Creating a New Vision for Compliance

1
Creating a New Vision for Compliance
Presented to 2006 Middle East
Conference By Michael
Matossian, Global Head Group Regulatory
Compliance Date Sunday, 28 May
2006
Working together to enhance Compliance Risk
Management. Ensuring the risk taken is the risk
intended.
2
Outline

• Introduction/Overview
• Compliance Perceptions and Realities
• Compliance Program Essential Elements
• Challenges in Managing Compliance Risk
• Open Discussion

3
Arab Bank Profile

• Established in Jerusalem in 1930
• Headquartered in Amman since 1948
• Balance sheet of USD 37.1 billion, shareholder's
  equity of USD 5.4 billion as of March 2006
• Operates in 28 countries, including a global
  network of more than 400 branches and offices
  located in the Middle East, North Africa, North
  America, Europe, Asia, and Australia
• Provides personal and private banking, corporate
  banking, and investment services

4
What is Regulatory Compliance?
Regulatory Compliance Risk is the risk of damage
to the organizations business model, reputation
or financial condition arising from violations or
non-conformance with laws, regulations, internal
standards and policies.
Consequences of Compliance Risk

• For Companies
• Fines, civil money penalties, payment of
• damages
• Voiding of contracts
• Restrictions on business activities
• Damaged reputation and ethical corporate
• culture
• Reduced franchise value

For Individuals

• Loss of professional license
• Loss of employment, ban from industry
• Criminal prosecution

4
5
A Business Positive

• An effective compliance program not only helps
  reduce or prevent altogether the costs of fines,
  penalties, and critical reputation risk, but also
  has positive business benefits
• A strong compliance program speaks to
  organizational integrity, a
• building block of ethical corporate culture
• An ethical corporate culture helps build a
  strong reputation within our
• customers, shareholders, employees, and
  communities

6
Creating A New Compliance Vision

• Balance business practices, revenue growth,
  customer experience, and risk
• management
• Adopt a risk-based approach to ensure the risk
  taken is the risk intended
• Speak to organizational integrity and build
  compliance into corporate ethical
• culture
• Champion the customer cause
• Go beyond minimum legal and regulatory
  requirements to do the right thing

7
Compliance Program - Essential Elements

• Management support, commitment, and
  accountability, tone at the top

(Excerpt from Enrons Code of Ethics)
8
Compliance Program - Essential Elements

• Management support, commitment, accountability,
  tone at the top
• 2. Effective governance structure to oversight
  country and line of business functions
• 3. Comprehensive and actionable policies and
  procedures to reflect global and country specific
  requirements
• 4. Appropriate compliance communication,
  awareness, reporting, and education plan
• 5. Process to identify and implement
  regulatory requirements timely and effectively

9
Compliance Program - Essential Elements

• Monitoring/self-assessment programs to
  effectively detect violations and weak control
  systems
• Reporting and communication processes to ensure
  the status of significant compliance issues are
  communicated
• Tracking process for corrective actions required
  due to results from monitoring programs,
  complaints, Internal Audit, and regulatory
  reports
• Effective training programs
• 10. Involvement of compliance function in the
  development of new products and services

10
Components of a Risk Based Approach
Mitigating Controls
Risk Indicators

• Governance Structure
• Policies Procedures
• Training/Communications
• Awareness
• Independent Testing

• Customer/Business Type
• Geography
• Product/Service/Delivery
• Channels
• Transaction Type

Compliance Risk Based Approach
Regulatory Environment

• Increased regulatory expectations
• New regulations

11
The Future of Compliance
Success occurs when opportunity meets preparation.
Continuously assess risk enhance
process efficiencies
Do the right thing and do it
well.
Discover the right thing
is now the wrong
thing.
Change
Do the new right thing, but
expect to make some
mistakes.
Develop strategy and
action plan.
Communicate and execute plan.
12
A Global Perspective - Significant Challenges

• Inconsistency of regulatory requirements and
  associated enforcement actions
• Diverse country customs and business methods
  (i.e. cash based economies)
• Classification of countries as High Risk by
  various authorities
• Rapid growth in economies
• Customer data protection and confidentiality
  issues
• Information technology limitations (i.e. global
  customer information file)
• Language issues access to local expertise

13
Questions
Michael Matossian, CPA, CMA, CRP, CFE, CAMS
Global Head of Regulatory Compliance Arab Bank
plc Head Office, P.O. Box 950545, Amman 1195,
Jordan E-mail Michael.matossian_at_arabbank.com.jo T
el. 962 6 5600000, Ext. 5822