper is the first in the Financial Conduct Authority‘s Occasional Paper series, and an important one at that. I therefore add my support for the paper. I believe that using insights from behavioural economics, together with more traditional analysis of competition and market failures, can help the FCA assess problems in financial markets better, choose more appropriate remedies and be a more effective regulator as a result. While applying behavioural economics also brings new challenges, I believe they are surmountable.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 39

Executive summary
People often make errors when choosing and using financial products, and can suffer considerable losses as a result. Using behavioural economics we can understand how these errors arise, why they persist, and what we can do to ameliorate them. Behavioural economics uses insights from psychology to explain why people behave the way they do. People do not always make choices in a rational and calculated way. In fact, most human decision-making uses thought processes that are intuitive and automatic rather than deliberative and controlled. Academic literature identifies ‗behavioural biases‘—specific ways in which normal human thought systematically departs from being fully rational. Biases can cause people to misjudge important facts or to be inconsistent, for example changing their choices for the worse when essentially the same decision is presented in a different way. In other words, our normal human thought processes can lead us to make choices that are predictably mistaken. Market forces left to themselves will often not work to reduce these mistakes, so regulation may be needed. A good example is payment protection insurance (PPI).

Firms were able to earn large profits on PPI products because many buyers fundamentally misunderstood PPI pricing and the limitations in its coverage.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 40

High PPI prices allowed sellers to attract more customers by offering mortgages at cheaper rates (which consumers focused on when choosing a provider).
As a result, no firm had an incentive to advertise that PPI was a poor product for many people and charge appropriate mortgage and PPI prices. This would have made the firm‘s mortgage more expensive and the firm uncompetitive.

Intervention was needed to solve this problem.
While it is common sense that people make mistakes, behavioural economics takes us beyond intuition and helps us be precise in detecting, understanding, and remedying problems that arise from consumer mistakes. Integrating behavioural economics into the FCA can therefore help it be an effective regulator. This paper has two parts. In Part I we summarise the main lessons from behavioural economics for retail financial markets: - how consumers make predictable mistakes when choosing and using financial products; - how firms respond to these mistakes, and - how behavioural biases can lead firms to compete in ways that are not in the interests of consumers. In Part I I we describe how behavioural economics can, and should, be used in the regulation of financial conduct.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 41

Part I: Lessons from behavioural economics
Why are there more behavioural problems in financial services?
For a number of reasons, consumer choice in retail financial products and services is particularly prone to errors: •Many products are inherently complex for most people. Financial products are abstract and intangible and often have many features and complex charging structures. This contrasts with many ordinary products where consumers can easily understand what they are getting and the product has a single, simple price. Faced with complexity, consumers can simplify decisions in ways that lead to errors, such as focusing only on headline rates. •Many products involve trade-offs between the present and the future. Often people make decisions against their long-term interests because of self-control problems, e.g. borrowing excessively using payday loans. • Decisions may require assessing risk and uncertainty. People are generally bad (even terrible) intuitive statisticians and are prone to making systematic errors in decisions involving uncertainty. So we often misjudge probabilities and make poor insurance or investment decisions. • Decisions can be emotional. Stress, anxiety, fear of losses and regret, rather than the costs and benefits of the choices, can drive decisions.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 42

•Some products permit little learning from past mistakes.
Some financial decisions, such as choosing a retirement plan or mortgage, are made infrequently, with little learning from others, and with consequences revealed only after a long delay.

Which biases affect consumer financial decisions?
To identify and correct mistakes we need to be able to detect biases. The table below lists the most relevant biases for retail markets, categorising biases according to how they affect decisions: • preferences (what we want); •beliefs (what we believe are the facts about our situation and options); and •decision-making (which option gets us closest to what we want, given our beliefs).

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 43

Categorising biases like this helps us consider whether people are making mistakes.

Errors in beliefs or decision-making can often be clear-cut.
For example, people may have beliefs about the likelihood of an event that contradicts objective probabilities. But if people‘s preferences are inconsistent (and so not fully rational), it can be difficult to say that these preferences are wrong; they are after all what people want, at least at the time.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 44

If people are not making mistakes, intervening to prevent them from acting on these preferences can make them worse-off.

How do biases affect the strategies of firms, competition and other market problems?
Firms play a crucial role in shaping consumer choices. Product design, marketing or sales processes can exacerbate the effects of biases and cause problems.

Firms can respond to the different biases in specific ways (we give detailed examples in the Annex).
One important response is that firms will tend to increase non-salient prices and decrease salient prices. For example, if consumers tend to underestimate how much they will spend on their credit card in the future (because of projection bias or overconfidence), firms have an incentive to offer low rates today with higher rates later. Another important response is that firms will tend to obfuscate unattractive product attributes, such as exclusions in insurance contracts. Consumer biases thus affect competition. They can lead firms to compete in ways that are not in consumer interests, e.g. by offering products that appeal to the consumer because they play to biases. Biases can also create de facto market power in markets that might appear competitive based on the number of firms alone. We must be mindful, however, that sometimes firms might not know that their customers are making mistakes.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 45

What looks like deliberate exploitation may actually just be firms responding to observed consumer demand without realising that it is driven by biases.
Regardless of what firms know, in badly functioning markets bias exploitation may be the only way for firms to attract and retain consumers and therefore to stay in business. Behavioural biases can also interact with other market failures like information asymmetries or externalities.

They can exacerbate other problems or make regulatory interventions aimed at addressing problems ineffective or even harmful.

Part I I : Applying behavioural economics at the FCA
We have already begun to put behavioural economics into practice, but change will not be instantaneous. Behavioural economics raises important issues for all steps of the regulatory process.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 46

Step 1: Identifying and prioritising issues
How can we spot potential consumer detriment caused by biases?
Biases are rarely directly observable. Based on evidence on the common mistakes people make, we suggest a set of indicators that can help identify where consumer detriment from mistakes may be particularly high. The indicators highlight potentially problematic consumer and firm behaviours and product features. A complementary approach to detecting issues is to identify the true economic function of a product and then evaluate whether consumers actually use the product for this function, or for another reason.

How can we prioritise these risks?
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 47

We will prioritise risks arising from behavioural biases as with other issues.
Size of the problem will obviously drive priority. Behavioural problems can cause less sophisticated consumers to pay more than others, effectively cross-subsidising the more sophisticated, so prioritisation also needs to consider these distributional effects.

Step 2: Understanding root causes of problems
Could consumers be choosing reasonably? If consumers are biased, what do they truly want and need?
When analysing problems we need to develop possible explanations as to the underlying cause and then build evidence. We must investigate whether consumers are making mistakes, and if so which biases may be the cause. Crucial evidence includes how consumers choose in different settings (e.g. do consumers choose differently as they gain experience?), their awareness of essential product information and their self-reported needs and objectives.

How should we analyse firm-specific issues?
For firm-specific issues, behavioural insights can inform what dialogue to have with, and what information to gather from the firm. Qualitative information may be enough, though data on consumer behaviour may be needed. Establishing whether the product feature or practice is common to many firms or market-wide is important.

How should we analyse market-wide issues?
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 48

Diagnosing market-wide issues naturally requires a greater level of evidence.
This may include collecting first-hand data using consumer research, laboratory experiments or field experiments (also called randomised controlled trials, or RCTs). Analysis must consider the broad context of the market, including how firms compete, what other market and regulatory failures are present and how consumer biases interact with these factors.

Step 3: Designing effective interventions
What interventions are available to protect consumers?
Behavioural economics offers new perspectives on interventions that the FCA could use, for behavioural and other problems in the market. Ordered from least to most interventionist, there are four ways in which the FCA could solve behavioural problems:

1.Provide information. Require firms to provide information in a specific way or prohibit specific marketing materials or practices.
2.Change the choice environment. Adjust how choices are presented to consumers. 3.Control product distribution. Require products to be promoted or sold only through particular channels or only to certain types of clients. 4.Control products. Ban specific product features or whole products that appear designed to exploit, or require products to contain specific features. We could expand our toolkit by using more ‗nudges‘ — small prompts that, if designed well, have low costs and can lead to better decisions by biased consumers without restricting choice.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 49

Providing information or changing the choice environment can be nudges.
As these less interventionist measures do not constrain consumer choice, they are preferable, if they are effective in preventing mistakes. Understanding how consumers make decisions can also improve the effectiveness of traditional remedies, such as disclosure. Consumer psychology is nuanced, however, and specific interventions can succeed or fail based on small details. Interventions should therefore ideally be tested in practice before implementation, possibly using RCTs. Often consumer biases are just one part of a problem, and a package of market-wide measures will be required.

Should we intervene and, if so, how? How can we assess the impact of interventions?
Applying behavioural economics also brings additional challenges.
We will have to tackle difficult questions like: what is in consumers‘ best interests, where should the limits to consumer responsibility lie, and how effective are less interventionist measures, such as nudges, or more interventionist measures, such as product banning? When choosing between different measures, or no intervention at all, we need to assess their costs and benefits, to the extent that this is practically possible.

A wide variety of factors should be considered including
(i) whether firms can circumvent the measure, (ii) negative and positive impacts on innovation,
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 50

(iii)transfers between different groups of consumers, e.g. the more and the less sophisticated,
(iv) the impact on consumers‘ incentives to learn and (v)whether the problem is one for the regulator or best left to the Government. Traditional impact assessment approaches, for example, for estimating benefits to consumers, may need to be adapted when biases are present.

Conclusion
Integrating insights from behavioural economics with traditional competition and market failure analysis has much scope for helping the FCA choose the best interventions. Behavioural insights have implications for many functions of the organisation: •policy – i.e. creating our rules and guidance; •analysing firms‘ business models, behaviour and products when authorising or supervising firms; • building evidence for enforcement cases; and • shaping FCA and firm communications with customers. We believe that the challenges are surmountable and this paper contributes to the foundations for the FCA to undertake wide-ranging, integrated analysis of financial markets and then act on the results.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 51

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 52

Thematic peer review on the FSB Principles for Reducing Reliance on Credit Rating Agency (CRA) Ratings
Questionnaire Introduction
In October 2010, the FSB issued Principles for Reducing Reliance on CRA Ratings. The goal of the Principles is to end mechanistic reliance on CRA ratings by banks, institutional investors and other market participants. The ―hard wiring‖ of CRA ratings in regulation has been wrongly interpreted as providing those ratings with an official ―seal of approval‖ and has reduced incentives for firms to develop their own capacity for credit risk assessment and due diligence. As demonstrated during the financial crisis, reliance on external ratings to the exclusion of internal credit assessments can be a cause of herding behaviour and of abrupt sell-offs of securities when they are downgraded (―cliff effects‖). These effects can amplify procyclicality and cause systemic disruption. Following a February 2012 progress report by the FSB Secretariat, both the G20 Finance Ministers and Central Bank Governors as well as the G20 Leaders, in their Los Cabos Declaration, called for faster progress by national authorities and SSBs in ending mechanistic reliance on credit ratings. In response to this call, the FSB Plenary at its meeting in Tokyo in October 2012 endorsed a roadmap1 with timelines to accelerate implementation of the FSB Principles, which were welcomed at the
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 53

November 2012 G20 Finance Ministers and Central Bank Governors meeting.
The roadmap consists of two tracks: •Work to reduce mechanistic reliance on CRA ratings through standards, laws and regulations. Reviews should cover the identification and reduction of references to CRA ratings in standards, laws and regulations. The reviews should also identify whether, even absent such references to CRA ratings, sufficient steps are being taken in standards, laws and regulations to actively place a duty or expectation on market participants that they will not mechanistically rely on CRA ratings; •Work to promote and, where needed, require financial institutions to strengthen their own credit risk assessment processes as a replacement for reliance on CRA ratings, and disclose information on those processes. To this end, the FSB is undertaking a thematic peer review, whose main objective is to assist national authorities fulfil their commitments under the agreed CRA ratings roadmap. The aim of the review is to accelerate progress in reducing mechanistic reliance on CRA ratings by including by encouraging market participants to develop and implement adequate credit assessment processes. The peer review will focus on certain Principles, as highlighted in the questionnaire, that relate to regulatory and supervisory practices or the official sector more broadly. More specifically, the review will: •Take stock of the extent to which references to CRA ratings in national laws and regulations have been identified, assessed and (where appropriate) removed or replaced with suitable alternative standards of creditworthiness; •H ighlight good practices and lessons of experience from assessing, removing and/ or replacing references to CRA ratings in laws and regulations;
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 54

•I dentify any challenges that have arisen in seeking to remove or replace references as set out in the Principles, and highlight potential solutions where these have been developed; and
•Review national authorities‘ progress and plans to encourage disclosure by financial institutions of information about their credit assessment processes and to further strengthen those capabilities. The primary source of information for the peer review will be member jurisdictions‘ responses to this questionnaire.

The questionnaire is divided into four sections:
•Section 1 covers the measures taken to reduce references to CRA ratings in laws and regulations (Principle I ); •Section 2 covers the measures taken by the official sector to reduce market reliance on CRA ratings (Principle I I); •Section 3 covers the detailed measures taken by the relevant official sector authorities to implement the detailed application of the Principles (Principle I I I ); •Section 4 concerns general observations on the implementation of the Principles. National authorities should provide a consolidated response that covers all financial sub-sectors in their jurisdiction. Responses from Member States of the European Union should indicate where the responsibility for addressing a specific question resides with the European Commission or one of the European authorities (ESMA, EBA, or EIOPA). Respondents are encouraged to draw on their responses to prior surveys in this area where those are relevant for this questionnaire.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 55

The Peer Review Team will follow up with jurisdictions, as necessary, concerning plans indicated in this questionnaire before finalizing the peer review report.
Jurisdictions are also encouraged to provide updated information to the attention of the Peer Review Team as plans develop or experience is gained over the coming months.

1. Reducing reliance on CRA ratings in laws and regulations (Principle I)
General 1. Please describe the process that was used to assess references to CRA ratings in your laws and regulations for the financial sector: a)Did the authorities in your jurisdiction conduct a review of laws and regulations following publication of the CRA Principles in October 2010?

If yes:
b)Which supervisory or other authorities were involved in the assessment?
c)What steps, if any , were taken to coordinate the approach taken by the relevant authorities? d) Over what timeframe were the assessments conducted? e)If the assessments resulted in proposals for legislative and/ or regulatory change, which authorities were responsible for implementing the proposed changes? f ) H ow many of the proposed legislative and/ or regulatory changes have already been adopted? g ) H ow many legislative and/ or regulatory changes remain to be made and what is the timetable for their adoption?
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 56

h) H as the assessment been updated following the adoption of the FSB roadmap?

If no:
i) Please describe the plans by your jurisdiction to conduct a review of laws and regulations in line with the FSB roadmap. 2. Please describe the process that is being used to develop action plans for your jurisdiction as called for under the roadmap:

a)Which supervisory or other authorities are involved in the development of the action plan? To what extent is the private sector involved in this process?
b)What steps, if any , are being taken to coordinate the approach taken by the relevant authorities? c) What is the current status of the action plan for your jurisdiction? d)What is the timeframe, if any, for the completion and full implementation of the action plan?

