In today's StarBlog, Quincy Tse, Director of APAC for StarCompliance, offers a concise overview of the Monetary Authority of Singapore’s new individual accountability guidelines for financial services firms, and some advice on how affected firms should handle them
Toward the end of 2020, the Monetary Authority of Singapore issued new guidelines on culture and conduct in financial services, adding to the growing patchwork of individual accountability regimes in the Asia-Pacific region. The guidelines went into effect in September 2021 and broadly apply to all regional financial institutions, with limited exceptions.
Like other regulators across the globe, Singapore’s central bank has a vested interest in ensuring that the financial institutions under its jurisdiction carry out their functions in a fair and responsible manner, as these organizations are critical to the country’s economic stability. Also like other regulators, the MAS has taken the stance that ethical business practices and robust risk management policies are a product of company culture, and that a culture of compliance starts with accountability among senior managers and other firm leaders.
To that end, the MAS Guidelines on Individual Accountability and Conduct set forth five accountability and conduct outcomes that financial institutions should pursue in the quest to strengthen culture. The challenges of implementing IAC guidance will vary among firms in the region, depending on the maturity of their compliance programs, but the guidelines will almost universally increase the scope of responsibility for compliance officers.
NO REST FOR COMPLIANCE TEAMS
As of September 2021, compliance teams are now responsible for specifying senior managers’ responsibilities of Singapore-incorporated banks and insurers with businesses overseas. Furthermore, MAS suggests specifying senior manager responsibilities with respect to both the operations of the parent firms and, where appropriate, operations of the international business group.
MAS also advises compliance teams at parent banks or insurers to consider a range of metrics to identify significant downstream entities that would be considered a “material business function” of the parent bank or insurance group that could have a bearing on the group’s safety and soundness. The guidelines call on financial institutions (FIs) to have their “core management functions,” “head of business function,” and “material risk personnel (MRPs)” identified, documented, and monitored, and their corresponding roles, responsibilities, and functions clearly defined.
The guidelines also suggest that FIs assess the fitness and propriety of MRPs before their appointment and on an ongoing basis thereafter, taking into account the specific nature and implication of any uncovered risks. MAS emphasizes the importance of providing different types of relevant, ongoing training on the competencies required for their roles, identifying risk implications of their activities, and setting standards of proper conduct.
Finally, MAS calls on FIs to establish a transparent governance framework that supports senior managers and clearly identifies reporting relationships. All of this creates additional workloads for compliance teams, who must provide proper training, ensure that the right people receive it, and monitor continuously for related risk.
OUTDATED METHODS LEAD TO INSUFFICIENT REPORTING
Though compliance teams in the region will undoubtedly be working harder in the months ahead, FIs aren’t necessarily scrambling to overhaul their operations in response to the new IAC regime. The consultation period for the guidelines began several years ago, so firms have had time to prepare. And international firms with offices around the globe will benefit from their counterparts’ experiences in the U.K., Hong Kong, and Australia in tackling the Senior Managers and Certification (SMCR), Manager-In-Charge (MIC), and Banking Executive Accountability (BEAR) regimes in those countries, respectively.
However, most large FIs are still managing the processes associated with fulfilling these requirements manually, which could ultimately lead to issues when MAS begins assessing organizations’ responses. When FIs manage complicated compliance data (related to personal account dealing, gifts and hospitality spending, training and competency, IAC/SMCR, and more) separately, with multiple departments using fragmented systems and tools that don’t integrate with one another, getting a holistic view of firm compliance is no easy task.
For example, a compliance officer attempting to assess whether a prospective MRP is fit and proper for her role, and whether there have been any internal policy breaches in the preceding six months, will likely have to consult multiple firm systems and consolidate information stored across multiple channels in a variety of formats, such as spreadsheets, in-house solutions, and email records. This approach can lead to insufficient audit trails that complicate internal reporting to boards and investors, not mention external reporting to regulators.
COMPREHENSIVE COMPLIANCE DATA MEANS EASIER OVERSIGHT
Dedicated compliance software like the STAR Platform can help. STAR is a one-stop-shop that addresses many of the critical areas of employee compliance that regulators are increasingly bearing down on, including training and competency and individual accountability: both of which tend to be highly specific to the jurisdiction of the regulating authority (especially in APAC). As such, Star solutions are easily configurable to help firms operate not just more readily in accordance with unique jurisdictional needs, but also with the greater overall efficiency and effectiveness that comes with software automation. New regulations like IAC can create significant challenges for the firms that must adhere to them. As financial compliance enters a new era in Singapore and elsewhere, make sure your firm isn't trying to meet them with the processes and procedures from a previous one.