210 likes | 266 Views
Agenda. Purpose and design of board and management committees Expectations of regulators Committee structure example Advantages/disadvantages to different structures Key accountabilities, members, and responsibilities of committee Useful tools/protocols
E N D
Agenda • Purpose and design of board and management committees • Expectations of regulators • Committee structure example • Advantages/disadvantages to different structures • Key accountabilities, members, and responsibilities of committee • Useful tools/protocols • Balancing needs of separate legal entities governed by different regulatory agencies
Governance and Trust Committee Structures • Strong management and board oversight is a key element to a strong internal control and risk management structure. • A strong governance and trust committee structure both at the management and the board level allows for effective oversight and is indicative of a commitment to risk management and internal control. • The Fed, the OCC, and the OTS expect institutions with trust powers to have active executive management and board involvement. The SEC expects a strong “culture of compliance”. • For complex organizations, I believe this is managed most effectively through a committee structure. This should be customized at each institution in terms design and activities, lines of businesses and legal entities.
Expectation of Primary Regulator - OCC • Board and Senior Management have key responsibilities • Must recognize their responsibility to provide proper oversight of asset management activities, and the official records of the board should clearly reflect the proper discharge of that responsibility. • Must understand the asset management business, how asset management activities affect the bank’s position and reputation, the bank’s regulatory environment, and other external market factors. • Establish the strategic direction, risk tolerance standards, and ethical culture for asset management activities. • Adopt and implement an adequate and effective risk management system. • Monitor the implementation of asset management risk-taking strategies and the adequacy and effectiveness of the risk management system in achieving the company’s strategic goals and financial objectives. • Senior Management responsibility for effective risk management systems Ensure the development and implementation of an adequate and effective risk management system composed of risk assessment, control, and monitoring processes. • Board of Directors and Senior Management Commitment • Establish and guide the strategic direction for asset management activities by approving strategic and financial operating plans. • Create a risk management culture that promotes strong ethics and an environment of responsibility and accountability that is fully accepted within the banking organization. (Asset Management Comptrollers Handbook December 2000)
Expectation of Primary Regulator - FED • Board of Directors key responsibilities • Approve overall fiduciary business strategies and policies including those related to identifying, measuring, monitoring and controlling fiduciary risks. • Understand the nature of the risks significant to their organization and ensure that management is taking the steps necessary to manage these risks. • Senior Management key responsibilities • Implement approved strategies in a way that will limit fiduciary risks and ensure compliance with laws and regulations • Fully involved in the fiduciary activities of their institution • Have sufficient knowledge of all fiduciary business lines to ensure that necessary policies, controls and risk monitoring systems are in place and that accountability and lines of authority are clearly set forth • Ensure that its lines of fiduciary business are managed and staffed by persons with knowledge, experience, and expertise consistent with the nature and scope of the organization's fiduciary activities • Before offering new services or introducing new products, identify fiduciary risks associated with them and ensures that internal controls are in place to manage the service or product and the accompanying risk • Approve appropriate policies, procedures, recordkeeping systems and reporting systems to support the fiduciary activities and to help measure and monitor risks • Establish procedures to keep informed about changes in fiduciary activities and the associated risks (SR 96-10 (SPE) April 24, 1996 - Risk-Focused Fiduciary Examinations )
Expectation of Primary Regulator - OTS Responsibilities of the Board of Directors and Management • hiring and retaining competent personnel • ensuring that adequate management is in place to control risks • instituting adequate policies, processes and controls that consider the size and complexity of the savings association’s trust and asset management activities • establishing effective risk monitoring and management information systems • Directors are responsible for retaining and performing general supervision over the exercise of trust powers • Directors must be sufficiently independent of corporate affiliates and personal conflicts of interest to properly serve the interests of the savings association • Directors are responsible for the prudent investment and disposition of property held in a fiduciary capacity • ensuring that an annual audit is conducted • ensuring that a record of pending litigation is kept • The board should ensure that the trust department’s management information and data processing systems are adequate to provide the type and quantity of reports necessary to assess and monitor the trust department’s performance • The board should ensure that corrective action is effectively implemented when deficiencies are reported (OTS Trust and Asset Management Handbook)
Expectation of Primary Regulator - SEC • The Advisers Act incorporates an adviser's fiduciary duty under Section 206, and envisions that, in whatever factual scenario, the adviser will act in the best interests of his clients. As a fiduciary, an adviser is held to the highest standards of conduct and must act in the best interests of its clients. • Compliance Program rule, Rule 38a-1, requires board approval of the fund's policies and procedures and those of each investment adviser, principal underwriter, administrator, and transfer agent of the fund, and requires an annual report by the Chief Compliance Officer to theboard. • Recent Investment Advisor request letter suggest that active management and Board involvement is an inherent expectation: • “Registrant’s overall process for and commitment to establishing and maintaining an effective compliance culture (its “tone at the top”). • “A copy of the minutes of any risk committee meetings that were held during the inspection period. Please note that advisors are not required to have a risk committee.” • “Copy of risk management reports that show/illustrate the measures used to manage risks in client accounts, such as leverage, beta, concentration, and performance attribution analysis”. • “Copy of investment management committee minutes”.
