Sunday, December 20, 2015

Talking points for DB

The firm’s regulatory reporting infrastructure is fragmented and ineffective in ensuring high quality, accurate reports. Regulatory reporting information is compiled from a variety of applications and data sources, these data sources cannot be reconciled to report control totals. Initiated in 2012 the team utilises a combination of e-mail and SharePoint.

Corporate Banking & Securities (CB&S) is looking to build out its ‘business control function’ by moving to a more robust infrastructure model. Initiated in 2012 the team utilizes a combination of e-mail and SharePoint. CB&S is seeking to migrate away from the existing e-mail / SharePoint process environment to a more robust infrastructure model, using the Global Supervisory System (‘GSS’), a workflow / document repository tool.

To ensure that Front Office staff provide evidence that they have executed business controls, as set out in internal policies and procedures.
In summary, the team ensure that business (Level 1) controls are executed against a pre-determined schedule and supporting documentary evidence is both timely and complete, as well as follow up on any exceptions;

provide monthly Management Information System (MIS) to product line and regional management teams;
interface with the Global Supervision team to shape tools, methodologies and processes;
interface with Legal/Compliance on new regulations and/or rule interpretations that may necessitate new control implementation,
and act as a point of contact for internal / external audits and regulatory assessments.


Managed the CEO Certification process for the Securities Divisions:
created infrastructure to support 250+ supervisors,
rolled out 100+ supervisory checklists,

Ensure timeliness of Front Office control evidence submission.
Ensure completeness of control evidence submitted by the Front Office.
Follow up with Front Office staff where control evidence is late / incomplete.
Collate control evidence as required for ad-hoc internal and external audits.
Test new / enhancement to both infrastructure and processes to ensure effective control framework.

Corporate Banking & Securities
Corporate Banking & Securities consists of Deutsche Bank's Markets and Corporate Finance divisions and serves the world's leading Corporates, Governments and Institutions.

Corporate Finance is responsible for mergers and acquisitions, including advisory, debt and equity issuance, and capital markets coverage of large and medium-sized corporations. Regional and industry-focused teams ensure the delivery of the entire range of financial products and services.

Markets combines the sales, trading and structuring of a wide range of financial market products, including bonds, equities and equity-linked products, exchange-traded and over-the-counter derivatives
Posted by at

Sunday, May 17, 2015

Supervisory Control

The user of Supervisory Control may be a person/group trying to do the below functions:

Responsibilities:
• Advice business areas on firm policies and procedures and applicable securities laws and FINRA regulations
• Identify regulatory trends and developments that impact business areas, and advise staff as to how this may impact their current activities.
• Draft, update, and implement relevant policies and procedures.
• Provide regulatory/compliance training.
• Assist the business implement and document various supervisory/control mechanisms.
• Participate in internal investigations, respond to regulatory inquiries, and coordinate internal and external audits and inspections.
• Interact with federal and state regulators
• Perform testing and monitoring of compliance with firm policies and conduct risk assessments of the business to ensure effective business control framework

What does a Supervisory Control Program Manager do?
  • Taken from LinkedIn - Elena Danova - Director DB.  
  • https://www.linkedin.com/pub/elena-danova/6/7b2/765
Senior Compliance Manager in charge of cross-product regulatory implementations and supervisory control initiatives.
• Managed the CEO Certification process for the Securities Divisions: created infrastructure to support 250+ supervisors, rolled out 100+ supervisory checklists, developed Written Supervisory Procedures, engineered quarterly certifications through a consolidated workstation dashboard, resulting in reduced regulatory risk and efficient supervisory signoffs.
• Managed Policies and Procedures globally: performed final policy review / approval, drafted manuals, supervised policy implementation. Introduced a global process which improved planning and execution of policy efforts.
• Developed Training plan and Needs analysis for the Securities Divisions, managed training resources.
• Created strategy for the integration of the Equities and FICC Compliance Divisions: identified compliance functions which can be integrated and crafted an implementation proposal. Integration realized 30% efficiency and developed uniformity and a single brand for Compliance.

  • Taken from LinkedIn - Louis Damiano
  • Ln Profile - SVP, Supervisory Control Officer

– Present (13 years)Greater New York City Area
-Participate in the new hire process of sales traders and conduct appropriate training of sales traders.
-Assist in the firm’s continuing education process.
-Prepare Compliance Alerts to the Trading Department.
-Conduct daily monitoring of NASDAQ OMX/ACT workstation.
-Insure the firm’s compliance with Regulation NMS.
-Conduct compliance reviews of institutional trading desks.
-Conduct review of sales traders’ electronic communications.
-Monitor appropriate supervision of institutional trading desks.
-Assist in the firm’s development with regard to compliance with SEC Rule 15c3-5 “Market Access”.
-Advise trading managers of proposed rules and rule interpretation.
-Interact with external regulatory agencies and internal auditors including annual exams.
-Maintain and update the firm’s Trading Department Compliance Manual.
-Conduct Annual Compliance Meetings.
-Compliance representative on Best Execution, Regulation SHO, Direct Market Access, Real Time Risk Monitoring, Options Monitoring committees.
-Assist in developing firms error account procedures and monitor firm’s error accounts on a daily basis.
-Review and monitor firm’s employee trading activity.
-Frequent review of traders’ manual/electronic order tickets.
-Assist in the development and review of various daily exception reports.
-Responsible for review of FINRA Monthly Compliance Report Cards.
-Conduct branch office examinations
-Research and respond to regulatory inquiries.
-Assist in sales of restricted and controlled stock.
-Assist in the filing of QSR and AGU agreements.