References to CRA ratings in laws and regulations
For the following questions please provide separate responses for each of the following categories: Banks Insurance/ reinsurance companies Investment funds management, including: •Collective investment schemes (i.e. schemes investing in transferrable securities such as mutual funds) • Alternative investment schemes (e.g. hedge funds, endowments etc.)
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 57

• Occupational retirement schemes
Collateral policies for central counterparties (CCPs) Securities issuance, including asset-backed securities and corporate debt Securities firms (broker-dealers) 3. Please provide details (using Annex I ) of all specific laws and regulations from which references to CRA ratings were removed or have been proposed to be removed following the assessment described in answer to Question 1. Please use Annex I to provide details of: a) The specific law/ regulation reference b) The text of the relevant law/ regulation c) The replacement text (where applicable) 4. Please provide details (using Annex I) of all laws and regulations where references to CRA ratings have been identified but were not replaced. a)Where references to CRA ratings were identified but not replaced or proposed to be replaced, what were the factors that lead to these references being retained? b)Will the decision not to replace the references be reviewed in the future? c) What factors might trigger a review?

5. Where CRA ratings are used to assess creditworthiness, have you developed alternative standards of assessment for the purpose of replacing references to CRA ratings in laws and regulations?
Where applicable, please provide these alternative definitions (using Annex I ).
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 58

6. Please describe the measures of creditworthiness that you have considered as alternatives to credit ratings.
What do you consider as the main advantages and weaknesses of each of these alternative creditworthiness measures?

2. Reducing market reliance on CRA ratings (Principle I I )
1.Please describe any roles played by regulatory authorities in your jurisdiction in reviewing credit risk assessment capabilities of market participants. 2.To what extent are the regulatory authorities directly involved in developing alternative credit risk assessment processes? 3.Please describe (using Annex I ) any supervisory processes and procedures used to check the adequacy of market participants‘ own credit assessment processes in respect of: Banks Insurance/ reinsurance companies Investment funds management, including: •Collective investment schemes (i.e. schemes investing in transferrable securities such as mutual funds) • Alternative investment schemes (e.g. hedge funds, endowments, etc.) • Occupational retirement schemes Collateral policies for central counterparties (CCPs) Securities issuance, including asset-backed securities and corporate debt Securities firms (broker-dealers) a) Please describe (using Annex I) any specific procedures that have been adopted to guard against upward biases in firms‘ internal ratings.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 59

4. What measures have authorities in your jurisdiction adopted to incentivise market participants to develop their internal risk management capabilities?
a)Please describe separately any additional measures taken since the publication of the FSB CRA Principles. b)What role is played by CRA ratings as part of internal credit risk management approaches for each of the above categories of market participants?

c)To what extent are market participants required to disclose information about their internal credit risk assessment processes?

3.Application of the basic principles to particular financial market activities (Principle I I I)
Please refer to Annex I

4. General
a)What are the main lessons to be drawn from the assessment and implementation process followed by the authorities in your jurisdiction? b)What have been the greatest obstacles to implementing the CRA Principles? c)Please describe any specific policies or measures that you believe have been particularly effective in reducing reliance on CRA ratings. d)Do you have any specific recommendations for amending the CRA Principles on the basis of your implementation experience? e)Are there any other general observations you would like to make about the CRA Principles or their implementation?

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 60

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 61

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 62

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 63

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 64

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 65

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 66

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 67

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 68

Stress testing banks – what have we learned?
Speech by Mr Ben S Bernanke, Chairman of the Board of Governors of the Federal Reserve System, at the ―Maintaining financial stability: holding a tiger by the tail‖ financial markets conference, sponsored by the Federal Reserve Bank of Atlanta, Stone Mountain, Georgia Let me begin by thanking President Lockhart and the organizers of the Financial Markets Conference for inviting me to speak here again this year. I have participated regularly in this conference and have always found it stimulating. Four years ago, in remarks at this very conference, I described the 2009 Supervisory Capital Assessment Program, or SCAP, popularly known as the bank stress tests. The SCAP marked the first time the U.S. bank regulatory agencies had conducted a supervisory stress test simultaneously across the largest banking firms. At the time of my 2009 speech, we had just published the results of the SCAP and were still evaluating its effects. In retrospect, the SCAP stands out for me as one of the critical turning points in the financial crisis. It provided anxious investors with something they craved: credible information about prospective losses at banks. Supervisors‘ public disclosure of the stress test results helped restore confidence in the banking system and enabled its successful recapitalization.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 69

The resilience of the U.S. banking system has greatly improved since then, and the more intensive use and greater sophistication of supervisory stress testing, as well as supervisors‘ increased emphasis on the effectiveness of banks‘ own capital planning processes, deserve some credit for that improvement.
I will begin today with a brief discussion of the state of U.S. banking. I will then turn to the subject of what we have learned about stress testing in the four years since the SCAP, with a focus on the increasingly central role it is playing in bank supervision in the United States. Importantly, as I will elaborate, stress testing adds a macroprudential dimension to our supervision by helping us evaluate the aggregate capital position of the largest banking firms as well as their individual capital levels. The Federal Reserve – like all bureaucracies – has an unfortunate tendency to create acronyms, so, before I proceed further, let me explain our acronyms, in addition to SCAP, for stress tests. With the SCAP now in the past, we currently have two distinct but related supervisory programs that rely on stress testing. The first is the stress testing required by the Dodd-Frank Act, which we have shortened to the acronym DFAST – the Dodd-Frank Act stress tests. The purpose of DFAST is to quantitatively assess how bank capital levels would fare in stressful economic and financial scenarios. The second program, called the Comprehensive Capital Analysis and Review, or CCAR, combines the quantitative results from the stress tests with more-qualitative assessments of the capital planning processes used by banks. For example, under CCAR, supervisors evaluate the ability of banks to model losses for various categories of loans and securities and to estimate earnings and capital requirements in alternative scenarios.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 70

We recently completed the first set of DFAST stress tests and disclosed the results, followed a week later by the disclosure of our CCAR findings, which included our qualitative assessments of firms‘ capital planning.

The state of the banking system, then and now
To provide context for the developments in the banking system since the introduction of the SCAP in early 2009, it‘s worth briefly recalling the economic situation that prevailed at that time. The economy was in deep recession, with the unemployment rate having risen 4 percentage points, from 5 percent to 9 percent, over the preceding 12 months. The prices of real estate and equities had plummeted, interest rate spreads – such as the spread between rates on mortgages and Treasury securities – had widened to unprecedented levels, and securitization markets had frozen. Write-downs and losses continued to deplete banks‘ capital, unnerving investors and counterparties and exacerbating the severe funding pressures faced by many institutions. In the face of this instability, in 2008 and 2009 policymakers had taken a range of extraordinary measures: The Federal Reserve supplied liquidity to banks and other financial institutions, helping to calm the panic and begin the process of restoring the flow of credit to households and businesses; The Treasury Department guaranteed money market funds and injected capital into banks under the Troubled Asset Relief Program; The Congress expanded deposit insurance under the Federal Deposit Insurance Corporation (FDIC); and The FDIC guaranteed banks‘ issuance of long term debt.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 71

And, as I noted, the SCAP helped to increase confidence in the banking system and restore banks‘ access to private capital markets.
Ten of the 19 large bank holding companies that underwent the SCAP were required to raise equity capital – by $75 billion in total. Today the economy is significantly stronger than it was four years ago, although conditions are clearly still far from where we would all like them to be. Because bank credit for households and businesses is critical to continued economic expansion, it is positive for the recovery that banks are also notably stronger than they were a few years ago. For example, premiums on bank credit default swaps have fallen by more than half of their 2009 levels, and other measures of bank risk have also declined substantially. More than 90 percent of the public capital injections that were used to stabilize the banking system have been repaid, and the Federal Reserve‘s extraordinary liquidity programs and the FDIC‘s temporary guarantees for uninsured business deposits and bond issues have largely been wound down. The results of the most recent stress tests and capital planning evaluations continue to reflect improvement in banks‘ condition. For example, projected aggregate loan losses under this year‘s most stressful scenario (the so-called severely adverse scenario) were 7 percent lower than the comparable figure last year, in part because the riskiness of banks‘ portfolios continues to decline.

The comparison of today‘s bank capital levels with those at the time of the SCAP is particularly striking.
Over the past four years, the aggregate tier 1 common equity ratio of the 18 firms that underwent the recent tests has more than doubled, from 5.6 percent of risk-weighted assets at the end of 2008 to 1 1.3 percent at the
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 72

end of 2012 – in absolute terms, a net gain of nearly $400 billion in tier 1 common equity, to almost $800 billion at the end of 2012.
Indeed, even under the severely adverse scenario of the latest stress test, the estimate of these firms‘ post-stress tier 1 common capital ratio is more than 2 percentage points higher than actual capital levels at the end of 2008. Higher capital puts these firms in a much better position to absorb future losses while continuing to fulfill their vital role in the economy.

In addition, a majority of the 18 CCAR firms already meet new internationally agreed-upon capital standards (the proposed Basel I II capital requirements), and the others are on track to meet these requirements as they are phased in over time.
Although the stress tests focus on the largest banks, the medium-sized and smaller banks outside of the 18 CCAR firms have also improved their aggregate capital position considerably since the SCAP. For that group of banks, aggregate tier 1 common equity stood at 12.4 percent of risk-weighted assets in the fourth quarter of 2012, more than 4 percentage points higher than at the end of 2008. Another key lesson of the crisis, given the intense funding pressures experienced by many financial institutions during the period, is the importance of maintaining adequate liquidity – that is, a stock of cash and unencumbered high-quality liquid assets that can be converted easily into cash. Here too, the news is mostly positive, as the broader banking system – including both larger and smaller banks – has generally improved its liquidity position relative to pre-crisis levels. For example, banks‘ holdings of cash and high-quality liquid securities have more than doubled since the end of 2007 and now total more than $2.5 trillion.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 73

However, in the area of liquidity and funding, continued improvement is still needed on some dimensions.
Notably, supervisors will continue to press banks to reduce further their dependence on wholesale funding, which proved highly unreliable during the crisis. And, in analogy to the need for effective capital planning, banks of all sizes need to further strengthen their ability to identify, quantify, and manage their liquidity risks.

The evolution of stress testing
Let me turn now to the evolution of stress testing as a supervisory tool. The main benefits of stress tests for supervision have not changed much since the SCAP was conducted in 2009. First, stress tests complement standard capital ratios by adding a more forward-looking perspective and by being more oriented toward protection against so-called tail risks; by design, stress tests help ensure that banks will have enough capital to keep lending even under highly adverse circumstances. Second, as applied by the Federal Reserve, the stress tests look horizontally across banks rather than at a single bank in isolation. This comparative approach promotes more-consistent supervisory standards. It also provides valuable systemic information by revealing how significant economic or financial shocks would affect the largest banks collectively as well as individually. Third, the disclosures of stress test results promote transparency by providing the public consistent and comparable information about banks‘ financial conditions.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 74

The basic methodology of our stress testing has also not changed materially since the SCAP.
We continue to take a multidisciplinary approach, drawing on a wide range of staff expertise. To begin the process, our economists create a hypothetical macroeconomic scenario that incorporates an assumed sharp deterioration in economic and financial conditions. Supervisors estimate each bank‘s expected losses and revenues and we use these estimates to project post-stress capital levels and ratios under that hypothetical scenario. The estimated capital ratios are then compared with regulatory benchmarks. We use a common scenario for all firms; for the firms with the largest trading activities, we supplement the basic scenario with a market-shock scenario that incorporates market turbulence of severity similar to that of the latter half of 2008. Although the basic goals and approach of stress testing have remained largely unchanged since the SCAP, the implementation has evolved and improved from year to year. For example, we have continued to refine the formulation of the hypothetical scenarios that form the basis of the stress tests. As explained in a statement we released in the fall, the severely adverse scenario is designed to reflect, at a minimum, the economic and financial conditions typical of a severe post-World War I I U.S. recession. In devising recession scenarios, we draw on many of the same macroeconomic modeling tools used in making monetary policy. Of course, not all significant risks facing banks are tied to the business cycle.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 75

Accordingly, our scenarios now generally incorporate not only the typical consequences of a severe recession but also, simultaneously , other adverse developments such as an exceptionally large decline in house prices, sharp drops in the value of stocks and other financial assets, or a worsening of global economic conditions more severe than might normally be expected to accompany a deep recession in the United States.
Importantly, in specifying the severely adverse scenario, we seek to avoid adding to the procyclicality of the financial system. In other words, in applying stress tests, we do not want to inadvertently set a standard that is easier to meet in good times (when banks should be preparing for possibly tougher times ahead) than in bad times (when banks need to be able to use accumulated capital to support lending). Accordingly, we will want to ensure that the stress scenario remains severe in an absolute sense even when the economy is strong and the near-term risks to the outlook seem relatively modest. We have also improved our tools for estimating projected bank losses, revenues, and capital under alternative scenarios. The original SCAP was supervisors‘ first attempt to produce comprehensive and simultaneous estimates of the financial conditions of the nation‘s largest banking firms, and the required data and analytical methods were developed under great time pressure. Of necessity, when projecting losses and revenues under alternative SCAP scenarios, supervisors relied on the firms‘ own estimates as a starting point. Although we scrutinized and questioned the firms‘ estimates and made significant adjustments based on our own analysis, for that inaugural round of stress tests, it was not possible to produce completely independent estimates.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 76

However, over the past four years, considerable progress has been made in data collection and in the development of independent supervisory models.
For our most recent supervisory stress tests, we collected and analyzed loan- and account-level data on more than two-thirds of the $4.2 trillion in accrual loans and leases projected to be held by the 18 firms we evaluated this year. Those detailed data include borrower, loan, and collateral information on more than 350 million domestic retail loans, including credit cards and mortgages, and more than 200,000 commercial loans. Currently, the Federal Reserve uses more than 40 models to project how categories of bank losses and revenues would likely respond in hypothetical scenarios. The improvements in data and models have increased our ability to distinguish risks within portfolios. Importantly, these supervisory models are evaluated by a special model validation group made up of experts within the Federal Reserve who do not work on the stress tests. We have also created a Model Validation Council made up of external experts to provide independent views and advice. These ongoing efforts are bringing us close to the point at which we will be able to estimate, in a fully independent way, how each firm's loss, revenue, and capital ratio would likely respond in any specified scenario. Another innovation since the SCAP is the increased supervisory focus on banks‘ internal capital planning practices, which are reviewed as part of CCAR. We see the requirement that banks with assets of $50 billion or more submit annual capital plans to the Federal Reserve as a critical enhancement.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 77

While regulatory minimums and supervisory expectations provide floors for acceptable capital levels, the firms and their boards of directors are responsible for assessing their own capital needs over and above the minimums.
Our supervisors scrutinize their practices and assess their capacity to fulfill that responsibility. In particular, we require firms to formulate their own scenarios that capture the risks that they face, and to assess potential losses and revenues under both the supervisory scenarios and their internal scenarios over a nine-quarter horizon. In CCAR, our qualitative assessment of a firm‘s capital planning is integrated with the quantitative results of both the supervisory and company-run stress tests. The Federal Reserve continues to increase the transparency of our stress testing process, the results of the exercises, and our assessments of banks‘ capital planning. The original SCAP set a new standard of supervisory transparency in disclosing bank-by-bank estimates of stress losses by type of exposure. This departure from the traditionally confidential treatment of supervisory information, as I noted earlier, was intended to restore public confidence by providing much-needed information about banks‘ potential losses and capital needs. In last month‘s results, in addition to projected losses and revenues, we disclosed for the first time whether we had objected to each firm‘s capital plan. Also for the first time, banks were required to disclose their own estimates of stressed losses and revenues. The disclosures by banks give investors and analysts an alternative perspective on the test results; they also help them form judgments about
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 78

banks‘ appetites for risk and their risk management practices, particularly their abilities to measure losses in a severe downturn.
Even outside of a period of crisis, the disclosure of stress test results and assessments provides valuable information to market participants and the public, enhances transparency, and promotes market discipline. In the four years since the SCAP, the Federal Reserve‘s stress testing program has been expanded and strengthened through both statute and regulation. The Dodd-Frank Act widened the scope of stress testing to all bank holding companies with $50 billion or more in total consolidated assets (approximately 1 1 companies in addition to the original SCAP participants) and to nonbank financial companies designated by the Financial Stability Oversight Council as systemically important, and therefore subject to consolidated supervision by the Federal Reserve. Dodd-Frank also requires these companies to conduct their own stress tests twice a year.

