100 likes | 287 Views
Raising the Bar on Internal Audit, Risk Management and Compliance An Overview of Emerging Developments in the Post-Financial Crisis, Dodd-Frank Era. AIBA Annual Compliance Meeting June 9, 2011 Thomas P. Loughlin Managing Director Promontory Financial Group. Impetus for Dodd-Frank.
E N D
Raising the Bar on Internal Audit, Risk Management and Compliance An Overview of Emerging Developments in the Post-Financial Crisis, Dodd-Frank Era AIBA Annual Compliance Meeting June 9, 2011 Thomas P. Loughlin Managing Director Promontory Financial Group
Impetus for Dodd-Frank Some disturbing numbers… • The global financial crisis wiped out $17 trillion of household wealth from 2007 to 2009… • the 2010 GDP of the entire United States was $14.6 trillion • During the height of the crisis in 2008, Congress approved $700 billion in taxpayer dollars to stabilize the financial system… • the entire GDP of the country of the Netherlands was around $770 billion last year • 8.3 million jobs were shed in the U.S. economy between 2008 and 2009. • during the last census, the whole City of New York was only 8.2 million people This is an enormous crisis.
Prepare for the Deluge There are approximately 500 rules that have to be written under Dodd Frank… and 75 studies. Compliance, Internal Audit and Risk Management will be significantly impacted.
Dodd-Frank “First Principles” • Arm regulators with tools necessary to address risks to financial stability – • designation of nonbank financial companies for supervision • stronger prudential standards, including increased capital and liquidity, resolution plans, or living wills for the largest companies • Create early warning system to sound the alarm in the event of systemic instability • establishment of the Financial Stability Oversight Council – FSOC • Increase transparency and supervision of previously unregulated actors and activities • such as OTC derivatives market that proved so toxic during the crisis • Establish mechanism for orderly resolution of failing companies that pose a systemic risk without exposing the taxpayer • Enhance protection of consumers against abusive practices , e.g. the predatory and unsuitable mortgages that were at the heart of the crisis • new Bureau of Consumer Financial Protection, and strict underwriting standards
Systemic Risk – A Shift from Micro- to Macro-prudential… Daniel Tarullo of the Federal Reserve Board of Governors, speech of June 3, 2010: “The pre-crisis regulatory regime had focused mostly on firm-specific or, in contemporary jargon, “microprudential” risks... that regime was not up to the task of assuring safe and sound financial firms. But it did not even attempt to address the broader systemic risks associated with the integration of capital markets and traditional bank lending, including the emergence of very large, complex financial firms that straddled these two domains, while operating against the backdrop of a rapidly growing shadow banking system. A post-crisis regulatory regime must include a significant “macroprudential” component…” “Of course, if a SIFI could be resolved in an orderly fashion, negative externalities could be greatly reduced. The special resolution regime in Dodd-Frank aims at just such an outcome. The FDIC is investing considerable time and talent into making that outcome more likely, and thus bringing a greater measure of market discipline to large financial firms more generally. Together with the FDIC, the Federal Reserve will be reviewing the resolution plans required of larger institutions by Dodd-Frank…” Expect a higher standard – and plan for new requirements
…and Enhanced Capital Requirements Daniel Tarullo of the Federal Reserve Board of Governors, speech of June 3, 2010: “While Dodd-Frank mandates an enhanced capital requirement for SIFIs, it does not specify the form of that requirement. I would suggest five desirable characteristics. • in keeping with the macroprudential aims… an additional capital requirement should be calculated using a metric based upon the impact of a firm’s failure on the financial system as a whole • the metric should be transparent and replicable • the enhanced capital standards should be progressive in nature…it is generally better to avoid cliff effects, whereby significant regulatory consequences ensue based on relatively modest differences among firms • it is important that an enhanced requirement be met with high-quality capital. Our presumption is that this means common equity • U.S. requirements for enhanced capital standards should, to the extent possible, be congruent with international standards… Of course, we will in any case apply our enhanced standards, as required by Dodd-Frank, to foreign banking organizations operating in the United States.” Expect heightened focus on quant/modeling sophistication
OCC Guidance to Large Bank Examination Teams • Focus specifically on the following areas: • Strong balance sheets • Urgency in addressing credit quality • Upgrades to bank technology: enhancing enterprise-wide risk management • Fair Lending • BSA/AML • “Maintain supervisory pressure on the improvement of technology to enable enhanced enterprise-wide risk management going forward. This includes improving bank capabilities to identify and track performance relative to established risk tolerance levels (risk appetite), and to perform scenario analyses as well as stress tests that consider bank specific issues as well as macroeconomic factors.” • “While we have operated for many years with the premise that “satisfactory” oversight functions were generally sufficient, the realities noted above now lead us to the conclusion that Large Banks should not operate with anything less than “strong” audit and risk management functions.” Expect increased pressure on second and third level of defense activities
Be Prepared • Regulators are making policy choices daily in hashing out the details of Dodd-Frank - the time to engage in the regulatory process is now. • Evaluate Internal Audit, Risk Management and Compliance team skills relative to elevated regulatory expectations. • Prepare for the fact that Risk Management and Internal Audit will increasingly incorporate elements of systemic risk, necessitating a greater degree of analytical and visionary capabilities. • Increase focus on quantitative capabilities, particularly the robustness of stress testing processes, model governance, and validation. • Strengthen and reinforce a holistic view of risk, particularly among the Risk Management, Internal Audit, and Compliance groups. • Understand that regulatory focus is expanding beyond the “letter of the law” to include the “spirit of the law” • Be alert to developments impacting the emergence of the Consumer Finance Protection Bureau and to the potential implications of this agency for Compliance and Internal Audit.
About Promontory Promontory is a leading strategy, risk management, and regulatory compliance consulting firm for the financial services industry. Led by our Founder and CEO, Eugene A. Ludwig, former U.S. Comptroller of the Currency, our professionals have deep and varied expertise gained through decades of experience as senior leaders of regulatory bodies and financial institutions. We assist our clients in creating sound, sustainable strategic plans and governance structures, meeting regulatory requirements, strengthening credit and other risk controls, analyzing capital and liquidity needs, acquiring new bank charters, performing third party due diligence and securities-related reviews, and conducting internal investigations. With offices and operations in Washington, DC, New York, San Francisco, Atlanta, Brussels, Dubai, London, Milan, Paris, Singapore, Sydney, Tokyo and Toronto, we are able to service clients wherever their needs arise. Promontory, a firm with strong ties to Washington and other capitals, has advised banks and other financial institutions around the world.
About Tom Loughlin Thomas P. Loughlin Managing Director 202.384.1044 tloughlin@promontory.com Mr. Loughlin specializes in advisory services, investigations, and independent monitoring efforts that involve management processes, reporting, and controls, specifically in the areas of accounting, auditing, regulatory compliance, and financial reporting.Before joining Promontory, Mr. Loughlin was a founder and managing director of Clarient Group LLC, advising executive management and boards of directors with respect to oversight of financial reporting, accounting, controls, regulatory compliance, audit and other review activities, and external auditor relationships. Previously, he was a partner at KPMG LLP where he directed audit and assurance services for major financial institutions. He co-founded KPMG’s structured finance practice and led its securitization and investor reporting services. Mr. Loughlin was also a managing director at KPMG Consulting, where he served on the executive committee of its financial services advisory practice.Mr. Loughlin is a graduate of Fairfield University, and is a member of the AICPA.