Deutsche bank LIBOR & Other rates fixing scandal

Recent slap on the wrist from FRB NY:
The Federal Reserve Bank of New York (FRBNY) conducted a review of selected regulatory reports filed by Deutsche Bank Trust Corporation (DBTC) and Deutsche Bank AG New York branch (DBNY), collectively (DB) as of March 31, 2013. Our objectives were to assess the accuracy of the regulatory reports, the efficacy of the governance for the reporting processes, and progress achieved in addressing issues identified during the last review conducted in 2007.
We have concluded that the regulatory reports provided by DB are of low quality, inaccurate and unreliable. The size and breadth of errors strongly suggest that the firm’s entire U.S. regulatory reporting structure requires wide-ranging remedial action. We also concluded that no progress was made in remediating prior supervisory concerns as the firm’s U.S. operations regulatory reporting process continues to be fragmented and suffers from weak or inadequate internal controls. Moreover, longstanding weaknesses in the firm’s information technology infrastructure impair the firm’s ability to produce accurate regulatory reports. Lastly, we conclude that oversight by the Compliance and Internal Audit functions is inadequate and ineffective.
The errors identified from our review result from several root causes including: systems limitations, coding errors; misinterpretation of instructions; inadequate analysis and documentation of the quality assurance process; and poor coverage by Internal Audit and Compliance Group. Additionally, there is a lack of ownership by the lines of business (LOBs) in ensuring data integrity, data validation, and the continuous monitoring of data quality. The limitations of the firm’s information technology systems necessitate excessive manual intervention, which expose the firm to significant operational risk and misstated regulatory reports.
Since 2002, the FRBNY has highlighted significant weaknesses in the firm’s regulatory reporting framework that has remained outstanding for a decade. Our review disclosed that several previous attempts by the firm failed to produce sustainable solutions to addressing the weakness in the regulatory reporting process or to improve the quality of data. The scope of the most recent project to address these weaknesses, known as the Bank Regulatory Reporting Program (BRRP) developed in 2012 was not comprehensive. While the BRRP focused on both short-term interim and longer-term strategic solutions using the firm’s global Strategic Reporting and Information Delivery Program (StRIDe), the planned project scope was limited and would not have addressed the issues identified during our review. Discussions with FRBNY supervisory staff resulted in an expansion of the project’s scope and in additional financial and managerial resources being devoted to the BRRP
While these changes are encouraging, we remind management that in the interim effective compensating controls designed to produce high quality, accurate regulatory reports must be put in place. In addition to the requirements outlined below, given the long standing, unresolved repeat nature of our findings, coupled with the public nature of regulatory reports, additional remediation requirements will be forthcoming. The matters below require immediate attention by the DBAG NY Branch Executive Committee, Board of Directors and Senior Management:
Matters Requiring Immediate Attention (“MRIA”)
1. Repeat Issues/Inadequate Governance:
We found that most of the issues identified in our current review are repeat issues that were previously highlighted to management over the past decade. These include: a disjointed and inadequate regulatory reporting infrastructure; inadequate monitoring functions; insufficient breadth and depth of regulatory reporting training; limited accountability policies; and material errors and poor data integrity. Additionally, significant regulatory reporting issues were highlighted in 2012 by an external consulting firm, Internal Audit and the firm’s Quality Assurance Group also remain unresolved. Most concerning is the fact that although the root causes of these errors were not eliminated, prior supervisory issues were considered remediated and closed by Senior Management. The DBAG NY Branch Executive Committee and Board of Directors are required to immediately ensure that the root cause of all issues identified by supervisors, or other control areas within DB (e.g., external consulting firms, Quality Assurance Group, Internal Audit) are addressed and validated by an independent group.

2. Fragmented Regulatory Reporting Information Technology Infrastructure:
The firm’s regulatory reporting infrastructure is fragmented and ineffective in ensuring high quality, accurate reports. Regulatory reporting information is compiled from a variety of applications and data sources, these data sources cannot be reconciled to report control totals. Additionally, multiple manual adjustments (in excess of 800 and totaling approximately $337 billion) are required to prepare the FR Y- 9C. These adjustments require substantial resources, lack transparency and do not allow for sufficient time to effectively review and analyze the data, prior to filing with the FRBNY. Lastly, the firm does not have the capability to effectively implement the new complex reporting requirements. The DBAG NY Branch Executive Committee and Board of Directors are required to immediately ensure that automation efforts to improve the quality of regulatory reports are effectively executed. In the interim, Senior Management must implement compensating controls so that manual adjustments and workarounds are effectively implemented, clearly explained, well documented and auditable.