In October, the Federal Reserve Board adopted rules implementing these requirements.
The 1 1 additional companies with assets of $50 billion or more will be subject to DFAST and CCAR for the first time next year. While no institutions below $50 billion in assets are subject to supervisory stress testing or the requirements of CCAR, the Dodd-Frank Act does require that institutions with between $10 billion and $50 billion in assets conduct their own stress tests.

The initial tests by these firms will begin this year and will be completed by March.
While we believe that stress testing will help medium-sized institutions better understand the risks they face, we tailored our rule for these
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 79

institutions to take account of differences in size, complexity , and business models.
We specifically exempted community banking organizations with $10 billion or less in total assets from the requirement that they run their own stress tests as those institutions cannot reasonably be expected to have the resources that larger banks devote to stress testing.

Benefits and challenges of stress testing
As already noted, stress testing has a number of important benefits as a supervisory tool. From a microprudential perspective, the CCAR provides a structured means for supervisors to assess not only whether banks hold enough capital, but also whether banks are able to rapidly and accurately determine their risk exposures, an essential element of effective risk management. The cross-firm nature of the stress tests also helps supervisors identify outliers – both in terms of results and practices – that can provide a basis for further, more targeted reviews. From a macroprudential perspective, the use of a common scenario allows us to learn how a particular risk or combination of risks might affect the banking system as a whole – not just individual institutions. This experience with stress testing has indeed been very useful for our efforts to better monitor and evaluate potential systemic risks. For example, in our macroprudential work, as in our stress tests, we tend to rely on horizontal examinations and comparative studies, as opposed to firm-by-firm assessments; we use multidisciplinary, specialized teams to supplement the work of on-site examiners; and we have increased our use of modeling and quantitative methods, using data drawn from different institutions and time periods. All of these features are apparent in the workings of our Large I nstitution
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 80

Supervision Coordinating Committee, which provides coordinated oversight of the supervision of systemically important firms.
We have also extended the lessons of systemwide stress testing to analysis of factors other than capital: For example, we recently completed a horizontal review of liquidity positions and liquidity risk-management practices at some of the largest CCAR firms. Like the CCAR review of capital planning, this review was a multidisciplinary effort that used quantitative information – in this case, detailed data on firms‘ liquidity positions – as well as qualitative information on liquidity risk-management practices. Notwithstanding the demonstrated benefits of comprehensive stress testing, this evolving tool also presents challenges. For example, even as we continue to explore ways to enhance the transparency of the models we use to estimate banks‘ projected revenues and losses, we have chosen not to publish the full specification of these models. As a result, we hear criticism from bankers that our models are a ―black box,‖ which frustrates their efforts to anticipate our supervisory findings. We agree that banks should understand in general terms how the supervisory models work, and, even more importantly, they need to be confident that our models are empirically validated and sound. I mentioned our internal efforts at model validation, which have increased the quality and accuracy of our models. We have also begun to host an annual stress test modeling symposium, which provides a venue for regulators, bankers, academics, and others to share their views.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 81

Over time, we expect banks to better understand the basic elements of the supervisory models, rendering them at least somewhat less opaque.
At the same time, it is reasonable to worry that, with increased disclosure of supervisory models, firms would see a declining benefit to maintaining independent risk-management systems and would just adopt supervisory models instead. Doing so would certainly make it easier to ―pass‖ the stress tests. However, all models have their blind spots, and such an outcome risks a ―model monoculture‖ that would be susceptible to a single, common failure. The differences in stress test results obtained by supervisors‘ and banks‘ own models can be informative, and we do not want inadvertently to destroy the healthy diversity or innovation of the models and other risk-management tools used in the banking industry. Another challenge is that our stress scenarios cannot encompass all of the risks that banks might face. For example, although some operational risk losses, such as expenses for mortgage put-backs, are incorporated in our stress test estimates, banks may face operational, legal, and other risks that are specific to their company or are otherwise difficult to estimate. It is important for banking firms to consider the potential for losses from these other classes of risks as systematically as possible, and supervisors also account for these risks as best they can. Of course, unforeseen events are inevitable, which is why maintaining a healthy level of capital is essential.

Conclusion
As I have discussed today, the banking system is much stronger since the implementation of the SCAP four years ago, which in turn has contributed to the improvement in the overall economy.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 82

The use of supervisory stress tests – a practice now codified in statute – has helped foster these gains.
Methodologically, stress tests are forward looking and focus on unlikely but plausible risks, as opposed to ―normal‖ risks. Consequently, they complement more conventional capital and leverage ratios. The disclosure of the results of supervisory stress tests, coupled with firms‘ disclosures of their own stress test results, provide market participants deeper insight not only into the financial strength of each bank but also into the quality of its risk management and capital planning. Stress testing is also proving highly complementary to supervisors‘ monitoring and analysis of potential systemic risks. We will continue to make refinements to our implementation of stress testing and our CCAR process as we learn from experience. As I have noted, one of the most important aspects of regular stress testing is that it forces banks (and their supervisors) to develop the capacity to quickly and accurately assess the enterprise-wide exposures of their institutions to diverse risks, and to use that information routinely to help ensure that they maintain adequate capital and liquidity . The development and ongoing refinement of that risk-management capacity is itself critical for protecting individual banks and the banking system, upon which the health of our economy depends.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 83

APRA releases consultation package on disclosure of composition of capital and remuneration
The Australian Prudential Regulation Authority (APRA) today released a consultation paper and draft prudential standard relating to Pillar 3 disclosures on the composition of capital and on remuneration by authorised deposit-taking institutions (ADIs) in Australia.

As part of the Basel I I I capital reforms released by the Basel Committee on Banking Supervision in December 2010, ADIs will be required to disclose additional information on their capital adequacy and capital instruments.
These disclosure requirements will, among other things, inform the market of the composition of ADIs‘ regulatory capital in a standard form that will allow market participants to compare the capital positions of banking institutions in different jurisdictions. ADIs will be required to publish a reconciliation between their regulatory capital and financial statements. They will also need to disclose full details of the terms and conditions of each regulatory capital instrument and a summary of those instruments in a standard form. In addition, APRA will be consulting on its proposed implementation of the Basel Committee‘s requirements for ADIs to disclose qualitative and quantitative information about their remuneration practices and aggregate remuneration data for senior managers and material risk-takers. APRA had foreshadowed these requirements, which take account of the Financial Stability Board‘s Principles for Sound Compensation Practices
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 84

(2009), in a letter to ADIs in October 2011.
APRA is proposing that the requirements commence for the first reporting period on or after 30 June 2013.

Discussion Paper Basel I I I disclosure requirements: composition of capital and remuneration Chapter 1 — Disclosure requirements for composition of capital
In its June 2012 publication, Composition of capital disclosure requirements, the Basel Committee noted the difficulties faced by market participants and supervisors during the global financial crisis in assessing the capital positions of banking institutions and making comparisons of their capital positions on a cross-jurisdictional basis. The Basel Committee also suggested that lack of clarity on the quality of capital may have contributed to uncertainty during the crisis and that interventions by national authorities may have been more effective if the capital positions of institutions were more transparent. To address these concerns, the Basel Committee developed a package of requirements for the disclosure of information about the capital position of banking institutions. To improve consistency and ease of use of disclosures, and to mitigate the risk of inconsistent formats undermining the objective of enhanced disclosure, the Basel Committee included two common templates for use by banks.

This chapter sets out APRA‘s proposed implementation of these capital disclosure requirements by ADIs.
The draft of an expanded APS 330 released with this discussion paper includes details of these proposed measures.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 85

1. Scope of application
Consistent with its application of the Basel I I I capital reforms, APRA proposes to apply the capital disclosure requirements to all locally incorporated ADIs (other than PPF providers). For some requirements, this extends the current scope of APS 330 to include ADIs using the ‗standardised‘ Basel I I approaches to measuring credit and operational risk. The requirements will apply to ADIs on a Level 2 basis or, where Level 2 is not applicable, on a Level 1 basis.

2. Common disclosure template
The Basel Committee‘s capital disclosure requirements include a common template to be used to report the components of regulatory capital. There are two versions of this template: one for the period before 1 January 2018 for use in jurisdictions that are phasing in Basel I I I regulatory adjustments, and one for post 1 January 2018. APRA has implemented the Basel I I I approach to regulatory adjustments in full from 1 January 2013 and, accordingly, is proposing that ADIs need only complete the so-called ‗post 1 January 2018 common disclosure template‘. Until 1 January 2018, ADIs will be required to disclose that they are using this template because they are applying the Basel I I I regulatory adjustments in full from 1 January 2013. APRA has made minor amendments to the template so that it better reflects financial reporting terminology used in Australia, such as altering ‗common stock‘ to ‗ordinary shares‘.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 86

The common disclosure template envisaged disclosure of regulatory adjustments specific to national jurisdictions under the relevant ‗total‘ row for each category of capital.
APRA proposes to add additional rows below these totals to identify the regulatory adjustments that it requires. These have been highlighted in draft APS 330 and include: •treasury shares (if not included in share capital calculated under Basel I I I); •holdings of capital instruments in group members by other group members on behalf of third parties; •offsets to dividends declared due to dividend reinvestment plans, to the extent that the dividends are used to purchase new ordinary shares issued by the ADI; • deferred fee income; •the capital impact of common equity, Additional Tier 1 and Tier 2 investments in financial institutions that are outside the scope of regulatory consolidation, not already reported in the template; •the capital impact of deferred tax assets (net of deferred tax liabilities) not already reported in the template; • capitalised expenses; •investments in commercial (non-financial) entities deducted under APRA‘s capital standards; • covered bonds in excess of asset cover in pools; and • undercapitalisation of non-consolidated subsidiaries.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 87

In addition, APRA accepts that ADIs may wish to disclose further information on regulatory capital ratios.
It therefore proposes to provide an addendum that compares capital ratios under APRA‘s requirements (after applying national discretions) and under Basel I I I rules (not applying national discretions). The addendum focuses on the numerator of the capital ratio. The Basel Committee is undertaking a substantial exercise on the denominator – the measurement of risk-weighted assets – aimed at ensuring consistent implementation of the full Basel capital framework, so as to maintain market confidence in regulatory capital ratios and provide a level playing field. APRA will consider expanding the addendum to take into account the results of the Basel Committee exercise. Finally, APRA proposes to delete the requirements under the current APS 330 that have been superseded by the common disclosure template.

1.3. Reconciliation requirements
APRA proposes to adopt the Basel Committee‘s common approach for banks to disclose ‗a full reconciliation of all regulatory capital elements back to the balance sheet in the audited financial statements‘. This involves undertaking a three-step process: Step 1: Disclose the reported balance sheet under the regulatory scope of consolidation. The scope of consolidation for accounting purposes and for regulatory purposes is often different. This step is therefore intended to clarify the difference between the numbers used in an ADI ‘s calculation of regulatory capital and the numbers used in its published financial statements.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 88

In addition, APRA proposes to require ADIs to disclose the list of legal entities that are included within the accounting scope of consolidation but excluded from the regulatory scope of consolidation (and vice-versa).
ADIs will also need to disclose total balance sheet assets and liabilities and the principal activities of these entities. Step 2: Expand the lines of the balance sheet under the regulatory scope of consolidation to display all of the components that are used in the composition of capital disclosure template.

As outlined by the Basel Committee, many of the elements used in the calculation of regulatory capital cannot be readily identified from the face of the balance sheet.
Under this step, APRA proposes that ADIs expand the rows of the regulatory-scope balance sheet such that all of the components used in the composition of capital disclosure template are displayed separately. ADIs will only be required to expand elements of the balance sheet to the extent necessary to reach the components used in the disclosure requirements for the composition of capital. Step 3: Map each of the components that are disclosed in Step 2 to the common disclosure template. When reporting the common disclosure template, ADIs will be required to use the reference numbers/ letters from Step 2 to show the source of each input. Specifically, under this step ADIs will need to illustrate how components have been used to calculate items in the common disclosure template. APRA does not intend to prescribe a standard format for this reconciliation.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 89

In addition, APRA proposes to delete the existing Table 1: Scope of application in Attachment A of APS 330 as the Basel I I I reconciliation requirements will in part duplicate that information.
However, APRA is retaining the qualitative information required under (a) and (c) of Table 1, viz: •the name of the top corporate entity in the Level 2 group; and •any restrictions, or other major impediments, on the transfer of funds or regulatory capital within the group. This information will need to be disclosed as part of the reconciliation requirements.

1.4. Main features template
ADIs approved to use the ‗advanced‘ Basel I I approaches to measuring credit and operational risk for capital adequacy purposes are already required to disclose summary information on the terms and conditions of the main features of all capital instruments. The Basel Committee has found that this requirement has not been met in a consistent manner across jurisdictions. It concluded that the lack of consistency in both the level of detail provided and the format of disclosure made analysis and monitoring of this information difficult. To ensure that the main features of regulatory capital instruments are disclosed in a consistent and comparable way, the Basel Committee has introduced a ‗main features template‘. This template represents the minimum level of summary disclosure that banks are required to report in respect of each regulatory capital instrument issued.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 90

APRA proposes to adopt the Basel Committee‘s main features template without amendment.
The template is set out in Attachment B to draft APS 330. 1.4.1. Disclosure of the full terms and conditions of capital instruments APRA is proposing that, in addition to completing the main features template, ADI s be required to make the full terms and conditions of their regulatory capital instruments available on their website. This will allow market participants to investigate the specific features of individual capital instruments. The full terms and conditions of capital instruments and the main features template will need to be updated whenever a new capital instrument is issued and included in regulatory capital, whenever an instrument is redeemed, converted or written off, or where these is a material change in it‘s nature. APRA is proposing that this be done within seven calendar days of the event.

1.5. Other disclosure requirements
APRA also proposes to adopt the following Basel Committee requirements: Non-regulatory ratios: APRA proposes that any ADI using non-Basel I I I terminology to describe regulatory capital ratios (e.g. ‗Equity Tier 1‘, ‘core Tier 1‘ or ‘Tangible Common Equity‘ ratios) be required to accompany such usage with a comprehensive explanation of how these ratios are calculated. Disclosure policy: APS 330 requires an advanced ADI to have a formal policy relating to its prudential disclosures approved by the Board of directors (Board) that addresses the ADI ‘s approach to determining the content of its prudential disclosures and the internal controls over the disclosure process.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 91

As the expanded capital disclosure requirements will apply to all locally incorporated ADIs, other than PPF providers, APRA also proposes to require all such ADIs to have a formal disclosures policy approved by the Board.
Market risk: APRA is taking the opportunity to update APS 330 to amend the table on market risk (Table 1 1) in the January 2013 version of APS 330. This will fully align the table with the Basel Committee‘s February 2011 document, Revisions to the Basel I I market risk framework.

