Compliance from a burning platform to a burning desire. Viktoria Aastrup Head of Compliance Retail Banking Nordea

Transcription

1 Compliance from a burning platform to a burning desire Viktoria Aastrup Head of Compliance Retail Banking Nordea

2 Key enablers for being compliant Governance and Oversight People and Mind-set Policy and Process Technology and Data

3 It takes time to implement new regulatory requirements Maturity Optimize Assure Attestation Target State Business as usual Regulatory Compliance Implement Design Fix Go- Forward Assess Launch rebuild Review/ Audit Target State Gap Analysis Milestone Regulatory Action Policy Upgrade (3-5 years) Time

4 Regulators are driving a continued focus on Compliance Fines from regulatory violations Judgement based supervision approach Initially driven by focus on compliance to US Sanctions Material fines levied for historical violations Actions also highlighted weak compliance across the broader agenda Financial Crime remains a high priority for regulators Risk culture is defined by regulators as a subset of a firms broader culture, with the Financial Stability Board (FSB) stating that global regulators are focusing on institutions norms, attitudes and behaviors related to risk awareness, risk taking and risk management

5 1. The Compliance Function - the importance of a strong brand and a common identity

6 Compliance in its current form is still a young profession

7 What differentiates a Compliance Officer from other colleagues working in the regulatory and control fields? Board of Directors Board Audit Committee Board Remuneration Committee Board Risk Committee Is responsible for its own risk management and for operating their business within limits for risk exposure and in accordance with decided framework for internal control and risk management. This covers identifying, assessing, monitoring, controlling and reporting of issues related to all material financial and non-financial risks Executive Management First Line of Defence (1 st LoD) Second Line of Defence (2 nd LoD) Third Line of Defence (3 rd LoD) Nordea s independent control functions are responsible for providing the framework for internal risk control, by designing relevant processes as well as issuing relevant policies and instructions. In doing so they shall ensure: effective and efficient operations;; adequate control of risks;; prudent conduct of business;; reliability of financial and non-financial information reported or disclosed (both internally and externally);; and compliance with laws, regulations, supervisory requirements and the institution's internal policies and procedures. Responsible functions at the Nordea Group Organisation The Group Internal Audit ( GIA ) function shall provide an independent evaluation of the effectiveness of risk management, control and governance processes in the first and second lines of defence. It performs audits and provides assurance to stakeholders on internal controls and risk management processes. Business Areas Group Legal Group Compliance Group Risk Management Group Internal Audit Financial Crime Change Programme Business Risk Implementation & Support (BRIS) Regulatory Change Management (RCM)

8 What s the taste of Compliance? - it is to a large extent up to the people working with compliance!

9 Branding is to be translated to function/personal PR Differentiation Identification Uniformity How does your branding strategy look like? Proactive support and constructive challenge

10 The aim with using branding strategies to: Create a strong trademark/brand for Compliance Create a common ground for values (norms, attitudes and behaviors) Strengthen the identity of Compliance Officers Strengthen the status of Compliance Officers Attract and retain the best talents

11 1. How do you work with promoting a clear identity for Compliance Officers? 2. Which distinct attributes characterise Compliance/ a Compliance Officer 3. How does the Compliance organisation differentiate from other parts in your organisation? 4. How do you work with making Compliance/the Compliance Officer role attractive? 5. What status does the Compliance function have in your organisation?

12 2. Training and awareness it all starts with the WHY? Why compliance?

13 Everything starts with the WHY People don t buy what you do, they buy why you do it, claims Simon Sinek, leadership- and marketing inspirer, in his TED-talk, and in his book Start With Why. And Guy Kawasaki, previous chief evangelist at Apple, states: If you make meaning, you will probably make money. But if you set out to make money, you will probably not make meaning and you won t make money.

14 Banks and Financial institutions are working in the trust business Trustworthiness Ethical Culture Social Purpose Lack of Social Purpose Criminogenic Culture Ethical Failure

15 Compliance by design three pillars to attend to The what Manuals, processes, infrastructure etc. The how Training, follow up, etc. The why Culture and leadership Compliance infrastructure Changing behaviours requires personal buy in

16 A new world for banks and financial institutions A fundamental shift in values driving a public demand for common responsibility

17 3. Communication is an important tool in order to change culture (behaviors) and especially HOW we communicate

18 The compliance story in Retail Banking Being compliant gives us our license to operate, however it is also Objectives All employees should understand: why compliance is important for us as a bank how compliance impacts daily work and what each individual can start working on already today, independently of position about contributing to a better society (not only about rules and regulations) about ensuring strong relationships with our customers (not only about internal processes) about being proactive and leading the way (not only about monitoring) about a culture and a mind-set in everything we do (not only about policies, instructions & IT) a long-term commitment (not a one time exercise)

19 Why, What and How Compliance Compliance Communication Campaign 2015/16 Wave 1 Wave 2 Wave 3 Wave I: Engage Wave II: Understand Wave III: Apply Objective The program starts by explaining compliance from a high-level and external perspective Wave I Main theme Why compliance Increase level of compliance awareness and understanding Bring insight to the social responsibility that follows by being a bank employee Wave II Main theme What compliance Explain the Nordea compliance landscape, in terms of organisational setup and responsibilities Clarify how each individual fits in the total Compliance landscape and ends by explaining compliance on a more detailed and internal level Wave III Main theme How compliance Explain how to be a compliance ambassador Explain how to include compliance into daily work Format & Material ~ 20 minute presentation ~ 40 minute discussion ~ 20 minute presentation ~ 10 minutes quiz ~ 30 minute discussion ~ 20 minute presentation ~ 40 minute discussion Brochure Why Compliance film Quiz Our World of Compliance film Compliance competition Waves 1-3 Building a lasting Compliance culture film

20 Our Security Mark Compliance Communication Campaign 2015/16 ~ Sept/Oct ~ Oct/Nov Going forward raising awareness with PBA s on the customer dialogue on compliance ~ Oct/Nov solution is a Toolbox with examples, Q&A s, videos to help facilitate the customer dialogue Starts from a high- Teaser level perspective Intro by a Voxpop Follow Up from CCCP Objective Continue to increase level of compliance awareness and understanding By a teaser and a competition on the RB Intranet create awareness of the coming campaign Toolbox Introduction Introduce the? as an easy understandable symbol for the communication going forward embarrassing the BIG Q going from : Why compliance? Support our PBA s in the customer dialog by meeting their need for support in specific topics. to How compliance? Banner on the RB Intranet Format & Material Voxpop (short video with people from the streets), closing with Lennart/Viktoria reveal Topic videos Animation Q&A s Mailbox for PBA s to post suggestions and topics for the Toolbox to be addressed

21 Simplify and make it joyful

22 Use of branding strategies for Compliance Transfer knowledge Create interest Promote discussion and influence decisions Create a demand Change attitudes and behaviours

23 1. How do you work with increasing the awareness/knowledge of compliance in your organisation? 2. What do you do to spark an interest for compliance-related matters? 3. How do you work with changing the attitudes and behaviours of your co-workers? 4. How do you communicate compliance-related matters in your organisation [do you have a communication plan in place]? 5. How do you work with your Compliancefunctions [external] trademark?

24 ü A strong compliance function brand will to a larger extent support and accelerate the compliance journey - changing attitudes and behaviors ü When employees have a desire to take own responsibility and actions, to make a difference in society, you are able to establish a strong risk and compliance culture

25 Questions?

26 Thank you!