3. Lack of Data Integrity/Quality:
Examiners found material reporting errors and other data quality weaknesses across LOBs and legal entities (LEs). Additionally, we observed ineffective preventive internal controls over the data entered into operational systems, poorly maintained static customer information and the lack of requisite documentation at the point of origin of a transaction (i.e., inception or at the onboarding of transactions), which later resulted in material reporting errors. Other factors contributing to regulatory reporting weaknesses include the lack of a data governance process to ensure data integrity in subsystems as well as misinterpretation of reporting instructions. These issues raise significant concerns about the adequacy of financial internal controls for the regulatory reporting process. The firm must undertake corrective action to improve the quality of its regulatory and structure reports and more generally, the data acquisition and maintenance processes. Toward this end, the DBAG NY Branch Executive Committee and Board of Directors are required to immediately ensure that Senior Management maintains high quality information in subsystems. This should include ‘scrubbing’ of product systems to enhance the integrity of information at the point of origin and when onboarding transactions. Additionally, the firm must conduct a comprehensive review of customer information files (static data) to identify discrepancies across products, implement changes in source systems, and ensure changes are sustainable.

4. Inadequate Accountability Framework:
The governance framework of the firm’s business infrastructure and financial recordkeeping environment is a shared responsibility of the LOBs, Finance, Risk, and Information Technology functions. The firm lacks an effective accountability process to ensure a high quality of data that is used to develop accurate regulatory and more generally, management information reports. With regard to reports filed with the FRBNY, the firm has not developed a formal Accountability Policy and governance structure that clearly articulates roles and responsibilities for all areas responsible for the integrity of regulatory reports.
Supervisors expect firm’s to develop effective accountability policies and practices. Key components of an effective accountability policy include: (a) developing an integrated governance structure for the escalation and effective monitoring and resolution of all identified issues across all reports and processes; (b) maintaining a comprehensive issues log that tracks issue owner, includes root cause analyses and solutions; affected entities; impacted reports and schedules; remediation owners, and target completion dates; and (c) incorporating a sustainable enforcement process, which defines accountability for accuracy of regulatory reports.

Senior Management of the banking organization is required to immediately:
- Increase the effectiveness of the accountability process and improve data quality by:
– Establishing a formal accountability policy that delineates roles and responsibilities for data owners and Finance staff and developing an effective and sustainable enforcement process, which requires accountability for accuracy of all regulatory reports across LOBs and LEs. The policy should reflect management’s expectations of employees in preserving the integrity of the firm’s regulatory and organizational structure reporting requirements to ensure that changes are communicated to the FRBNY timely and accurately.
– Maintaining a comprehensive issues log that tracks issue owner, root cause analysis, reports and schedules affected; date the issue was identified; interim and strategic solutions; remediation owner; and target completion dates.
– Improving the firm’s Data Quality Assurance Validation Attestation processes conducted by LOBs by including outstanding reporting issues outlined in the firm’s issues log, Internal Audit, Compliance Group, supervisory findings; and the accuracy of static customer and product identification data at the point of origin of the transaction.

7. Inadequate Independent Review and Monitoring Functions
Compliance and Monitoring Surveillance & Inspections:
The Compliance Group’s risk assessment process and testing program failed to identify the firm’s systemic breakdown in the operation of various customer deposit accounts that resulted in wide-spread, longstanding violations of Regulation D (Reg D).
The testing performed by Monitoring Surveillance & Inspection’s (MSI) was limited to only one aspect of Regulation D in which the broader Compliance Group’s risk assessment deemed the risk to be moderate, and excluded other significant aspects of the regulation that were deemed as low risk, including time deposits (early withdrawal penalties); MMDAs (six-transfer limit), and demand deposit sweep program (missing sweep agreements or agreements lacking requisite language). The failure to detect violations arose from a fundamental lack of understanding of the requirements of Regulation D, ineffective risk assessment process and is reflective of a breakdown in the independent monitoring and oversight function of the Compliance Group to include MSI.
Internal Audit:
Internal Audit (IA) failed to detect long-standing weaknesses in the overall regulatory reporting framework. More specifically, our review of the results of lA’s reviews of regulatory reporting from 2009 to present identified only one instance in 2012 that highlighted a critical weakness in the reporting framework. An external consulting firm conducted the regulatory review that highlighted the deficiency. The failure of Compliance and Internal Audit to detect the systemic breakdown in the regulatory reporting process is unacceptable. The DBAG NY Branch Executive Committee and Board of Directors are required to immediately take corrective action to ensure Senior Management increases the level of control staff expertise needed to effectively conduct their respective oversight roles and responsibilities. Both Compliance and IA must improve their respective risk assessments, and monitoring and testing work programs related to regulatory reporting internal controls and framework and other ancillary support functions to ensure compliance with laws and regulations and regulatory reporting requirements.