The proposed changes apply to ADIs using the internal models approach for trading portfolios and are highlighted in Table 14 in Attachment D to draft APS 330.

1.6. Implementation date, frequency and timing
APRA is proposing that an ADI‘s capital disclosures under Attachment A to APS 330 and the reconciliation requirements be determined as at its first balance sheet date on or after 30 June 2013.

Subsequent disclosures would be made semi-annually for listed ADIs and annually for unlisted ADIs, in accordance with requirements for the publication of financial statements under the Corporations Act.
Subject to minor adjustments, APRA proposes that disclosures made under the current APS 330 will continue with the same frequency under the new measures. That is, disclosures under Attachment C in draft APS 330 (formerly Table 16, 17 and 18) will continue to be made as at the end of each quarterly period in relation to the balance sheet date, together with the disclosures required for the previous quarter. Under Attachment D to draft APS 330, an ADI with approval to use the IRB/AMA approaches to credit and operational risk will continue to make the qualitative risk exposure and assessment disclosures on an annual basis, coinciding with its balance sheet date.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 92

The quantitative risk exposure and assessment disclosures must be made on a semi-annual basis and published together with the disclosures made for the previous semi-annual period.
APRA also proposes that the full terms and conditions of regulatory capital instruments and a main features template for each instrument under Attachment B to draft APS 330 be disclosed from 30 June 2013.

1.7. Location and archiving of capital disclosures
APS 330 currently requires an ADI to provide ready access to its prudential disclosures in a clearly identifiable location on its website, or as otherwise agreed with APRA if the ADI has no website. To align with the Basel Committee‘s disclosure requirements, APRA is proposing that an ADI ‘s financial statements must include the new capital disclosures under Attachment A (including the reconciliation report) and Attachment B to draft APS 330 in full or provide a direct link to the completed disclosures on its web site. In either case, APRA also proposes that all disclosures relating to regulatory capital will be included in a Regulatory Disclosures section of an ADI ‘s website. In cases where disclosure requirements have been met through publicly available regulatory reports, the Regulatory Disclosures section of an ADI‘s website should provide specific links to these reports. An ADI that has no website will continue to require approval by APRA for an alternative means of publication. Finally, the Basel Committee‘s capital disclosure requirements require banks to archive previous templates on their websites for a ‗suitable retention period‘ determined by national authorities. APRA proposes that an ADI will need to retain previous disclosure documents for at least the previous 12 months, on its website, or as otherwise agreed with APRA.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 93

Chapter 2 — Disclosure requirements for remuneration
On 1 July 2011, the Basel Committee issued disclosure requirements for remuneration in its document, Pillar 3 Disclosure Requirements for Remuneration. These remuneration disclosures took account of the Financial Stability Board‘s Principles for Sound Compensation Practices (2 April 2009). The requirements include qualitative disclosures in relation to remuneration policy and processes and also quantitative disclosures, including aggregate information in relation to the remuneration of an ADI‘s senior management and other material risk-takers. The objective of these disclosures is to support effective market discipline and allow market participants to assess the quality of an ADI‘s remuneration practices. In a letter to ADIs on 7 October 201112, APRA proposed to consult with industry on the Basel Committee‘s remuneration disclosure requirements as part of ADI Pillar 3 reporting requirements. At the same time, APRA encouraged all locally-incorporated ADIs to commence reporting on their remuneration practices in a manner consistent with the Basel Committee‘s document as soon as practicable. This chapter sets out APRA‘s proposed implementation of its disclosure requirements for remuneration in an expanded APS 330. Detailed proposals are set out in Attachment E to draft APS 330.

2.1. Scope of application
APRA proposes to apply the Pillar 3 disclosure requirements for remuneration to all locally incorporated ADIs, except PPFs and SCCIs.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 94

Foreign ADIs are excluded from the proposed remuneration disclosure requirements on the basis that their parent entities will make these disclosures through requirements imposed by their home supervisors.

2.2. Interaction with remuneration disclosures required under the Corporations Act
APRA is mindful that listed ADIs must already meet remuneration disclosure requirements under the Corporations Act. Under those requirements, the annual directors‘ report of a listed company is to include a separate Remuneration Report covering qualitative and quantitative information for ‗key management personnel‘, being ‗those persons having authority and responsibility for planning, directing and controlling the activities of the entity, directly or indirectly, including any director (whether executive or otherwise) of that entity‘. In other words, remuneration disclosure under the Corporations Act is focused on management positions. Under CPS 510, an ADI ‘s remuneration policy is broader in scope and encompasses senior managers, material risk-takers and risk and management personnel. The remuneration disclosure requirements reflect this, with the exception that the aggregate quantitative disclosures apply only to the first two categories. This would mean that, at a minimum, an ADI‘s quantitative disclosures should cover: • an executive director; • a senior manager, being a person (other than a director) who: °° makes, or participates in making, decisions that affect the whole, or a substantial part, of the business of the regulated institution;
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 95

°° has the capacity to affect significantly the regulated institution‘s financial standing;
°° may materially affect the whole, or a substantial part, of the business of the regulated institution or its financial standing through their responsibility for: (i)enforcing policies and implementing strategies approved by the Board of the regulated institution; (ii)the development and implementation of systems used to identify, assess, manage or monitor risks in relation to the business of the regulated institution; or (iii)monitoring the appropriateness, adequacy and effectiveness of risk management systems; •a person who performs activities for a subsidiary of the regulated institution where those activities could materially affect the whole, or a substantial part, of the business of the regulated institution or its financial standing, either directly or indirectly (but not for a subsidiary that holds a registrable superannuation entity licence under the Superannuation Industry (Supervision) Act 1993); and •all other persons for whom a significant portion of total remuneration is based on performance and whose activities, individually or collectively, may affect the financial soundness of the regulated institution. APRA is proposing that it be open to a listed ADI to incorporate the APS 330 remuneration disclosure requirements into its Remuneration Report, provided that the disclosures made in relation to ‗key management personnel‘ under the Corporations Act are clearly distinguished from the disclosures made under APS 330 for ‗senior managers‘ and ‗material risk-takers‘.

2.3. Implementation date, frequency, timing and location

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 96

APRA proposes that an ADI be required to meet the disclosure requirements for remuneration from its first balance sheet date occurring on or after 30 June 2013 and for each subsequent year.
APRA is also proposing that an ADI should disclose its previous year‘s quantitative information on remuneration, beginning from its second published report of this information. APRA is proposing that remuneration disclosures be published concurrent with:

•for a listed ADI, the publication of its audited financial statements; or
•for an unlisted ADI, the lodgement of its financial statements under the Corporations Act. APRA is proposing that, to the extent practicable, ADIs disclose the information required on their website or in a publicly available document. In line with the Basel Committee‘s requirements, APRA is also proposing to permit ADIs to refer to a different website or document: •if an equivalent disclosure has already been made under an accounting or listing requirement relating to the same time period; or • to indicate where additional information may be found. In these situations, ADIs must ensure that the site or document is publicly accessible.

Chapter 3 — Request for cost-benefit analysis information
To improve the quality of regulation, the Australian Government requires all proposals to undergo a preliminary assessment to establish whether it is likely that there will be business compliance costs. In order to perform a comprehensive cost-benefit analysis, APRA welcomes information from interested parties.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 97

As part of the consultation process, APRA also requests respondents to provide an assessment of the compliance impact of the proposed changes.
Given that APRA‘s proposed requirements may impose some compliance and implementation costs, respondents may also indicate whether there are any other disclosure requirements that should be improved or removed to reduce compliance costs. Respondents are requested to use the Business Cost Calculator (BCC) to estimate costs to ensure that the data supplied to APRA can be aggregated and used in an industry-wide assessment. APRA would appreciate being provided with the input to the BCC as well as the final result. The BCC can be accessed at www.finance.gov.au/ obpr /bcc/ index.html.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 98

ESMA 2013 Regulatory Work Programme
ESMA has published its 2013 Regulatory Work Programme which is based on its 2013 Work Programme, published in October 2012, and provides a detailed breakdown of the of the individual workstreams as outlined in the 2013 Work Programme. The RWP should normally be published in conjunction with the annual Work Programme on which it is based. However, the 2013 RWP was delayed due to uncertainty over several components of the EU‘s legislative programme.

ESMA‘s key objectives and priorities in 2013
This work programme describes the goals and deliverables planned for ESMA in its third year of operation. 2013 will be marked by a major increase of the work of ESMA, given a number of new responsibilities that are in the process or have been given to the organisation by the co-legislators. 2013 objectives and priorities are based on three key elements:

1. N ew and revised legislation
The introduction of new and the overhaul of existing legislation will be a key challenge for ESMA. 2013 will see the continuation of the revision of the Markets in Financial Instruments Directive (which will be superseded by a revised directive and a new regulation, MiFID 2 and MiFIR), and of the revision of the Market Abuse Directive (a new regulation - MAR - and a new directive - MAD 2).

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 99

These new legislative texts form part of the key deliverables initiated by the EU Institutions in response to the financial crisis. Other key texts are also planned for:
- a new Credit Rating Agencies Regulation (CRA I I I ); - the revision of the Transparency Directive and; - the Regulations on Venture Capital (VC) and Social Entrepreneurship Funds (SEFs).

- CSD Regulation
In order to build a single rulebook for Europe, ESMA will develop technical standards, guidelines and advice. ESMA‘s focus goes beyond establishing new regulation though. At the same time, ESMA will promote supervisory convergence. In 2013 it is expected that ESMA will fully exercise all its powers to drive greater convergence of national supervisory activity and implementation of EU regulation on the ground. Following several years of crisis, E SMA‘s work will aim to support the restoration of confidence in Europe‘s financial markets.

2. Supervisory Role – CRAs and Trade Repositories
2013 will be the second year in which ESMA will exercise its supervisory duties for CRAs.

ESMA will focus on implementing its new multi-dimensional supervision approach, incorporating horizontal thematic and vertical firm-specific supervisory work.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 100

ESMA will also begin supervising Trade Repositories, under the terms of the European Market I nfrastructure Regulation (EMIR), and coordinate supervisory colleges for Central Counterparties.

3. Coordination, monitoring and analysis of financial markets
As in 2011 and 2012, in response to the situation in European financial markets, ESMA will continue to actively monitor developments in financial markets and drive and coor-dinate appropriate responses (by NCAs and other EU authorities).

A substantial part of ESMA‘s resources will be allocated to monitoring and providing analyses of develop-ments in financial markets to support financial stability and protection of financial con-sumers.
In order to enable ESMA to deliver its 2013 work programme, it will need to increase its staffing and budget accordingly. In 2013 staff numbers are expected to grow from 101 to 160 and the budget from €20.2 million to approximately €28 million. ESMA will continue to be funded by the European Commission (Commission), the National Competent Authorities and fees from Credit Rating Agencies. For the first time, in 2013, funding will also be generated from Trade Repositories fee contributions which will cover E SMA‘s costs of the relevant supervision.

The division of ESMA‘s work
ESMA has structured the different work streams it will undertake according to its key responsibilities and objectives. Therefore this document presents the planned activities for 2013 under the following headings: - Single Rulebook;
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 101

-

Supervision; Financial consumer protection; Contribution to Financial Stability; Convergence; and ESMA as an organisation.

The document also contains four annexes, detailing: - the planned human resources and organisational structure of ESMA; - the draft 2013 budget (pending approval from the EU institutions); and - The list of key work streams and on-going activities.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 102

Islamic finance and the European challenge
Opening address by Mr I gnazio Visco, Governor of the Bank of Italy, at the I FSB Forum ―The European challenge‖, organized by the I slamic Financial Services Board (IFSB) and hosted by the Bank of Italy, Rome, 9 April 2013. Ladies and gentlemen, I am pleased to welcome you today to this Seminar, organized by the Islamic Financial Services Board and hosted by Banca d‘ Italia on the subject of I slamic finance. As you know, the main prescriptions relating to financial transactions in accordance with I slamic religious law are the ban on paying interest and the prohibition of excessive uncertainty and speculation in contractual arrangements. This is predicated on the principle that profits should be generated from fully sharing in the business risk of an investment (the so called ―profit and loss sharing principle‖). The asset-backing requirement complements these prescriptions, providing for the link between each financial transaction and an identifiable underlying asset. A few weeks ago I gave a lecture on the financial sector after the crisis. On that occasion, it occurred to me that the renowned economist and philosopher – and eventually Nobel laureate – Amartya Sen had given in these same rooms the first of our scholarly lectures entitled to the memory of our late governor Paolo Baffi.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 103

Sen‘s lecture was on ―Money and Value: on the Ethics and Economics of Finance‖.
It is of course an interesting and good read in these difficult days. But what I was most intrigued by was Sen‘s question: ― How is it possible that an activity that is so useful has been viewed as morally so dubious?‖ There are indeed a good finance and a bad finance. While we may have some differences in ideas and perceptions on the goods and the bads, I think that what is most important is really to focus on the link between financial transactions and underlying assets, to conclude, with Sen, that ―finance plays an important part in the prosperity and well-being of nations‖. Indeed, it is crucial for sharing and allocating risk, especially for poorer societies and people. It is crucial for transferring resources over time and removing liquidity constraints. It is very important for fostering innovation and promoting economic growth. But it has to be certainly ―ethical‖ and certainly transparent. An accurate measure of Islamic financial services is difficult, due to the lack of official statistics.

However, some private estimates assess the current size at about 1.6 trillion dollars, in terms of assets.
While Islamic finance still constitutes a small share of the industry,

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 104

roughly 1 per cent of overall global financial assets, it has witnessed a rapid expansion over the last decade, with annual growth rates in the range of 10–15 per cent.
It has also gained further momentum following the financial crisis. Islamic banking accounts for about 80% of total I slamic financial assets but the development of Islamic securities, notably the sukuks, has also contributed to increasing this sector‘s activity in international capital markets.

The industry has seen a wide dissemination across countries, beyond its traditional centres of gravity in the Middle East and South East Asia.
According to available estimates, Islamic financial institutions are currently operating in around 70 countries. Europe has also been part of the process, with the opening of I slamic banks in the UK, the issuance of a sukuk bond by a German Land, an increased activity in the field of I slamic investment funds, some tax and regulatory changes introduced in France to facilitate the use of Islamic financial products. This global expansion is expected to continue also in the near future: some market estimates foresee that by the end of this year I slamic financial assets will have reached 1.9 trillion dollars. Several factors underlie growth in this sector: - the need to invest the abundant liquidity acquired by oil exporting countries;

- the search for risk diversification and for shari‘ah compliant/ ethical investments;
- the increased need for funding for socio-economic development in Islamic countries; and

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 105

- support from regulatory and supervisory authorities.
Part of this trend can also be attributed to the growing interest in the industry coming from non-traditional markets, like the EU, the US, South Korea, Hong Kong, etc. In Banca d‘ Italia we are interested in deepening our knowledge of this subject, in view of its relevance for the Bank‘s institutional duties, as a member of the Eurosystem and as the Authority for banking and financial supervision in I taly.

