		
		<img src="images/logo.jpg" border="0"/>
		<a href="javascript:window.print();"><p><font size="2" face="Arial">Print this article</a></font></p>
		
		<p><font size="3" face="Arial"><b></b>The UK’s Wealth Management Industry Must Focus on Risk and Compliance</font></p>
		<p><font size="2" face="Arial">Ian Woodhouse</font></p>
		<p><font size="2" face="Arial">Ernst & Young</font></p>
		<p><font size="2" face="Arial">7 June  2007</font></p>
		<p><font size="2" face="Arial">While risk management and compliance have always been fundamental to wealth management, there are now more challenges to avoid failures as institutions aggressively seek to drive improved growth in clients, assets and financial returns.
 
Not surprisingly, the burden on the risk and compliance functions is increasing. Many players  already have gaps in their existing risk management frameworks. Lapses in effectiveness are seen in recent litigation and fines for mis-selling products such as split caps, and more recently structured products.

Many business leaders are now revisiting their risk and regulatory frameworks and capabilities to ensure that they are effective in providing a clearer understanding of relevant risk and compliance issues and that they have confidence in the information and assurance provided to key external stakeholders such as regulators and shareholders. 

Many are also reviewing their efficiency in terms of controlling costs against the increased demands for more resources to provide more risk and compliance related disclosures.

Emerging best practice is to elevate the importance of risk identification and assessment into the business strategic analysis and planning process, the yearly budget plan and into the internal audit process. In terms of periodic business events, a poor record of managing post acquisition risks is leading to more emphasis by some players on risk assessment in the upfront due diligence process.

In terms of operational risk concerned with the risk of loss resulting from poor or failed internal processes, people and systems, more emphasis is being placed on enhancing  operational processes and controls and particularly in the asset management and derivatives areas.

In terms of regulatory and compliance risk involving the risk of financial or other losses resulting from breaches of applicable laws or departure from codes of conduct or market practices, we now see a much greater focus on the customer agenda. 

More attention is being paid to treating customers fairly, complaints handling and product mis selling. Another area of focus which is also now receiving much greater attention is fighting financial crime which encompasses fraud, market abuse, anti money laundering and terrorist financing. Private banks and wealth managers have devoted considerable effort and resource over recent years to remediate weaknesses in this area, but problems persist.

For example a recent fine by the Financial Services Authority focused on lax employee fraud controls and procedures for monitoring large transactions in private banks. The FSA’s Director of Enforcement publicly stated that such failures exposed clients’ accounts to the risk of fraud which was unacceptable particularly with the overall increase in the awareness around fraud and client money risks. 

The director went on to observe that senior management must make sure their firms have robust systems and controls to reduce the risk of them being used to commit financial crime and stated “We will not hesitate to take action against any firm found wanting.”

The move towards more principles-based regulation in the UK may create opportunities for wealth managers to develop procedures and controls that meet the high level regulatory requirements and better fit with their business model and proposition. 

Success will require robust and mature dialogue between business management and their risk/compliance functions, and good documentation of decisions made.

Reputation risk remains high on the agenda and greater attention is now being devoted to more systematically managing this across the business, such as for example, a greater focus on upgrading client acceptance policies and KYC. 

This is becoming more challenging with both the rise of new money clients and the increased geographic dispersion of wealthy clients from emerging markets using London for their wealth management. Typical solutions are to revise policies and procedures and the use of automation to assist with identification and checking.

Many private banks and wealth managers are concerned with the fragmentation of their current overall approach to risk and compliance. There are also additional concerns over effectiveness, as for many, control and risk issues remain despite significant investments in the past few years. 

Inefficiency occurs as the business receives multiple requests from different people using different concepts and definitions of risk and control languages creating risk fatigue with the business. This is also compounded by siloed reporting driven by different risk and regulatory drivers and no clear line of sight to the business drivers.

New models are emerging to address these issues with some players reshaping their risk management and compliance frameworks to be more effective by better identifying, assessing, managing, monitoring and reporting risks. They are using more aligned and integrated approaches which identify and prioritise risks based on frequency and severity to create a risk heat map. Once the key risks are visible and the risk profile understood, risks can be managed or mitigated through linking them into the affected business and management processes and controls. 

Risk management responsibilities are clarified and reinforced often by using a “three lines of defence” concept across the organisation. Line management (the first line) has operational control and checking responsibility; the risk functions (the second line) either in the business division or at group have policy and risk appetite, assessment and monitoring responsibility, and the whole framework is tested and challenged by internal audit (the third line) and other independent review. 

This creates a shared view of the key risks, controls and responsibilities which can be communicated in a clear, consistent and transparent way across the business, risk, compliance and finance /internal audit functions as well as externally to the regulator, clients and other stakeholders.

Although best practice risk and compliance management cannot eliminate unpredictable risks, the private banks and wealth managers who upgrade their framework and approach are likely to suffer fewer and smaller surprises.
</font></p>
		
		
		</body>
		</html>