8. Violations of Regulation D:
We determined that certain accounts were being operated in violation of Regulation D. Consequently, the DBAG NY Branch Executive Committee and Board of Directors are required to immediately conduct an independent, firm-wide review of all deposit accounts and investment and sweep account arrangements operated during 2013 to ensure accounts are operated in accordance with Regulation D. DB must provide a written summary of the results of the aforementioned firm-wide review to FRBNY, including but not limited to:
– a list of all clients determined to be ineligible for sweep transactions (to include netted sweep balances), the criteria used to determine ineligibility and the corresponding corrective actions;
– the average daily balance for each client and the aggregate average daily balance across all ineligible clients for these sweeps;
– a list of MMDAs accounts operated in violation of Reg. D. along with samples of clients notifications regarding transactions that exceed Regulation D requirements and other corresponding corrective actions;
– a list of early withdrawals of time deposits where penalties were not imposed, client notices and other corresponding corrective actions; and
– changes to LOB internal controls, IA and Compliance function’s processes, policies and procedures to ensure ongoing compliance with Reg. D.
Based on the results of this review, restated regulatory reports may be required as well as a “make up” of required reserves.
At the conclusion of this review, we discussed with management regulatory reporting exceptions. The Appendix to this letter lists the affected reports and describes major issues identified. Under separate cover, Kenneth Lamar, Senior Vice President, the Federal Reserve Bank of New York’s Statistics Function, will provide a detailed listing of all the errors identified during our review.


Best Practices:
To assist firms in the process of reviewing and, where necessary, modifying, their current internal controls against unauthorized trading, we have recently solicited input from a range of firms regarding their internal controls, as well as the preliminary results of internal reviews. We are publishing those practices now with the expectation that doing so will help other firms as they undergo their own review process. While FINRA believes that these practices are worthy of consideration, we understand that their relevance and feasibility will vary depending on a firm’s size and business model. We also note that this is not an exhaustive list, and is not intended to create a safe harbor from regulatory exposure or to discourage firms from completing their own comprehensive internal audits.
Mandatory Vacation Policies
An increasing number of broker-dealers have identified “sensitive” jobs, and adopted mandatory policies requiring employees in those positions, including traders, to be away from the office for a minimum amount of time, typically ten consecutive trading days. During that time away, the employee is barred from having physical or electronic access to the firm, its facilities, or systems. The theory behind this policy, which has been common in the banking industry, is that if an employee has engaged in unauthorized activity and is concealing it, the activity will likely be exposed in the firm’s trade reconciliation process within that time, because the employee is not able to continue the concealment while away from the firm and its systems.
A mandatory vacation policy must be enforced in order to be effective. In at least one recent well-publicized case, the firm had such a policy, but the trader involved had not taken the full, mandatory, consecutive vacation in several years. Exemptions should not be granted except in unusual circumstances and repeated requests for exemptions should be considered a red flag warranting additional monitoring. Firms also should assure that their systems support blocking employees on mandatory vacation from accessing firm systems.
A mandatory vacation policy may not be feasible or reasonable for all firms. However, we urge firms to consider it as part of their risk management procedures. If a firm determines not to adopt such a policy, it should consider other methods of identifying and reviewing the trading activity of traders who have not taken an extended vacation in the past year.
Heightened Scrutiny of Red Flags
As firms review their internal controls, they should pay attention to whether they are both adequately mining available trade data for red flags and following up on those red flags where appropriate. Among other things, firms should monitor, and, when necessary, conduct heightened scrutiny of:
Trading limit breaches. At least one firm surveyed recently has implemented a tool that allows for monitoring of limit breaches by a trading book or individual trades in real-time, and can be set to generate alerts based on a range of parameters, including the notional value of a trade, share size (net/gross position), amount of orders or traders per day and total dollar value per day.
Unrealized profit and loss (P&L) on unsettled transactions. Trading desk managers and financial control managers should pay careful attention to sizeable amounts of unrealized P&L and should understand the nature of the transactions creating these amounts.
Unusual patterns of cancellations and corrections, particularly those involving multiple cancellations or corrections by the same trader or involving the same counter-party. Certain firms prohibit a front-office trader or salesperson from entering cancels and corrects into the trading system and limit the entry of these transactions to mid-office (e.g., those involved in risk management) or back-office (e.g., those involved in settlement services) personnel.
Transactions in which confirmation and settlement do not occur on a timely basis, or where settlement is outside of normal cycles.
Reports of aged unresolved reconciling items and aged outstanding confirmations.
Reports of P&L that exceed a certain de minimis amount by traders who are supposed to be flat, or unusually large one-day P&L reports.
The details underlying a trader’s Value at Risk (VaR), including the long and short positions, on a daily or intra-day basis, as appropriate. Firms should also consider other risks associated with a trader’s positions, such as liquidity risk, the adequacy of hedges and the risks associated with imperfect hedges. This includes understanding and reviewing the valuation of all positions, particularly positions in exotic instruments or instruments that have little or no market.
Repeated or unusual requests by a trader to relax existing controls, including position or P&L limits.
Trading in products that are outside of a trader’s known expertise, without prior approval.
Any other unusual or significant differences between a trader’s account positions and the account activity, such as might be detected by comparison of gross and/or net position to the cash flows of positions; i.e., margin/collateral calls to and from counterparties to the trades.
A pattern of aged fails to deliver for long or short sales.
Whether these data points are reviewed manually, or with the use of automated surveillance tools, or some combination, a firm’s controls should not just note deviations from normal trading patterns as red flags that might signal proprietary business risk, but as signals of possible regulatory risk as well. And, to the extent that firms use automated surveillance tools to identify such items, their internal control systems should include adequate and routine maintenance and testing of those systems.