A Seminar on Islamic Finance was organized here in 2009 and a collection of research papers on I slamic finance vs. conventional financial systems, focusing on supervision and the implications for central banking activity was published in 2010.
Hosting this IFSB seminar is a fruitful occasion to further improve our knowledge and to share it with our financial community and academia. The opportunity to attract foreign capital to underpin economic progress, on the one hand, and the intensity of the commercial and financial links with the southern shores of the Mediterranean, on the other, make it increasingly important for our country and its financial system to be equipped with the knowledge and the operational instruments needed to interact with financial systems complying with shari'ah principles. It is interesting to note that in the countries where Arab revolts occurred and I slamic-oriented political parties are now in charge of government, after the collapse of previous authoritarian regimes, the development of Islamic finance is gaining momentum. Very recently the Egyptian Legislative Council has adopted a project to issue sukuk. Even a cursory look at today‘s program shows that Islamic finance and its interactions with conventional financial practices are a source of numerous intriguing questions.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 106

I am therefore confident that the subject will stimulate the interest of participants, and most grateful to the speakers who have accepted to join the 4 panels.
The overview of the industry, to which Session 1 is devoted, will show that the growth of Islamic finance in recent years is one aspect of the increased role being played in the global financial system by a number of emerging economies. This opens up new opportunities for channeling financial resources both to these countries and other markets but it also adds to the complexity of the system, calling for enhanced international cooperation by policymakers and regulators, lest the benefits of a financial system which is dynamic and prone to healthy innovation are jeopardized by instability. In the European context, some additional drivers can be identified: on the demand side, the growing resident Muslim community potentially requesting more retail banking services, and on the supply side, an improved know-how on the part of European intermediaries, together with the already mentioned attractiveness of some financial markets for the investment of Gulf countries‘ liquidity, and the potential use of Islamic finance products to broaden funding sources to finance public debt. The question of public debt financing takes us to the subject of another Session – Session 3 – where the issuance of sukuk bonds, whose total outstanding volume reached $230 billions in 2012, will be discussed, together with their increased role in international capital markets. Growing attention is devoted in Europe to the possibility of issuing sovereign and corporate sukuk and we are pleased to have as Chairperson of this session Ms. Maria Cannata, Director General of the Public Debt, Department of the Treasury of our Ministry of Economy and Finance. Coming to challenges and opportunities in the European framework, which will be discussed in Sessions 2 and 4, let me conclude by only mentioning in passing some issues that may inhibit the development of Islamic finance.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 107

First, in the field of monetary policy, the Eurosystem operational framework is, of course, relying on interest-based instruments.
Second, in the area of prudential regulation and supervision, all European banks have the obligation to join deposit insurance and/ or financial services compensation schemes, whereas, according to the I slamic jurisprudence prevailing in various I slamic countries, Islamic bank ―investment‖ deposits (which follow the ―profit and loss sharing principle‖) cannot be covered by deposit guarantee schemes. Moreover, there exists a prominent issue of corporate governance related to the role of the shari‘ah boards. In I taly for instance the Board of a bank is required to take full responsibility for the bank‘s management decisions, which cannot obviously be ―shared‖ with another body such as the shari‘ah board. Let me leave you with these queries trusting that the debate in this forum will shed light on the issues.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 108

COMMODITY FUTURES TRADING COMMISSION SECURITIES AND EXCHANGE COMMISSION

Identity Theft Red Flags Rules
Joint final rules and guidelines. Summary The Commodity Futures Trading Commission (―CFTC‖) and the Securities and Exchange Commission (―SEC‖) (together, the ―Commissions‖) are jointly issuing final rules and guidelines to require certain regulated entities to establish programs to address risks of identity theft. These rules and guidelines implement provisions of the Dodd-Frank Wall Street Reform and Consumer Protection Act, which amended section 615(e) of the Fair Credit Reporting Act and directed the Commissions to adopt rules requiring entities that are subject to the Commissions‘ respective enforcement authorities to address identity theft. First, the rules require financial institutions and creditors to develop and implement a written identity theft prevention program designed to detect, prevent, and mitigate identity theft in connection with certain existing accounts or the opening of new accounts. The rules include guidelines to assist entities in the formulation and maintenance of programs that would satisfy the requirements of the rules. Second, the rules establish special requirements for any credit and debit card issuers that are subject to the Commissions‘ respective enforcement authorities, to assess the validity of notifications of changes of address under certain circumstances.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 109

I. BACKGROUN D
The growth and expansion of information technology and electronic communication have made it increasingly easy to collect, maintain, and transfer personal information about individuals. Advancements in technology also have led to increasing threats to the integrity and privacy of personal information. During recent decades, the federal government has taken steps to help protect individuals, and to help individuals protect themselves, from the risks of theft, loss, and abuse of their personal information. The Fair Credit Reporting Act of 1970 (―FCRA‖), as amended in 2003, required several federal agencies to issue joint rules and guidelines regarding the detection, prevention, and mitigation of identity theft for entities that are subject to their respective enforcement authorities (also known as the ―identity theft red flags rules‖). Those agencies were the Office of the Comptroller of the Currency (―OCC‖), the Board of Governors of the Federal Reserve System (―Federal Reserve Board‖), the Federal Deposit I nsurance Corporation (―FDIC ‖), the Office of Thrift Supervision (―OTS‖), the National Credit Union Administration (―NCUA‖), and the Federal Trade Commission (―FTC‖) (together, the ―Agencies‖). In 2007, the Agencies issued joint final identity theft red flags rules.8 At the time the Agencies adopted their rules, the FCRA did not require or authorize the CFTC and SEC to issue identity theft red flags rules. Instead, the Agencies‘ rules applied to entities that registered with the CFTC and SEC, such as futures commission merchants, broker-dealers, investment companies, and investment advisers. In 2010, the Dodd-Frank Wall Street Reform and Consumer Protection Act (―Dodd-Frank Act‖) amended the FCRA to add the CFTC and SEC to the list of federal agencies that must jointly adopt and individually enforce identity theft red flags rules.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 110

Thus, the Dodd-Frank Act provides for the transfer of rulemaking responsibility and enforcement authority to the CFTC and SEC with respect to the entities subject to each agency‘s enforcement authority.
In February 2012, the Commissions jointly proposed for public notice and comment identity theft red flags rules and guidelines and card issuer rules. The CFTC and SEC received a total of 27 comment letters on the proposal.

Most commenters generally supported the proposal, and many stated that the rules would benefit individuals.
Commenters expressed concern about the prevalence of identity theft and adopt rules that would be substantially similar to the rules the Agencies adopted in 2007. Some commenters raised questions about the scope of the proposal and the meaning of certain definitions.

One commenter stated that benefits to consumers would outweigh the costs of the rules, while another took issue with the estimated costs of complying with the rules.
Today, the CFTC and SEC are adopting the identity theft red flags rules. The final rules are substantially similar to the rules the Commissions proposed, and to the rules the Agencies adopted in 2007. The final rules apply to ―financial institutions‖ and ―creditors‖ subject to the Commissions‘ respective enforcement authorities, and as discussed further below, do not exclude any entities registered with the Commissions from their scope. The Commissions recognize that entities subject to their respective enforcement authorities, whose activities fall within the scope of the rules, should already be in compliance with the Agencies‘ joint rules.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 111

The rules we are adopting today do not contain requirements that were not already in the Agencies‘ rules, nor do they expand the scope of those rules to include new categories of entities that the Agencies‘ rules did not already cover.
The rules and this adopting release do contain examples and minor language changes designed to help guide entities within the SEC‘s enforcement authority in complying with the rules, which may lead some entities that had not previously complied with the Agencies‘ rules to determine that they fall within the scope of the rules we are adopting today.

I I . EXPLANATION OF THE FINAL RULES AN D GUIDELINES A. Final Identity Theft Red Flags Rules
Sections 615(e)(1)(A) and (B) of the FCRA, as amended by the DoddFrank Act, require that the Commissions jointly establish and maintain guidelines for ―financial institutions‖ and ―creditors‖ regarding identity theft, and adopt rules requiring such institutions and creditors to establish reasonable policies and procedures for the implementation of those guidelines. Under the final rules, a financial institution or creditor that offers or maintains ―covered accounts‖ must establish an identity theft red flags program designed to detect, prevent, and mitigate identity theft. To that end, the final rules discussed below specify: (1)which financial institutions and creditors must develop and implement a written identity theft prevention program (―Program‖); (2) the objectives of the Program; (3) the elements that the Program must contain; and

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 112

(4) the steps financial institutions and creditors need to take to administer the Program.

1. Which Financial Institutions and Creditors Are Required to Have a Program
The ―scope‖ subsections of the rules generally set forth the types of entities that are subject to the Commissions‘ identity theft red flags rules. Under these subsections, the rules apply to entities over which Congress recently granted the Commissions enforcement authority under the FCRA. The Commissions‘ scope provisions are similar to those contained in the rules adopted by the Agencies, which limit the rules‘ scope to entities that are within the Agencies‘ respective enforcement authorities. As noted above, the CFTC‘s ―scope‖ subsection ―applies to financial institutions and creditors that are subject to‖ the CFTC‘s enforcement authority under the FCRA.

The CFTC‘s proposed definitions of ―financial institution‖ and ―creditor‖ describe the entities to which its identity theft red flags rules and guidelines apply .
In the Proposing Release, the CFTC defined ―financial institution‖ as having the same meaning as in section 603(t) of the FCRA. In addition, the CFTC‘s proposed definition of ―financial institution‖ also specified that the term includes any futures commission merchant (―FCM ‖), retail foreign exchange dealer (―RFED‖), commodity trading advisor (―CTA‖), commodity pool operator (―CPO‖), introducing broker (― IB‖), swap dealer (―SD‖), or major swap participant (―MSP‖) that directly or indirectly holds a transaction account belonging to a consumer. Similarly, in the CFTC‘s proposed definition of ―creditor,‖ the CFTC applies the definition of ―creditor‖ from 15 U.S.C. 1681m(e)(4) to any
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 113

FCM, RFED, CTA, CPO, IB, SD, or MSP that ―regularly extends, renews, or continues credit; regularly arranges for the extension, renewal, or continuation of credit; or in acting as an assignee of an original creditor, participates in the decision to extend, renew, or continue credit.‖
The CFTC has determined that the final identity theft red flags rules apply to these entities because of the increased likelihood that these entities open or maintain covered accounts, or pose a reasonably foreseeable risk to customers, or to the safety and soundness of the financial institution or creditor, from identity theft. This approach is consistent with the general scope of part 162 of the CFTC‘s regulations. One commenter suggested that the CFTC follow the SEC‘s approach and simply cross-reference the FCRA definition of ―financial institution‖ and the FCRA definition of ―creditor‖ as amended by the Red Flag Program Clarification Act of 2010 (―Clarification Act‖) rather than including named entities in the definition. The commenter argued that cross-referencing the FCRA definitions, as amended by the Clarification Act, rather than including specific types of entities that are subject to the CFTC‘s enforcement authority in the definitions of ―financial institution‖ and ―creditor,‖ would be more consistent with the SEC‘s and the Agencies‘ regulations and would allow the agencies to easily adapt to any changes to the FCRA over time. After considering these concerns, the CFTC has concluded that if it were to follow the SEC‘s approach and simply cross-reference the FCRA definitions of ―financial institution‖ and ―creditor,‖ the general scope provisions of 17 CFR part 162 would still apply and specify that part 162 applies to FCMs, RFEDs, CTAs, CPOs, IBs, MSPs, and SDs. As a practical matter, a cross-reference to the FCRA definitions of ―financial institution‖ and ―creditor‖ would not change the result because under the general scope provisions of part 162, the CFTC‘s identity theft red flags rules would still apply to the same list of entities. As a result, the CFTC believes that it should retain the same definition of ―financial institution‖ and ―creditor‖ contained in the Proposing Release.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 114

The SEC‘s ―scope‖ subsection provides that the final rules apply to a financial institution or creditor, as defined by the FCRA, that is:
•A broker, dealer or any other person that is registered or required to be registered under the Securities Exchange Act of 1934 (―Exchange Act‖); •An investment company that is registered or required to be registered under the I nvestment Company Act of 1940 (― Investment Company Act‖), that has elected to be regulated as a business development company (―BDC‖) under that Act, or that operates as an employees‘ securities company (―ESC‖) under that Act; or •An investment adviser that is registered or required to be registered under the Investment Advisers Act of 1940 (― Investment Advisers Act‖).34 The types of entities listed by name in the scope section are the registered entities regulated by the SEC that are most likely to be financial institutions or creditors, i.e., brokers or dealers (―broker-dealers‖), investment companies, and investment advisers. The scope section also includes any other entities that are registered or are required to register under the Exchange Act. Some types of entities required to register under the Exchange Act, such as nationally recognized statistical rating organizations (―NRSROs‖), self-regulatory organizations (―SROs‖), municipal advisors, and municipal securities dealers, are not listed by name in the scope section because they may be less likely to qualify as financial institutions or creditors under the FCRA. Nevertheless, if any entity of a type not listed qualifies as a financial institution or creditor, it is covered by the SEC‘s rules.

The scope section does not include entities that are not themselves registered or required to register with the SEC (with the exception of certain non-registered investment companies that nonetheless are regulated by the SEC), even if they register securities under the Securities Act of 1933 or the Exchange Act, or report information under the federal securities laws.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 115

The SEC received four comment letters arguing that it should specifically exclude certain entities from the scope of the rules.
These commenters recommended that the scope section exclude registered investment advisers, clearing organizations, SROs, municipal securities dealers, municipal advisors, or NRSROs. The commenters argued that these entities are unlikely to be financial institutions or creditors and that, without a specific exclusion, the scope of the rules is unclear and the rules would require these entities to periodically review their operations to ensure compliance with rules that are not relevant to their businesses. Another commenter recommended that the rules not list any of the types of entities subject to the rules, because such a list could confuse entities that are on the list but do not qualify as financial institutions or creditors. We appreciate these concerns, and seek to minimize potential unnecessary burdens on regulated entities. As we acknowledge above, the entities that are not listed in the rule‘s scope section may be less likely to qualify as financial institutions or creditors under the FCRA, e.g., because they do not hold transaction accounts for consumers. The Dodd-Frank Act required the SEC to adopt identity theft red flags rules with respect to persons that are ―subject to the jurisdiction of the Securities and Exchange Commission.‖ Expressly excluding from certain requirements of the rules any entities that are registered with the SEC, are subject to the SEC‘s enforcement authority, and are covered by the scope of the rules likely would not effectively implement the purposes of the Dodd-Frank Act and the FCRA, which are described in this release. In addition, we continue to believe that specifically listing in the scope section the entities that are likely to be subject to the rules — if they

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 116

qualify as financial institutions or creditors — will provide useful guidance to those entities in determining their status under the rules.
Therefore, we are adopting the scope section of the rules as proposed.

i. Definition of Financial Institution
As discussed above, the Commissions‘ final red flags rules apply to ―financial institutions‖ and ―creditors.‖ As in the proposed rules, the Commissions are defining the term ―financial institution‖ in the final rules by reference to the definition of the term in section 603(t) of the FCRA. That section defines a financial institution to include certain banks and credit unions, and ―any other person that, directly or indirectly, holds a transaction account (as defined in section 19(b) of the Federal Reserve Act) belonging to a consumer.‖49 Section 19(b) of the Federal Reserve Act defines ―transaction account‖ to include an ―account on which the ... account holder is permitted to make withdrawals by negotiable or transferable instrument, payment orders of withdrawal, telephone transfers, or other similar items for the purpose of making payments or transfers to third persons or others.‖ Section 603(c) of the FCRA defines ―consumer‖ as an individual; thus, to qualify as a financial institution, an entity must hold a transaction account belonging to an individual. The following are illustrative examples of an SEC-regulated entity that could fall within the meaning of the term ―financial institution‖ because it holds transaction accounts belonging to individuals:

(i)a broker-dealer that offers custodial accounts;
(ii)a registered investment company that enables investors to make wire transfers to other parties or that offers check-writing privileges; and

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 117

(iii) an investment adviser that directly or indirectly holds transaction accounts and that is permitted to direct payments or transfers out of those accounts to third parties.
A few commenters raised concerns about the SEC‘s statements in the Proposing Release regarding the possibility that some investment advisers could be financial institutions under certain circumstances. These commenters argued that investment advisers generally do not ―hold‖ transaction accounts, thus meaning that they would not be financial institutions under the definition. One commenter requested that we state that investment advisers who are authorized to withdraw assets from investors‘ accounts to pay bills, or otherwise direct payments to third parties, on behalf of investors do not ―indirectly‖ hold such accounts and therefore are not financial institutions. The SEC has concluded otherwise. As described below, some investment advisers do hold transaction accounts, both directly and indirectly, and thus may qualify as financial institutions under the rules as we are adopting them. As discussed further in Section I I I of this release, SEC staff anticipates that the following examples of circumstances in which certain entities, particularly investment advisers, may qualify as financial institutions may lead some of these entities that had not previously complied with the Agencies‘ rules to now determine that they should comply with Regulation S-ID. Investment advisers who have the ability to direct transfers or payments from accounts belonging to individuals to third parties upon the individuals‘ instructions, or who act as agents on behalf of the individuals, are susceptible to the same types of risks of fraud as other financial institutions, and individuals who hold transaction accounts with these investment advisers bear the same types of risks of identity theft and loss of assets as consumers holding accounts with other financial institutions.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 118

If such an adviser does not have a program in place to verify investors‘ identities and detect identity theft red flags, another individual may deceive the adviser by posing as an investor. The red flags program of a bank or other qualified custodian that maintains physical custody of an investor‘s assets would not adequately protect individuals holding transaction accounts with such advisers, because the adviser could give an order to withdraw assets, but at the direction of an impostor. Investors who entrust their assets to registered investment advisers that directly or indirectly hold transaction accounts should receive the protections against identity theft provided by these rules. For instance, even if an investor‘s assets are physically held with a qualified custodian, an adviser that has authority, by power of attorney or otherwise, to withdraw money from the investor‘s account and direct payments to third parties according to the investor‘s instructions would hold a transaction account. However, an adviser that has authority to withdraw money from an investor‘s account solely to deduct its own advisory fees would not hold a transaction account, because the adviser would not be making the payments to third parties. Registered investment advisers to private funds also may directly or indirectly hold transaction accounts. If an individual invests money in a private fund, and the adviser to the fund has the authority, pursuant to an arrangement with the private fund or the individual, to direct such individual‘s investment proceeds (e.g., redemptions, distributions, dividends, interest, or other proceeds related to the individual‘s account) to third parties, then that adviser would indirectly hold a transaction account.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 119

For example, a private fund adviser would hold a transaction account if it has the authority to direct an investor‘s redemption proceeds to other persons upon instructions received from the investor.

ii. Definition of Creditor
The Commissions‘ final definitions of ―creditor‖ refer to the definition of ―creditor‖ in the FCRA as amended by the Clarification Act.61 The FCRA now defines ―creditor,‖ for purposes of the red flags rules, as a creditor as defined in the Equal Credit Opportunity Act (―ECOA‖) (i.e., a person that regularly extends, renews or continues credit, or makes those arrangements) that ―regularly and in the course of business … advances funds to or on behalf of a person, based on an obligation of the person to repay the funds or repayable from specific property pledged by or on behalf of the person.‖ The FCRA excludes from this definition a creditor that ―advances funds on behalf of a person for expenses incidental to a service provided by the creditor to that person ….‖ The CFTC‘s definition of ―creditor‖ includes certain entities (such as FCMs and CTAs) that regularly extend, renew or continue credit or make those credit arrangements. The proposed definition applies the definition of ―creditor‖ from 15 U.S.C. 1681m(e)(4) to ―any futures commission merchant, retail foreign exchange dealer, commodity trading advisor, commodity pool operator, introducing broker, swap dealer, or major swap participant that regularly extends, renews, or continues credit; regularly arranges for the extension, renewal, or continuation of credit; or in acting as an assignee of an original creditor, participates in the decision to extend, renew, or continue credit.‖ One commenter stated that the proposed definition was overly broad and unclear because it did not appear to include derivative clearing organizations (―DCOs‖) such as the Options Clearing Corporation, while the SEC‘s definition could be read to include DCOs, and recommended that DCOs be explicitly excluded from the definition.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 120

The commenter further requested that the Commissions specifically exclude DCOs from the scope of the Proposed Rules.
As the commenter noted, the CFTC‘s definition of ―creditor‖ excludes DCOs because DCOs are not included on the list of entities that may qualify as creditors under the rule. Under the proposed CFTC rules, a ―creditor‖ includes any FCM, RFED, CTA, CPO, IB, SD, or MSP that regularly extends, renews, or continues credit or makes credit arrangements. Unlike DCOs, the listed entities which are included in the CFTC definition of ―creditor‖ engage in retail customer business and maintain retail customer accounts. These entities are included as potential creditors in the definition because they are the CFTC registrants most likely to collect personal consumer data. Moreover, this list of potential creditors is consistent with the general scope provisions of the part 162 rules, which also apply to FCMs, RFEDs, CTAs, CPOs, IBs, SDs, or MSPs. Accordingly, the CFTC declines to provide a specific exclusion for DCOs from the scope of the rule. As proposed, the SEC‘s definition of ―creditor‖ referred to the definition of ―creditor‖ under FCRA, and stated that it ―includes lenders such as brokers or dealers offering margin accounts, securities lending services, and short selling services.‖ The SEC proposed to name these entities in the definition because they are likely to qualify as ―creditors,‖ since the funds advanced in these accounts do not appear to be for ―expenses incidental to a service provided.‖ One commenter, the Options Clearing Corporation, argued that the proposed definition‘s reference to securities lending services could be
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 121

read to mean that an intermediary in securities lending transactions is a ―creditor‖ under the SEC‘s rules, even if the entity does not meet FCRA‘s definition of ―creditor.‖
The SEC intended the proposed definition of ―creditor‖ to be limited to the FCRA definition, and to include relevant examples of activities that could qualify an entity as a creditor. In order to clarify this definition and avoid an inadvertently broad meaning of the term ―creditor,‖ we are revising the definition to rely on FCRA‘s statutory definition of the term and omit the references to specific types of lending, such as margin accounts, securities lending services, and short selling services. Some commenters stated that most investment advisers would probably not qualify as creditors under the definition. One commenter believed that the proposal might have implied that investment advisers were subject to a different standard than other entities under the definition of ―creditor,‖ and requested that we clarify that investment advisers may, like all other entities, take advantage of the exception in the definition to advance funds on behalf of a person for expenses incidental to a service provided by the creditor to that person. Our final rules do not treat investment advisers differently than any other entity under the definition of ―creditor.‖ An investment adviser could potentially qualify as a creditor if it ―advances funds‖ to an investor that are not for expenses incidental to services provided by that adviser. For example, a private fund adviser that regularly and in the ordinary course of business lends money, short-term or otherwise, to permit investors to make an investment in the fund, pending the receipt or clearance of an investor‘s check or wire transfer, could qualify as a creditor. To read more: http:/ / www.sec.gov/ rules/ final/ 2013 /34-69359.pdf
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 122

Promulgating Rules to Prevent I dentity Theft By Commissioner Luis A. Aguilar, U.S. Securities and Exchange Commission, SEC Open Meeting, Washington, D.C.
In today‘s world, the expansion of information technology and the proliferation of electronic communication and social media have resulted in a dramatic increase in identity theft. The Federal Trade Commission (―FTC‖) estimated that as many as nine million Americans have their identities stolen each year. It is not clear how many more cases go unreported. Additionally, identity theft has topped the FTC‘s National Consumer Complaints List for the 13th consecutive year. Today, to help address this growing problem, the Commission considers rules and guidelines to adopt Regulation S-ID to require those entities covered by the rules to establish programs to detect, prevent, and mitigate identity theft. This action is a direct result of Section 1088 of the Dodd-Frank Act that directed the U.S. Securities and Exchange Commission (―SEC‖) and the U.S. Commodity Futures Trading Commission to adopt joint rules requiring entities that are subject to the Commissions‘ respective enforcement authorities to address identity theft. This requirement is an expansion of a requirement initially put in place in 2003 that required several federal agencies, albeit not the SEC, to issue joint rules and regulations regarding the detection, prevention, and mitigation of identity theft. These rules were enacted in 2007. Even though, the Commission was not one of the included agencies, many of its regulated entities are likely to have already been subject to similar rules previously enacted by those other agencies, as a result of activities that cause these entities to qualify as ―financial institutions‖ or ―creditors.‖
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 123

Thus, for those entities, they should already have identity theft prevention programs in place.
There is one group of entities, however, that may not have existing identity theft red flag programs and will need to pay particular attention to the rules being adopted today. This group consists of investment advisers registered under the Investment Adviser Act — particularly the private fund and hedge fund advisers that are recent registrants with the SEC. Today‘s release offers a number of examples and illustrations that may assist those entities in understanding, whether they qualify, and, if they do, what their responsibilities are under Regulation S-ID. I am pleased to support the staff‘s recommendation to adopt Regulation S-1D and I want to thank the staff for its efforts. Thank you.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 124

Department of H ome Affairs SUMMARY OF RESPONSES TO TH E CONSULTATI ON ON TH E MONEY LAUNDERING AND TERRORIST FIN ANCING CODE 2013 1.The draft combined code
1.The Department of Home Affairs (DHA) issued the Money Laundering and Terrorist Financing Code 2013 with a view to replacing the Proceeds of Crime (Money Laundering) Code 2010 and the Prevention of Terrorist Financing Code 2011. 2.There are two main purposes to the new code. These are to – 1.resolve the unsatisfactory situation of having two separate, near identical Codes with one dealing with money laundering and the other dealing with terrorist financing; and 2.address a few limited deficiencies with the Codes that have come to light, and which the Financial Supervision Commission (FSC) and the Insurance and Pensions Authority (IPA) have asked to be addressed as soon as possible.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 125

3.For similar reasons another draft combined Code, entitled Money Laundering and Terrorist Financing (Online Gambling) Code 2013, was prepared and consulted upon at the same time.
4.The purpose of the new combined Codes is not to fully take account of the revised Financial Action Task Force (FATF) Recommendations, although a couple of minor amendments which flow from the revised FATF Recommendations are made in the draft Codes. 5.However, it is intended that a full audit of the combined Codes against the Revised Recommendations will be carried out later in 2013 now that the FATF has published its assessment Methodology. Any substantive changes to the combined Codes that are considered to be required as a result of the revised FATF Recommendations will be subject to full discussion and consultation through the Joint Anti-Money Laundering Advisory Group (JAMLAG), and subsequently public consultation. 6.Due to new drafting styles and the need to merge to different codes there were some changes made that may appear to be significant from a presentation point of view, but, it is considered that these changes are of little effect from a practical point of view. 7.For example, in preparing the Money Laundering and Terrorist Financing Code 2013, a question was posed regarding the vires (section 157 of the Proceeds of Crime Act 2008 (POCA) or section 27A of the Terrorism (Finance) Act 2009) to include lists of ―relevant businesses‖ within Schedule 1 of the current Codes that differ from the list of ―businesses in the regulated sector‖ set out in paragraph 1 of Schedule 4 to the Proceeds of Crime Act.

In the Department‘s view, business in the regulated sector is a term used in the enabling powers for codes under both Acts and it was considered that for the avoidance of doubt the new Code should use the list in Schedule 4 to POCA.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 126

8.Since some changes to the list are necessary the approach in the draft combined Code is to omit the former Schedule 1.
An order has therefore been drafted to amend Schedule 4 to POCA which will enter in force at the same time as the new Code, and will allow the new Code to refer to the list of ―businesses in the regulated sector‖ in POCA as necessary. At present the lists are very similar in any case, and rather than have separate similar lists in different places, it is considered that it makes sense, and is neater, for there to be a single standard list. In addition, in drafting the new Code some provisions have had to be streamlined and re-ordered in an attempt to make the document easier to read. 9.A copy of the proposed Proceeds of Crime (Business in the Regulated Sector) Order 2013, to substitute paragraph (1) of Schedule 4 to POCA as discussed in the above paragraph, was therefore prepared and consulted upon with the draft combined Codes.

2. The consultation
1.The following documents were published for consultation on 3rd December 2012: 1.the draft Money Laundering and Terrorist Financing Code 2013; 2.the draft Money Laundering and Terrorist Financing (Online Gambling) Code 2013; 3.a comparison of the provisions in previous codes with those of the new combined codes; And 4.the proposed Proceeds of Crime (Business in the Regulated Sector) Order 2013.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 127

2.The consultation period for the submission of comments regarding these documents closed on 31st January 2013.
3.The documents were published via the websites of the Department, the FSC and the I PA. Members of JAMLAG were also made aware of them.

3. Outline of responses to the consultation
1.The Department received 8 responses to the consultation, of which – - 1 was from a Government body; and - 7 were from local businesses and organisations; 2.One respondent confirmed that the proposed documents were not of concern to them. 3.The seven remaining respondents gave substantive replies and raised a number of points with regard to the draft combined Code and the proposed Proceeds of Crime (Business in the Regulated Sector) Order 2013. These submissions, and the Department‘s response to these submissions, are dealt with in more detail in the following sections. 4.No significant comments were raised regarding the draft Money Laundering and Terrorist Financing (Online Gambling) Code 2013. 5.Finally, the Department also noted a number of comments of a technical nature, made by some respondents, regarding minor drafting matters. Where appropriate the necessary changes have been made to the draft combined Codes or the Proceeds of Crime (Business in the Regulated Sector) Order 2013.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 128

4.Summary of responses to the consultation regarding the Money Laundering and Terrorist Financing Code 2013
1. Definition of document and documents (paragraph 3)
1.In considering the responses to the consultation the Department noted it may be useful to provide clarification as to the term documents, data and information. 2.The combined code has been amended to insert a definition of document and documents as follows – ―document‖ and ―documents‖ includes information recorded in any form and, in relation to information recorded otherwise than in legible form, references to its production include reference to producing a copy of the information in legible form.

2. Definition of employees (paragraph 3)
1.One of the respondents noted the term ―employees‖ in the Code might be unclear, particularly with regard to its application to persons working as consultants etc. for businesses in the regulated sector.

2.To ensure that all relevant persons are covered by requirements of the code (for example, the need to make these persons aware of the money laundering and terrorist financing requirements) it has been amended to refer to both ―employees‖ and ―workers‖, which are defined in line with other legislation.

3. Revocable trusts (paragraph 3)
1.Two respondents expressed concerns regarding the definition of ―revocable trusts‖ in the combined Code and suggested this was too prescriptive. 2.Noting these concerns, and anticipating significant difficulty in gaining agreement to a suitable definition for ―revocable trusts‖, it was decided to remove any reference to ―revocable trusts‖ in this edition of the combined code, although this matter will be reconsidered for future editions of the code.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 129

4.3.3. The FSC proposes to provide further guidance to its licenceholders in relation to the use of revocable trusts in its AML/CFT H andbook.