Board Committee Structure – Example • Directors Trust Committee responsibility: • The DTC is responsible for performing duties to enable the Boards of Directors to fulfill their oversight responsibilities in relation to: oversight, including proper risk management and control, of the operation of fiduciary activities of subsidiaries, and oversight, including proper risk management and control of the operation of non-fiduciary investment related activities of the subsidiaries. In addition, certain fiduciary and non-fiduciary activities of subsidiaries are organized and managed in a manner that is closely intertwined with the activities otherwise within the purview of the Committee. This Committee shall oversee such activities to the extent of such interrelationship. The DTC is granted the authority to define the general scope, content, and direction of fiduciary and non-fiduciary investment-related products and services for the organization. • Key reporting items: • Material Risks • Emerging Risks • Significant Events • Near misses
Management Committee Structure – Example • Fiduciary and Investment Related Activities Risk Management Committee (FRMC) • The Fiduciary and Investment Related Activities Risk Management Committee is established to serve as a forum to review, inform, consult, discuss, and approve significant risk issues and action plans addressing current and emerging risks that arise in the course of executing the organization’s strategy in trust, probate, guardianship, conservatorship, and certain investment management, investment advisory, securities and custody activities. It is established to ensure major risks arising from these activities are understood, quantified, documented, mitigated where appropriate, and constrained by policy and directives as necessary in order to balance risk and return in such activities and businesses. Key reporting items: • Material Risks • Emerging Risks • Significant Events • Near misses
Management Committee Structure • Committees can be structured by department, by legal entity, or by holding company. • By Department or Legal entity: • Advantages: • Allows for focused discussions on key topics • Allows for open communication • More control over committee dynamics • Disadvantages: • Lack of independent view or assessment of issues • Limited ability to escalate issues • Lack of tie to board of directors • Potentially significant issues may not receive appropriate level of attention
Management Committee Structure (cont’d) • By holding company - Advantages: • Particularly in light of “Enterprise-wide Risk Management”, a committee that crosses legal entities and department boundaries becomes a useful tool • The risks of one line of business could affect another – open discussion allows for more complete analysis and assessment • What may be an acceptable risk at one level may be unacceptable when aggregated at a higher level • Exam experiences can be shared across entities • Can be used as a precursor to the holding company board meeting • Disadvantages: • Additional examiner scrutiny and potential scope creep • Management may not be comfortable holding open and frank discussions in presence of other LOBs or legal entities • Meeting dynamics may become difficult to manage • Potentially opening more information to discovery inquiries in litigation against one legal entity
Key Committee Accountabilities and Responsibilities • Provide oversight: • Governance • Approve policies, directives, standards • Approve new and modified products, initiatives, services, and distribution channels • Review of assessments used to determine adherence to policies, operating procedures, and strategic initiatives • Review management reports on operational and performance results • Cross-enterprise view of topics • Key elements to be discussed/considered by committee: • Significant risk issues and management strategies; • Significant changes in strategies, products, services, and distribution channels; • Significant changes in organization, policies, controls, and information systems; and • External factors that are affecting services.
Key Committee Accountabilities and Responsibilities (cont’d) • Escalate issues: • Review of material risks, emerging risks, significant events, and near misses • Committee used as a forum to facilitate the resolution of risk issues. Issues arise from: • Risk and Control Self Assessments (“RCSAs”); • Audits, exams, compliance reviews; • new or modified product recommendations; • changes in laws or regulations; • Code of Ethics; • Conflicts of Interest; or • Litigation • Issues may not be significant at lower level subsidiary or department, but when viewed in aggregate, trends may emerge or issue becomes more prominent • Committee assesses the responsiveness to deficiencies and the effectiveness of corrective action and follow-up activities • The Committee then escalates to: Board, Executive Management, CEO
Key Committee Accountabilities and Responsibilities (cont’d) • Fix accountabilities • Each issue raised is assigned an accountable executive. Ensures resolution of significant items • Issues are tracked through to resolution • Report activities that will be escalated to the board committees • Allows forum to review Board materials to ensure they are appropriate, complete, accurate
Key Members • Who your key members are is determined by the scope of the committee – some examples: • Management of areas with fiduciary risk or asset management responsibilities • Institutional Trust • Custody • Land Trust • Personal Trust • Employee Benefit Plan area • Insurance • Safekeeping • Retail broker/dealer • Investment advisor • Proprietary mutual funds • Operations • Management of Corporate Support Areas • Fiduciary Risk Management • Fiduciary Counsel • Compliance • Audit – key “permanent guest”
Useful Tools/Protocols • Timing of meetings: Useful to be 1-2 weeks prior to Holding Company board and committee meetings • Materials provided to members no less than 3 days prior to meeting to allow for review • Open items list • Reports to be presented to provide status on outstanding items • Outstanding audit, RCSA, exam, compliance issues • Calendar/Standing agenda including, at a minimum periodic reports from: • Corporate Audit • Corporate Compliance • Legal • Risk Management • Operations – operational risk issues • Line of Business – performance issues/status • Attendance list, reports of attendance • Minutes
Sample Report – Report of Chief Compliance Officer • Chief Compliance Officer utilizes this as a precursor to reporting to the Audit Committee. Information is provided in slightly more detail, discussions are more detailed, and focus for this committee is fiduciary activity only. • Top 3 issues identified or being monitored • Results of compliance monitor activities • Information on Compliance training • Legislative and Regulatory Developments • Communication with Regulators – Exam activities • Summary of Corporate Audit and RCSA reports impacting Compliance
Balancing needs of separate legal entities governed by different regulatory agencies • In large complex banking organizations, it is not uncommon to have subsidiaries governed by the OCC, Fed, SEC, NYSE, NASD, and potentially others. • Can be managed through dual reporting structures – one line to the corporate group, one line to the legal entity executive • Assess issues and risks at the entity level, then secondarily assess their impact on the line of business and organization as a whole • Utilize knowledge gained from exams and audits in one subsidiary to perform an assessment of other subsidiaries prior to their own exam or audit. • Ensure there is strong communication and reporting between the entities and the corporate area consolidating the information – impress upon the subsidiary the usefulness of being part of a larger organization • Be cautious/wary of subsidiaries that wish to operate autonomously, who are not forthcoming, who do not recognize that they are part of a larger organization