Protection of Systems and Risk Management Information
In some cases, rogue traders have been able to falsify a firm’s books and records to conceal illicit trading activity due to lapses in password security and other systems protections. Firms should make certain that each employee’s access to systems is limited strictly to what is appropriate for the employee’s function within the firm. This control should not be limited to traders; it should be in place for any employee whose role includes access to trading systems. If an employee’s function changes within the firm, the firm should make sure that the employee’s access changes accordingly. For example, if an employee moves from the back office to a trading desk, that employee’s access should be changed to reflect his or her new role, and access to the back-office functions should be revoked. Firms should also make sure that access is suspended during any mandatory vacation period and cancelled promptly if the employee leaves the firm.
Firms also should protect information about surveillance or monitoring systems and procedures that might help employees circumvent those systems. For example, knowledge that the firm divides responsibility for reviewing certain trade monitoring functions by product type might help a trader who is creating fictitious trades to avoid detection by creating trades involving different products, so that the trades would not all be reviewed by the same personnel. In at least one recent case, a trader’s intimate knowledge of back-office procedures and risk management procedures, including what would—and what would not—trigger heightened scrutiny, may have allowed him to avoid detection for a much longer period than he otherwise might have. Therefore, firms should limit knowledge about the details of their risk management procedures and systems to the extent possible and consider modifying them in response to personnel changes, such as a back office employee becoming a trader. Firms also should consider whether there are appropriate mechanisms in place to review all activity of a given trader.
Firms may want to consider more than a single password to allow access to certain systems. More sophisticated systems require three-factor authentication before access is allowed, including not only a password but also a security card or other I.D. such as a token ring, and a unique identifier such as a fingerprint. Firms need to weigh both the inconvenience and the cost of these additional security measures in determining which controls are appropriate.
Supervision and Accountability
Certain financial services companies have established matrix management structures such that employees may have both direct and dotted line reporting to multiple managers. While matrix management may make sense for an organization, it is important for employees to understand who they report to and what they are held accountable for in their day-to-day job responsibilities. Correspondingly, both the dotted line and the direct manager must have a clear sense of who is responsible for each aspect of the business. It is critical that responsibility for supervision of each aspect of the business be allocated to a specific manager and that these managers have frequent communications to understand their respective businesses. Documenting these supervisory responsibilities in writing is recommended.

Intercompany Transactions
Many FINRA firms are part of larger, complex financial services organizations. The FINRA member firm generally conducts a large number of intercompany transactions with its affiliates. Often the basic controls that are in place for third parties, including controls around credit risk and market risk, are waived for affiliated transactions. In light of the recent cases of unauthorized trading, firms may want to reevaluate whether certain third-party controls that limit their exposure would be appropriate for affiliated transactions. Further, reconciliations of intercompany transactions and balances should be performed on a regular basis.

Compliance Culture
As recent events have demonstrated, even the most rigorous internal controls and risk management procedures can fail if they are not effectively enforced and the effectiveness of that enforcement is directly related to the “tone at the top.” A corporate culture that marginalizes the individuals or departments responsible for trade reconciliation and risk management will undermine the effectiveness of even the most elaborate policies and procedures. In reviewing the adequacy of their internal controls around unauthorized proprietary trading by individual traders, firms should pay attention to any systemic or cultural dynamics that may undermine the effectiveness of those systems. For example:
Do mid- and back-office functions have sufficient independence, clout and profile within the organization? To whom do they report?
Are mid- and back-office personnel adequately trained and encouraged to raise issues about suspicious activity, even if it involves successful traders or activity that is generating profits for the firm, or doesn’t technically violate any limits?
If operations, compliance or internal audit personnel receive a questionable or inadequate response by a trader, are they encouraged to challenge such a response and/or raise the issue to their supervisors where appropriate?
 If the firm operates in a global context, do its internal controls take into account any cultural differences that might discourage adequate internal oversight or reporting? For example, anonymous reporting might be appropriate in certain environments.
Responsibilities:

• Advice business areas on firm policies and procedures and applicable securities laws and FINRA regulations
• Identify regulatory trends and developments that impact business areas, and advise staff as to how this may impact their current activities.
• Draft, update, and implement relevant policies and procedures.
• Provide regulatory/compliance training.
• Assist the business implement and document various supervisory/control mechanisms.
• Participate in internal investigations, respond to regulatory inquiries, and coordinate internal and external audits and inspections.
• Interact with federal and state regulators
• Perform testing and monitoring of compliance with firm policies and conduct risk assessments of the business to ensure effective business control framework - See more at: http://www.compliancesearch.com/cgibin/webdata_pro.pl?_cgifunction=form&_layout=new&keyval=jobs.ID=1319572785#sthash.FNqEHIhJ.dpuf
Responsibilities:

• Advice business areas on firm policies and procedures and applicable securities laws and FINRA regulations
• Identify regulatory trends and developments that impact business areas, and advise staff as to how this may impact their current activities.
• Draft, update, and implement relevant policies and procedures.
• Provide regulatory/compliance training.
• Assist the business implement and document various supervisory/control mechanisms.
• Participate in internal investigations, respond to regulatory inquiries, and coordinate internal and external audits and inspections.
• Interact with federal and state regulators
• Perform testing and monitoring of compliance with firm policies and conduct risk assessments of the business to ensure effective business control framework - See more at: http://www.compliancesearch.com/cgibin/webdata_pro.pl?_cgifunction=form&_layout=new&keyval=jobs.ID=1319572785#sthash.FNqEHIhJ.dpuf
Responsibilities:

• Advice business areas on firm policies and procedures and applicable securities laws and FINRA regulations
• Identify regulatory trends and developments that impact business areas, and advise staff as to how this may impact their current activities.
• Draft, update, and implement relevant policies and procedures.
• Provide regulatory/compliance training.
• Assist the business implement and document various supervisory/control mechanisms.
• Participate in internal investigations, respond to regulatory inquiries, and coordinate internal and external audits and inspections.
• Interact with federal and state regulators
• Perform testing and monitoring of compliance with firm policies and conduct risk assessments of the business to ensure effective business control framework - See more at: http://www.compliancesearch.com/cgibin/webdata_pro.pl?_cgifunction=form&_layout=new&keyval=jobs.ID=1319572785#sthash.FNqEHIhJ.dpuf
Posted by at No comments:

Saturday, May 16, 2015

Strategy to satisfy supervisory standards and investor demands

Key DB frauds:
Deutsche Bank agreed to pay $1.9 billion in December to settle claims that it had defrauded the government-controlled companies Fannie Mae and Freddie Mac in the sale of mortgage-backed securities before the American real estate market collapsed. 

European Union antitrust authorities fined the bank €725 million for its role in helping to rig benchmark interest rates.

Deutsche Bank suspended several traders amid investigations into potential manipulation of the $5-trillion-a-day foreign exchange market, according to a person briefed on the matter. The traders who were placed on leave worked in the German bank’s offices in New York.

DB included in Dark Pool probe along with UBS.

Fed is seeking more than $190 million in back taxes plus penalties and interest.
The lawsuit, alleges that Deutsche Bank DB engaged in a series of transactions meant to evade federal income taxes.“Through fraudulent conveyances involving shell companies, Deutsche Bank tried to make its potential tax liabilities disappear,”Manhattan U.S. Attorney Preet Bharara said in a statement. “This was nothing more than a shell game.”

For historical list - www.corp-research.org/deutsche-bank

=================================================================
Key reactions by DB:
Deutsche Bank officials last month said the bank is "working diligently" to address technology and compliance issues, spending €1 billion ($1.34 billion) on "systems and controls" and assigning 1,300 people to the effort, including 500 new employees in the U.S. alone.
The German bank already has taken steps to
  1. Improve systems that send real-time trade confirmations to counter-parties.
  2. Process end-of-day transaction reports. 
  3. In June, the bank raised €8.5 billion by selling shares to investors, in part to contend with tougher U.S. capital requirements.


E&Y Article
As banks start the new year, they face a formidable challenge: how to design, implement
and manage a business model that will satisfy the requirements of supervisors as well as
the demands of shareholders and investors.
Although the emphasis and details may vary from one jurisdiction to another, banking supervisors have a clear agenda: to improve banks’ condition, improve banks’ controls and improve banks’ culture.
Market supervisors also have clear objectives: to improve the efficiency and integrity of
markets as well as to protect consumers and investors. Shareholders and investors are
demanding that banks provide them with returns commensurate with the risk that they are
assuming.
Improving banks’ condition has effectively been “Job One” for regulators and supervisors
since the crisis. Increases in capital requirements and the introduction of liquidity
requirements have made banks more resilient, so they are less likely to fail. Resolution
reform is on the way to making banks “safe to fail” so that the system as a whole is more
resilient. The net result is more capital relative to assets, and less leverage. 