4.Nominee companies and their relation to the definition of trusted person (paragraph 3)
1.One respondent expressed concern that, within the definition of ―trusted person‖, the term ―nominee company‖ of that regulated person, was also being applied to a subsidiary company of a regulated person which was not necessarily a nominee company. 2.It was therefore considered whether the definition of ―trusted person‖ should be expanded to include subsidiary companies. The FSC commented that it was aware certain licenceholders had interpreted the definition in this way. 3.After discussion, the Department was content to retain the present drafting of this provision. In order to address the current situation the FSC will include some further information within its AML/ CFT H andbook on this matter to ensure licenceholders are clear how this provision works in practice, i.e. it does not apply to subsidiary companies.

5.Transaction thresholds with regard to Bureau de Changes (BDCs) and the Post Office (paragraphs 3 and 13)
1.One respondent noted there was an exception from conducting customer due diligence procedures in relation to the issue of a postal order up to the value of fifty pounds.

This exception at paragraph 13 (9) did not however apply to the redemption of a postal order.
2.The Department is content to amend the code to make it clear that due diligence checks are not be required for either the sale or redemption
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 130

of postal orders with a value below fifty pounds unless there is a suspicious transaction trigger event.
3.One respondent also highlighted that, in the United Kingdom‘s implementation of the code, the upper value for a one-off transaction to occur without verification of identity is €15,000 for Bureaus de Change (BDCs), although the UK industry have agreed a limit of £ 5,000 at which they should be verifying the identity of the applicant for business. In comparison, the present codes and the draft combined code for the Island have an upper limit of only €1,000 at which identity must be verified which is in line with EU limits on electronic transmission of money. 4. The Department–

- notes the requirement to produce identification is not onerous; - also noted the desire to harmonise legislation in this area to a single amount for clarity; - concluded the present limit of €1,000 has not caused significant issues on the I sland; and - is content to retain the present limit of €1,000 (or that amount converted into any other currency). 5.However, further consideration will be given to this issue when the next version of the code is being prepared.

6.Exceptions to customer due diligence – Collective Investment Schemes (paragraph 13)
1.One of the respondents suggested that the exemption available under paragraph 13(8) of the code in relation to certain due diligence procedures should be broader.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 131

This exemption applies where the applicant for business is a collective investment scheme or the manager of such a scheme, or the equivalent regulated activity or person in a jurisdiction listed in the Schedule to the code.
The respondent wanted the exemption to include banks or their nominee subsidiaries in a jurisdiction listed in the Schedule where they were acting as nominee in relation to an investment into a collective investment scheme. The Department noted that the exemption in this code is the same as in the Proceeds of Crime (Money Laundering) Code 2010 and following discussion with the regulator it agreed that the exemption should remain as drafted at this time. 2.Although this provision of the code was equivalent to the provision the in 2010 Code, the respondent commented that previously section 4.12 of the FSC‘s AML/ CFT H andbook had permitted this exception to be applied to nominee companies in addition to the collective nvestment scheme and this had been removed from the guidance in December 2011. The respondent felt that this change was at odds with standard fund industry practice and it would place I sland based investment schemes at a competitive disadvantage to similar schemes in equivalent jurisdictions. 3.The regulator advised that this concession was removed from the FSC‘s AML/ CFT H andbook due to comments received from the I MF Inspection team in 2008 that it was too wide. The content of the FSC‘s H andbook is not a matter for the Department but it understands that the FSC is in continued dialogue with the respondent about this issue. 4.The Department also noted that some of the respondent‘s concern in this area was in relation to the requirements of other legislation which are not relevant to the application of this code.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 132

7. Third party know your customer requirements (paragraph 6)
1.Two respondents expressed concern over the insertion of the implications due to the use of the term ―third party‖ in paragraph 6(4) which would seem to suggest, to the respondents, that Know Your Customer (KYC) obligations would have to be fulfilled with regard to any third party to whom payments are made on behalf of clients. 2.The Department notes this concern was due to the changes in the draft combined code with regard to revocable trusts.

As this provision has now been removed this issue should no longer arise.

8. Continuing business relationships (paragraph 8)
1.One respondent suggested the new paragraph 8(2) made it unclear as to when the procedures required to review the transaction or event or conduct due diligence are required to occur, along with a request for clarification of the time frame for conducting such checks as ―reasonably practicable‖. 2.It is the view of the Department that the revised paragraph 8 is consistent with its, and the regulators, interpretation of the original provisions in the previous codes. Noting the requirement in the original codes to ―establish, maintain and operate‖ procedures it is felt companies should already have procedures to re-evaluate such issues on an ongoing basis with regard to changes, or potential changes, in areas such as risk profiles and alterations to legislation. 3.The Department also felt the term ―reasonably practicable‖ did not, in light of the guidance material provided, require formal definition in the combined Codes.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 133

9.Application to domestic Politically Exposed Persons (PEPs) (paragraph 12)
1.One respondent noted that the definition of PEPs, and the associated due diligence requirements, in the combined code only applied to persons outside of the I sland. 2.The Department notes the existing codes also only apply to offIsland PEPs. The Department also notes that under the revised Recommendation of the Financial Action Task Force (FATF) require financial institutions to take reasonable measures to determine whether a customer or beneficial owner is a domestic PEP and in cases of a higher risk business relationship with such persons take additional measures. 3.As the purpose of the new code is to combine the existing code and make only minor amendments, and as the issue of domestic PEPs is a significant issue that will require careful consideration, it was felt by the Department that it would most suitable to retain the definition of PEPs as presently drafted.

10. Requirement to keep separate registers (paragraph 20)
1.One respondent expressed concern over the seeming introduction of separate registers for both internal and external suspicious activity reports and that to maintain two registers would require unnecessary duplication of records. 2.The Department, while noting the present Codes require separate registers, agrees it would be more efficient to allow for this information to be maintained in a single document, as long as it could be used to extract the information for each type of disclosure separately when required. 3.The code has been amended to allow registers to be maintained in one document subject to the condition described above.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 134

A definition of document has also been inserted to assist with the interpretation of this paragraph.

11.Difference in punishments for money laundering offences and terrorist financing offences (paragraph 28)
1.One respondent observed there were two different levels of punishment on summary conviction for an offence under paragraph 28(1)(a). If it is considered terrorist financing, then, under paragraph 28(1)(a)(i), the maximum punishment for the offence is 12 months in custody. In comparison, if it considered as a money laundering offence, under paragraph 28(1)(a)(ii), the maximum punishment is only 6 months in custody. 2.The Department notes this is due to differing powers in the primary legislation on which the combined code (and the combined online gambling code) are based.

Until the Proceeds of Crime Act 2008 is updated the maximum punishment for money laundering offences under this section will be restricted to 6 months in custody.
The Department is looking to resolve this anomaly in the primary legislation in the near future. Once this is resolved the appropriate amendments will be made to future editions of the code.

12. Specified training for money laundering
1.One respondent observed the present legislation did not provide a definition of the specified training for money laundering as required under section 142(9) of the Proceeds of Crime Act 2008.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 135

4.12.2. This matter is in fact dealt with in the Proceeds of Crime (Failure to Disclose Money Laundering: Specified Training) Order 2009.
However, the Department accepts that this order should be replaced with one that refers to the relevant training under the new code, and therefore one has been prepared with a view to submitting it to the April 2013 sitting of Tynwald for approval.

5.Summary of responses to the consultation regarding the Proceeds of Crime (Business in the Regulated Sector) Order 2013
1. Application to non-profit organisations (NPOs)
1.One respondent expressed concern that the combined code did not apply to NPOs which is an area that is included in the FATF recommendations. 2.This is a matter which needs to be carefully considered in order to assess whether the potential risks perceived through the lack of a regulatory framework for NPOs is greater than the risk of damage to existing regulatory systems through a public perception of excessive and unnecessarily intrusive regulation in this one area. 3.The Department is therefore content to retain the present application of the code, although this issue will be re-considered when future editions of the combined code are prepared in accordance with the legal requirements in force at that time. 4.Also, it should be noted that the Government and FSC will shortly begin at looking at an outreach scheme to NPOs on the I sland to assist with raising general awareness in relation to AML/ CFT.

2. Bodies corporate
1.One respondent expressed concern over the use of the term ―bodies corporate‖ as opposed to ―companies‖.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 136

5.2.2. The Department feels this term is sufficiently clear and has retained the provision as drafted.

3. Sale or purchase of a business
1.One respondent suggested that the terminology used here does not reflect the requirements of FATF in this area and, in line with FATF recommendations, should be replaced by ―business entity‖. 2.The Department noted the existing terminology is clear and should remain in the draft. However, this concern would be considered in the preparation of future editions of the code in the light of changing FATF requirements.

4. Holding or managing assets
1.One respondent noted that FATF recommendation 22, on which this provision is based, merely provided for the managing of assets as opposed to, in the present codes, the reference to ―holding or managing‖ assets.

This application of the codes when merely holding assets for a client causes a number of difficulties and the term is not used in equivalent legislation in other jurisdictions.
The respondent suggested it would be more suitable to amend the term to ―managing assets‖. 2.The Department, noting the original intention of FATF, and the implementing provisions of the I sland‘s neighbouring jurisdictions agreed in this case that it was content to amend the combined Code as suggested.

5. Legal structure or legal arrangement
1.One respondent suggested the term ―legal structure or legal arrangement‖ did not reflect the requirements of the FATF

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 137

recommendations and that it should refer to a legal person instead of legal structure.
5.5.2. The Department is content to amend this term to be ―legal person or arrangement‖ in order to make it clearer as to the application of this term.

6. Treatment of accountants
1.One respondent expressed concern the order as drafted would imply accountants should be treated in a manner similar to lawyers and notaries. 2.It was noted that in our neighbouring jurisdictions the definitions of accountants and lawyers are kept separate in their legislation. 3.The Department agrees that this provision is unclear and a new definition will be provided to separate these terms.

7. Definition of legal professionals
1.One respondent noted that the current definition of legal professionals which referred to advocates, registered legal practitioners and notary publics, did not cover other legal professionals such as lawyers qualified in a different jurisdiction but practicing from the Island (for example, English solicitors) and are therefore not advocates. 2.The Department agreed the definition should be expanded to include any other legal professional who provides legal services to third parties.

8. Duplication of application of the order
1.One respondent suggested the terms used at (g), (p) and (q) were repetitious and that, for clarity, it may be useful to delete from (g) the duplicated matters.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 138

2.The Department notes the application of this code is with regard to the circumstances defined under these paragraphs and that, on occasion, a party would only be covered by one of the paragraphs above when conducting the activities specified in that particular paragraph.
3.The Department is therefore content leave the order as drafted for the present, but it may give further consideration to this issue when the next version of the code is being prepared.

6. Outcome of the consultation
1.The proposed Money Laundering and Terrorist Financing Code has been amended as a result of the responses referred to above. That Code, together with Money Laundering and Terrorist Financing (Online Gambling) Code and the Proceeds of Crime (Business in the Regulated Sector) Order will be submitted to the April 2013 sitting of Tynwald for approval. Department of H ome Affairs 2nd April 2013

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 139

Regulation of Cross-Border OTC Derivatives Activities: Finding the Middle Ground
By Chairman Elisse Walter, U.S. Securities and Exchange Commission, American Bar Association Spring Meeting, Washington D.C. Today at the SEC and in government agencies around the world, regulators are shaping the rules that will govern the way over-the-counter derivatives are transacted. It‘s a crucial task given the magnitude and importance of this market to the international financial system. In the process, all of us are grappling with the fact that these transactions rarely respect national boundaries. They are complex transactions that routinely cross borders, and are potentially subject to multiple sets of rules. To ensure our regimes work effectively, we need to have a common sense, flexible approach to the cross-border regulation of derivatives.

The Cross-Border Reality of OTC Derivatives
As most of you know, following the financial crisis there was a new focus placed on the regulation of OTC derivatives – and for good reason. The experiences of companies like AIG highlighted how the default – or even the potential default – of a single party involved in a series of derivatives transactions could create widespread instability. We all saw that it didn‘t matter whether the counterparty or trading desk was here or overseas, or whether the contract was executed in Miami or Milan.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 140

What mattered was that the potential spillover ultimately limited the willingness of market participants worldwide to extend credit.
In the United States, Congress passed the Dodd-Frank Act mandating the creation of a new regulatory regime to govern this multi-trillion dollar market – a market that U.S. regulators previously had been largely barred from regulating. The CFTC was given responsibility for ―swaps,‖ and the SEC responsibility for a portion of the OTC derivatives market known as ―security-based swaps‖ – those which include, for example, swaps based on a security, such as a stock or a bond, or a credit default swap. But the increased focus on OTC derivatives regulation was not exclusively a U.S. phenomenon. Other regulators and governments also sought to address the tremendous risks associated with derivatives transactions. And, they came to the conclusion that a comprehensive scheme of regulation would be necessary. Consistent with this effort, the leaders of the G20 nations committed to a global effort to regulate OTC derivatives with the stated goals of mitigating systemic risk, improving market transparency, and protecting against market abuse. For our part, the SEC has pursued those goals by proposing substantially all of the core rules required by Title VII of the Dodd-Frank Act – the portion governing OTC derivatives. We also have published an overall roadmap – or ―policy statement‖ as it is formally known – to let market participants know how and in what order we intend to implement the new regime. A key element of the policy statement concerns how we intend to apply our rules to cross-border activities.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 141

We have committed to issuing this cross-border proposal before fully implementing our regulatory framework.
To help ensure we get this right, both the SEC staff and I have spent countless hours meeting with other regulators in the U.S. and around the globe who are also dealing with these same issues. Of course, trying to get all the various regulatory pieces to fit together in a sensible way is crucial for a derivatives market that is international in scope. That‘s because a party to any transaction needs to know which laws it must abide by when its transaction touches more than one country.

The Uniqueness of OTC Derivatives Compared to Other Securities and Financial Products
This cross-border challenge hasn‘t manifested itself in the same way for other securities and financial products as it has for the OTC derivatives markets – in part because of the way in which those markets developed.

Consider securities regulation, which pre-dated the technology that made cross-border transactions feasible on a large scale.
So, for many years securities regulation was largely crafted with only domestic markets and domestic market participants in mind. Over time, as cross-border activities became more common in various parts of the securities arena, regulators began to address questions that arose on an issue-by-issue basis. A holistic approach to considering cross-border securities transactions generally wasn‘t considered because, frankly, it wasn‘t needed. Now, with derivatives, it is. In sharp contrast to the traditional securities markets, the multi-trillion dollar OTC derivatives market became a significant market well after the
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 142

advent of global trading – exploding in size over the last 20 years, operating relatively seamlessly across jurisdictions, and evolving largely without regulatory restraints.
Today, cross-border derivatives transactions are the norm not the exception. Therefore, once regulations are implemented across the major derivatives jurisdictions, the majority of derivatives transactions could be subjected to multiple regulatory regimes.

The potential for conflicts among those regimes is obvious.
Against this backdrop of conflicting or contradictory rules, market participants have the ability to move – or restructure – their OTC derivatives activity with relative ease, avoiding more regulated markets, in search of less regulated ones. After all, derivatives are contracts between counterparties – they need not be anchored to any particular geographic location or market.

