The Financial Services Royal Commission Final Report published in February 2019 set the agenda for the year as it contained recommendations for regulators and the Government as well as for financial services providers.
By shining a spotlight on the inner workings and failings of banks, insurers and superannuation funds the Royal Commission demanded that boards take action to restore their organisation’s reputation by focussing on corporate culture and board and executive accountability.
It also energised the enforcement role of ASIC and APRA.
The Government’s legislative response will continue into 2020.
Combined with a hesitant economy and a mid-year election regulatory compliance and risks have made 2019 a difficult year.
Austrac and the ACCC were also active in enforcement.
When I read reports of the latest breaches by large institutions it seems to me that allegations of systemic misconduct reflect a failure of corporate memory resulting in organisations making the same mistakes repeatedly requiring a reinvention of procedures.
Investigation reports inevitably point to poor management of divisions which result in silos that do not talk to each other or report upwards.
Products have been poorly designed with insufficient attention to consumer benefits.
Staff do not report breaches for fear of retribution.
There should instead be a culture of communication and learning from mistakes.
Technology defects are blamed on coding errors or patches on legacy systems implemented by IT staff who are no longer employed.
Catastrophic systems, personnel or governance failings should not occur if institutional knowledge has been recorded and embedded in the organisation’s compliance framework.
Complaints, disputes and communications from regulators should be recorded and reported to the board and senior management.
Recordkeeping, information management and data analytics are essential functions today.
The discipline of checklists and increased communication amongst staff can help all organisations no matter how complex and complicated the work they do.
All of these issues contribute to corporate memory and building a sustainable organisation.
Thematic review
Here’s a list of 2019’s important compliance issues (in no particular order) that will continue into 2020.
Executive Accountability
AML/CTF compliance
Whistleblowers
Privacy
Cybersecurity
Responsible Lending
Competition
Technology compliance risks
ASIC’s product intervention powers
Breach reporting
ASIC enforcement
Design and distribution obligations
Climate change risk
Modern Slavery.
Call me if you’d like an independent compliance review.