FDIC Law, Regulations, Related Acts



5000 - Statements of Policy



Supervisory Policy Statement on Investment Securities and
End-User Derivatives Activities
I. Purpose
This policy statement (Statement) provides guidance to financial institutions (institutions) on sound practices for managing the risks of investment securities and end-user derivatives activities.3 The FFIEC agencies--the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the Office of the Comptroller of the Currency, the Office of Thrift Supervision, and the National Credit Union Administration--believe that effective management of the risks associated with securities and derivative instruments represents an essential component of safe and sound practices. This guidance describes the practices that a prudent manager normally would follow and is not intended to be a checklist. Management should establish practices and maintain documentation appropriate to the institution's individual circumstances, consistent with this Statement.
II. Scope
This guidance applies to all securities in held-to-maturity and available-for-sale accounts as defined in the Statement of Financial Accounting Standards No. 115 (FAS 115), certificates of deposit held for investment purposes, and end-user derivative contracts not held in trading accounts. This guidance covers all securities used for investment purposes, including: money market instruments, fixed-rate and floating-rate notes and bonds, structured notes, mortgage pass-through and other asset-backed securities, and mortgage-derivative products. Similarly, this guidance covers all end-user derivative instruments used for nontrading purposes, such as swaps, futures, and options.4 This Statement applies to all federally-insured commercial banks, savings banks, savings associations, and federally chartered credit unions.
As a matter of sound practice, institutions should have programs to manage the market, credit, liquidity, legal, operational and other risks of investment securities and end-user derivatives activities (investment activities). While risk management programs will differ among institutions, there are certain elements that are fundamental to all sound risk management programs. These elements include board and senior management oversight and a comprehensive risk management process that effectively identifies, measures, monitors, and controls risk. This Statement describes sound principles and practices for managing and controlling the risks associated with investment activities.
Institutions should fully understand and effectively manage the risks inherent in their investment activities. Failure to understand and adequately manage the risks in these areas constitutes an unsafe and unsound practice.
III. Board and Senior Management Oversight
Board of director and senior management oversight is an integral part of an effective risk management program. The board of directors is responsible for approving major policies for conducting investment activities, including the establishment of risk limits. The board should ensure that management has the requisite skills to manage the risks associated with such activities. To properly discharge its oversight responsibilities, the board should review portfolio activity and risk levels, and require management to demonstrate compliance with approved risk limits. Boards should have an adequate understanding of investment activities. Boards that do not, should obtain professional advice to enhance its understanding of investment activity oversight, so as to enable it to meet its responsibilities under this Statement.
Senior management is responsible for the daily management of an institution's investments. Management should establish and enforce policies and procedures for conducting investment activities. Senior management should have an understanding of the nature and level of various risks involved in the institution's investments and how such risks fit within the institution's overall business strategies. Management should ensure that the risk management process is commensurate with the size, scope, and complexity of the institution's holdings. Management should also ensure that the reponsibilities for managing investment activities are properly segregated to maintain operational integrity. Institutions with significant investment activities should ensure that back-office, settlement, and transaction reconciliation responsibilities are conducted and managed by personnel who are independent of those initiating risk taking positions.
IV. Risk Management Process
An effective risk management process for investment activities includes: (1) policies, procedures, and limits; (2) the identification, measurement, and reporting of risk exposures; and (3) a system of internal controls.
Policies, Procedures, and Limits
Investment policies, procedures, and limits provide the structure to effectively manage investment activities. Policies should be consistent with the organization's broader business strategies, capital adequacy, technical expertise, and risk tolerance. Policies should identify relevant investment objectives, constraints, and guidelines for the acquisition and ongoing management of securities and derivative instruments. Potential investment objectives include: generating earnings, providing liquidity, hedging risk exposures, taking risk positions, modifying and managing risk profiles, managing tax liabilities, and meeting pledging requirements, if applicable. Policies should also identify the risk characteristics of permissible investments and should delineate clear lines of responsibility and authority for investment activities.
An institution's management should understand the risks and cashflow characteristics of its investments. This is particularly important for products that have unusual, leveraged, or highly variable cashflows. An institution should not acquire a material position in an instrument until senior management and all relevant personnel understand and can manage the risks associated with the product.
An institution's investment activities should be fully integrated into any institution-wide risk limits. In so doing, some institutions rely only on the institution-wide limits, while others may apply limits at the investment portfolio, sub-portfolio, or individual instrument level.
The board and senior management should review, at least annually, the appropriateness of its investment strategies, policies, procedures, and limits.
Risk Identification, Measurement and Reporting
Institutions should ensure that they identify and measure the risks associated with individual transactions prior to acquisition and periodically after purchase. This can be done at the institutional, portfolio, or individual instrument level. Prudent management of investment activities entails examination of the risk profile of a particular investment in light of its impact on the risk profile of the institution. To the extent practicable, institutions should measure exposures to each type of risk and these measurements should be aggregated and integrated with similar exposures arising from other business activities to obtain the institution's overall risk profile.
In measuring risks, institutions should conduct their own in-house preacquisition analyses, or to the extent possible, make use of specific third party analyses that are independent of the seller or counterparty. Irrespective of any responsibility, legal or otherwise, assumed by a dealer, counterparty, or financial advisor regarding a transaction, the acquiring institution is ultimately responsible for the appropriate personnel and understanding and managing the risks of the transaction.