Some refer to the threat of migration to less regulated jurisdictions as regulatory arbitrage; others a ―race to the bottom.‖
But whatever you call it, this very real possibility threatens the objectives of all of us who seek to reduce systemic risk, improve transparency, protect against market abuse and ensure the global system functions properly. Investors and the markets deserve better.

Dealing With the Cross-Border I mpact of Regulation
That means that getting these cross-border issues right for OTC derivatives is crucial. I know that.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 143

And my domestic and international counterparts know that.
Yet, as we build this new framework from the ground up and with a common set of goals, we must accept that each jurisdiction necessarily is approaching derivatives reform from a slightly different direction. Countries come at the process from different historical, legal and regulatory perspectives, and move forward at different speeds. No amount of effort is going to completely reconcile these differences. After many years of regulatory experience, I have learned that it may not be fruitful to try to convert one another to our own particular regulatory philosophies. Instead, we should continue to expend our energy on a search for compatible, rather than identical, approaches to cross-border issues. This means ensuring that our different regulatory regimes do not produce the gaps, overlaps or conflicts that could disrupt the global derivatives market and lead to regulatory arbitrage. Focusing on ―compatible‖ rather than ―identical‖ regulation brings us close to a system that achieves our collective goals of mitigating systemic risk, improving transparency, and protecting against market abuse, while also recognizing the legitimate and important differences between our regulatory regimes and markets.

Two Ends of the Spectrum
The importance of a compromise approach becomes evident when we look at the spectrum of approaches available.

The All-In Approach
At one end of the spectrum is the view that any transaction that touches a jurisdiction – or a person in that jurisdiction – in any way, needs to be
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 144

subjected to the entire range of regulatory requirements specific to that jurisdiction.
Let me call this the ―all-in‖ approach. Although this approach gives full weight to the unique requirements of local law, I am concerned that subjecting any derivatives transaction – that has any connection to a country – to all of the rules and regulations of that country risks unnecessary duplication and conflict. Indeed, to the extent two sets of rules conflict, this approach would place market participants engaging in a cross-border transaction in the untenable position of choosing which country‘s requirements to violate. Market participants may have to withdraw from one of those markets or incur the costs associated with restructuring their business.

The Recognition and Reciprocity Approach
At the other end of the spectrum is the view that broad deference should be given to a foreign jurisdiction‘s full regulatory regime – in lieu of one‘s own regulatory regime – so long as it is comparable in its objectives. Market participants, intermediaries, and infrastructures would be subject to one set of rules for their cross-border activity. The entire regime is recognized as comparable or not comparable – it‘s all or nothing. This approach is often referred to as ―equivalence‖ or ―recognition.‖ Along these lines, some proponents of this approach also demand reciprocal treatment. In other words, ―I will recognize the comparability of your rules only to the extent you recognize the comparability of mine.‖

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 145

At first glance, a recognition approach may appear reasonable and consistent with a desire to reduce conflicts, inconsistencies, and duplicative requirements among regulatory regimes.
But as I have discussed the details with my foreign counterparts, I have developed increasingly serious concerns about the potential consequences of an ―all or nothing‖ approach. Recognition may be an important tool in crafting cross-border regulation in some contexts, but wholesale recognition cannot be the exclusive tool if it means critical regulatory requirements in one regime are jettisoned as a result. Further, I become particularly concerned when such wholesale recognition is combined with reciprocity. In other words, ―I refuse to recognize your regime unless you recognize mine as equivalent in all respects.‖ In my opinion, tying recognition and reciprocity does not move us toward our united goals. This is a because a regulator might feel compelled to recognize a foreign country‘s regulations as ―equivalent‖ solely to avoid the quid pro quo consequences of not having its own regulations deemed ―equivalent‖ in return. The regulator might feel pressure to gloss over major differences and make a sweeping equivalency determination – that is, even when a regime imposes a critical policy requirement and the foreign regime does not. This type of recognition, driven by the threat of reciprocity could actually create regulatory gaps between these so-called ―equivalent‖ regimes, allowing certain market participants to exploit the differences and escape important requirements by simply choosing to comply with the more permissive regime.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 146

Additionally, a regulator may feel forced to submit to the threat of not being eligible for recognition treatment because its own regulated entities could suffer if the foreign country does not determine there is equivalence.
This could happen when Country A chooses not to allow market participants from Country B to do business in Country A unless Country B deems the other country‘s regulatory regime to be equivalent. I am particularly concerned that this forced recognition approach could substantially disrupt an established market and spark a regulatory race to the bottom, as regulators facing such ―equivalency‖ determinations realize the seeming futility of maintaining comparatively higher standards in key policy areas. Alternatively, it could spark a kind of trade war in financial services, and lead to fragmentation of the global marketplace. There must be a better way.

A Middle Ground
In short, subjecting every OTC derivatives transaction that touches the United States in some way to all aspects of U.S. law – that is, the ―all-in‖ approach – ignores the realities of the global marketplace.
And yet, treating clearly different regimes as equivalent across all key policy areas risks will create regulatory gaps, regulatory arbitrage, and a potential regulatory race to the bottom. I believe that there is, in fact, a middle ground. The Commission has not yet, as a body, proposed the specifics of its approach. But I personally support an approach that would permit a foreign market participant to comply with requirements imposed by its home country that are comparable with U.S. regulation, so long as it abides by U.S.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 147

requirements in areas where the home country‘s regulations are not comparable.
I call this approach ―substituted compliance.‖ It‘s an approach that accepts the inevitable differences between regulatory regimes when those differences nevertheless accomplish similar results. There‘s no ―my way or the highway.‖

Instead, parties may substitute compliance with one regulatory regime for another.
But we would reserve the right to insist upon compliance with our own regulations when necessary. It‘s an approach that focuses on what we see as real threats to the Dodd-Frank goals of stability, transparency, and investor protection. For example, the SEC could make a determination that would allow market participants based in a foreign jurisdiction to follow their own jurisdiction‘s capital requirements. But at the same time, the SEC could require these market participants to follow SEC rules concerning, for instance, public reporting requirements, if the foreign jurisdiction itself did not have a comparable set of public reporting requirements. This approach provides flexibility to market participants and regulators alike, allowing us to eliminate duplicative regulation when it is truly duplicative, while recognizing that regulatory regimes will necessarily differ in some respects. While this approach does envision looking at different pieces of a jurisdiction‘s set of rules, I do not believe that the ultimate determination of substituted compliance will be based on a line-by-line comparison of those rules.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 148

Instead, in making a substituted compliance determination, one would look at key categories of regulation.
In addition, one would keep the focus on regulatory outcomes, not the means of achieving those outcomes. Of course, in making these determinations, one would look not just at the way in which a country‘s laws and regulations are written, but also, and crucially, at how that country supervises and enforces compliance with its rules. I can‘t stress how important this aspect of the substituted compliance approach is to me. Because effective regulation does not end with writing rules, it begins there. Effective supervision and enforcement of those rules is key not only to achieving the G20 goals, but also to advancing the SEC‘s core mission to protect investors, maintain fair, orderly, and efficient markets, and facilitate capital formation. For all of these reasons, I believe that the substituted compliance approach provides a workable approach and a necessary balance in the global market and regulatory environment in which we operate. A Comparison of Substituted Compliance to Recognition and Reciprocity As the SEC staff and I have discussed this approach, I have learned that the distinction between substituted compliance and what I call recognition and reciprocity is sometimes elusive.

So let me illustrate.
Consider the public reporting requirements I mentioned earlier.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 149

As most of you know, the Dodd-Frank Act requires that transaction, volume, and pricing data of all security-based swaps be publicly disseminated in real time, except in the case of block trades.
These requirements are designed to promote transparency and efficiency in the security-based swap market, by providing more accurate information about the pricing of security-based swap transactions, and thus about trading activity. Promoting transparency and efficiency in the security-based swap market is one of the primary goals of the new regulatory framework established by the Dodd-Frank Act, not an afterthought. Given the key role that public transparency requirements play in the U.S. efforts to bring sunshine to the largely opaque OTC derivatives markets, I fully expect that public reporting would be one of a number of key categories of requirements that would be the focus of a substituted compliance determination for foreign regulatory regimes. But the fact that a foreign regulatory regime might not be comparable to ours with respect to public transparency should not be fatal to an SEC substituted compliance determination in other areas. In fact, the SEC could still recognize other areas of a foreign regulatory regime – such as mandatory clearing or capital requirements. Foreign market participants would, however, continue to be subject to the SEC rules regarding public reporting. This outcome under a substituted compliance approach contrasts markedly with the ―rock and a hard place‖ approach that an equivalence determination for an entire foreign regulatory regime would present.

If the SEC were to adopt such a ―recognition and reciprocity‖ approach, we would be faced with the difficult choice: either not make an equivalence determination with respect to the foreign regime or determine that a foreign regulatory regime is ―equivalent‖ – even if a key aspect of our regulatory regime were absent.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 150

I recognize, of course, that the differences between substituted compliance in specific regulatory areas and an equivalence determination for an entire foreign regulatory regime raise difficult issues and there are many competing interests.
And regulators, me included, can have very strong views about the right approach. I nonetheless am committed to resolving these and other difficult issues. And I am gratified that our regulatory partners are equally determined to fashion arrangements that support investor protections and capital formation, while bringing needed stability to our global financial system.

Trade Repositories and Access to Data
So clearly it will be crucial to align the different regulatory regimes for cross-border transactions in a way that minimizes the risk of gaps, conflicts, and inconsistencies. But, this is not the only consideration in working through effective regulation in the cross-border arena. It also will be crucial for regulators to make sure that their different regimes work together, for example, to provide comprehensive data on cross-border transactions. This is important because the relevant authorities must have an accurate view of the global derivatives market through access to data they need to carry out their mandates. Comprehensive information helps regulators identify and address systemic risk and promote stability across markets, as well as monitor for, and protect against, market abuse. However, compiling comprehensive transactional data is challenging enough in a complex domestic market.
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 151

And, it gets far more complicated in the cross-border world of derivatives, where, for example, the vast majority of credit default swaps cross national borders.
Fortunately we‘re not starting from scratch. It is estimated that some information on well over 90 percent of outstanding gross notional amounts in credit derivatives were reported to a trade repository at the end of 2012. However, submission of this information was largely voluntary, and the result of substantial supervisory encouragement. Additionally, it didn‘t include all the information regulators need to effectively oversee this market. One goal of regulation in this area is to increase the quality and quantity of information reported to trade repositories, so that regulators have the data they need to do their jobs. There are, however, challenges to getting the data that regulatory authorities need. Certain countries have privacy laws, blocking statutes, and other laws that restrict or limit the disclosure of certain information about trade counterparties. Such measures may interfere with global regulatory reporting by prohibiting or limiting entities from reporting the identity of their counterparty into trade repositories – thereby undermining the usefulness of these repositories.

Regulators internationally, as well as individual jurisdictions, are actively working to develop potential cures.
As an interim solution, some market participants have received temporary relief to submit reports to certain trade repositories with ―masked‖ data –

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 152

that is, data that includes some, but not all, of the required relevant information.
This is of course a temporary, pragmatic fix to an immediate challenge arising from the new regulatory regime for reporting. But, it is not a long-term solution. Regrettably, potential impediments are not solely the province of foreign law.

Another challenge to getting data comes from the Dodd-Frank Act itself.
That Act requires regulators to agree to bear certain potential costs arising from data sharing. In particular, before an SEC-registered trade repository can share information with a domestic or foreign regulator other than the SEC, the regulator must agree, among other things, to indemnify the trade repository for certain litigation expenses that may be incurred by the repository. The CFTC has a similar provision. We understand that foreign authorities may be prohibited under their laws from satisfying the indemnification requirement. In fact, even certain U.S. authorities, are not permitted to provide an open-ended indemnification agreement. Given the limitations of the indemnification requirements, foreign regulators have expressed concerns about their ability to directly access data held in an SEC- or CFTC-registered trade repository. That is why the SEC has publicly advocated for a legislative fix and is considering ways to address this issue in our forthcoming proposal on cross-border issues.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 153

More generally, I can tell you that I personally am committed to doing what I can to make sure that comprehensive data on the global OTC derivatives market are made available to all regulators with a mission-based need for that information.
As one of the regulators charged with reforming the OTC derivatives market, I believe the SEC and fellow regulators must strive for no less.

Conclusion
In short, I believe that the regulators of OTC derivatives across the globe working together in good faith and common purpose can bring about a more stable, more transparent, and fairer OTC derivatives market, while preserving its global, dynamic character. But I believe we will succeed only if we find the middle ground. There is far too much at stake, in my view, for regulators to do any less.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 154

Disclaimer
The Association tries to enhance public access to information about risk and compliance management. Our goal is to keep this information timely and accurate. I f errors are brought to our attention, we will try to correct them. This information: is of a general nature only and is not intended to address the specific circumstances of any particular individual or entity; should not be relied on in the particular context of enforcement or similar regulatory action; is not necessarily comprehensive, complete, or up to date;

is sometimes linked to external sites over which the Association has no control and for which the Association assumes no responsibility; is not professional or legal advice (if you need specific advice, you should always consult a suitably qualified professional);

-

is in no way constitutive of an interpretative document;

does not prejudge the position that the relevant authorities might decide to take on the same matters if developments, including Court rulings, were to lead it to revise some of the views expressed here; does not prejudge the interpretation that the Courts might place on the matters at issue. Please note that it cannot be guaranteed that these information and documents exactly reproduce officially adopted texts. I t is our goal to minimize disruption caused by technical errors. H owever some data or information may have been created or structured in files or formats that are not error-free and we cannot guarantee that our service will not be interrupted or otherwise affected by such problems. The Association accepts no responsibility with regard to such problems incurred as a result of using this site or any linked external sites. I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 155

Certified Risk and Compliance Management Professional (CRCMP) distance learning and online certification program.
Companies like IBM, Accenture etc. consider the CRCMP a preferred certificate. You may find more if you search (CRCMP preferred certificate) using any search engine. The all-inclusive cost is $297. What is included in the price:

A. The official presentations we use in our instructor-led classes (3,285 slides)
The 2,309 slides are needed for the exam, as all the questions are based on these slides. The remaining 976 slides are for reference. You can find the course synopsis at: www.risk-compliance-association.com/Certified_Risk_Compliance_ Training.htm

B. Up to 3 Online Exams
You have to pass one exam.
If you fail, you must study the official presentations and try again, but you do not need to spend money. Up to 3 exams are included in the price. To learn more you may visit: www.risk-compliance-association.com/Questions_About_The_Certif ication_And_The_Exams_1.pdf www.risk-compliance-association.com/CRCMP_Certification_Steps_ 1.pdf

C. Personalized Certificate printed in full color
Processing, printing, packing and posting to your office or home.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

P a g e | 156

D. The Dodd Frank Act and the new Risk Management Standards (976 slides, included in the 3285 slides)
The US Dodd-Frank Wall Street Reform and Consumer Protection Act is the most significant piece of legislation concerning the financial services industry in about 80 years. What does it mean for risk and compliance management professionals? It means new challenges, new jobs, new careers, and new opportunities. The bill establishes new risk management and corporate governance principles, sets up an early warning system to protect the economy from future threats, and brings more transparency and accountability. It also amends important sections of the Sarbanes Oxley Act. For example, it significantly expands whistleblower protections under the Sarbanes Oxley Act and creates additional anti-retaliation requirements. You will find more information at: www.risk-compliance-association.com/Distance_Learning_and_Cert ification.htm

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->