Reports to the board of directors and senior management should summarize the risks related to the institution's investment activities and should address compliance with the investment policy's objectives, constraints, and legal requirements, including any exceptions to established policies, procedures, and limits. Reports to management should generally reflect more detail than reports to the board of the institution. Reporting should be frequent enough to provide timely and adequate information to judge the changing nature of the institution's risk profile and to evaluate compliance with stated policy objectives and constraints.
Internal Controls
An institution's internal control structure is critical to the safe and sound functioning of the organization generally and the management of investment activities in particular. A system of internal controls promotes efficient operations, reliable financial and regulatory reporting, and compliance with relevant laws, regulations, and institutional policies. An effective system of internal controls includes enforcing official lines of authority, maintaining appropriate separation of duties, and conducting independent reviews of investment activities.
For institutions with significant investment activities, internal and external audits are integral to the implementation of a risk management process to control risks in investment activities. An institution should conduct periodic independent reviews of its risk management program to ensure its integrity, accuracy, and reasonableness. Items that should be reviewed include:
(1)  Compliance with and the appropriateness of investment policies, procedures, and limits;
(2)  The appropriateness of the institution's risk measurement system given the nature, scope, and complexity of its activities;
(3)  The timeliness, integrity, and usefulness of reports to the board of directors and senior management.
The review should note exceptions to policies, procedures, and limits and suggest corrective actions. The findings of such reviews should be reported to the board and corrective actions taken on a timely basis.
The accounting systems and procedures used for public and regulatory reporting purposes are critically important to the evaluation of an organization's risk profile and the assessment of its financial condtion and capital adequacy. Accordingly, an institution's policies should provide clear guidelines regarding the reporting treatment for all securities and derivatives holdings. This treatment should be consistent with the organization's business objectives, generally accepted accounting principles (GAAP), and regulatory reporting standards.
V. The Risks of Investment Activities
The following discussion identifies particular sound practices for managing the specific risks involved in investment activities. In addition to these sound practices, institutions should follow any specific guidance or requirements from their primary supervisor related to these activities.
Market Risk
Market risk is the risk to an institution's financial condition resulting from adverse changes in the value of its holdings arising from movements in interest rates, foreign exchange rates, equity prices, or commodity prices. An institution's exposure to market risk can be measured by assessing the effect of changing rates and prices on either the earnings or economic value of an individual instrument, a portfolio, or the entire institution. For most institutions, the most significant market risk of investment activities is interest rate risk.
Investment activities may represent a significant component of an institution's overall interest rate risk profile. It is a sound practice for institutions to manage interest rate risk on an institution-wide basis. This sound practice includes monitoring the price sensitivity of the institution's investment portfolio (changes in the investment portfolio's value over different interest rate/yield curve scenarios). Consistent with agency guidance, institutions should specify institution-wide interest rate risk limits that appropriately account for these activities and the strength of the institution's capital position. These limits are generally established for economic value or earnings exposures. Institutions may find it useful to establish price sensitivity limits on their investment portfolio or on individual securities. These sub-instituion limits, if established, should also be consistent with agency guidance.
It is a sound practice for an institution's management to fully understand the market risks associated with investment securities and derivative instruments prior to acquisition and on an ongoing basis. Accordingly, institutions should have appropriate policies to ensure such understanding. In particular, institutions should have policies that specify the types of market risk analyses that should be conducted for various types or classes of instruments, including that conducted prior to their acquisition (pre-purchase analysis) and on an ongoing basis. Policies should also specify any required documentation needed to verify the analysis.
It is expected that the substance and form of such analyses will vary with the type of instrument. Not all investment instruments may need to be subjected to a pre-purchase analysis. Relatively simple or standardized instruments, the risks of which are well known to the institution, would likely require no or significantly less analysis than would more volatile, complex instruments.5
§ 703.90.  Sec 62 FR 32989 (June 18, 1997).
For relatively more complex instruments, less familiar instruments, and potentially volatile instruments, institutions should fully address pre-purchase analyses in their policies. Price sensitivity analysis is an effective way to perform the pre-purchase analysis of individual instruments. For example, a pre-purchase analysis should show the impact of an immediate parallel shift in the yield curve of plus and minus 100, 200, and 300 basis points. Where appropriate, such analysis sould encompass a wider range of scenarios, including non-parallel changes in the yield curve. A comprehensive analysis may also take into account other relevant factors, such as changes in interst rate volatility and changes in credit spreads.
When the incremental effect of an investment position is likely to have a significant effect on the risk profile of the institution, it is a sound practice to analyze the effect of such a position on the overall financial condition of the institution.
Accurately measuring an institution's market risk requires timely information about the current carrying and market values of its investments. Accordingly, institutions should have market risk measurement systems commensurate with the size and nature of these investments. Institutions with significant holdings of highly complex instruments should ensure that they have the means to value their positions. Institutions employing internal models should have adequate procedures to validate the models and to periodically review all elements of the modeling process, including its assumptions and risk measurement techniques. Management relying on third parties for market risk measurement systems and analyses should ensure that they fully understand the assumptions and techniques used.
Institutions should provide reports to their boards on the market risk exposures of their investments on a regular basis. To do so, the institution may report the market risk exposure of the whole institution. Alternatively, reports should contain evaluations that assess trends in aggregate market risk exposure and the performance of portfolios in terms of established objectives and risk constraints. They also should identify compliance with board approved limits and identify any exceptions to established standards. Institutions should have mechanisms to detect and adequately address exceptions to limits and guidelines. Management reports on market risk should appropriately address potential exposures to yield curve changes and other factors pertinent to the institution's holdings.
Credit Risk
Broadly defined, credit risk is the risk that an issuer or counterparty will fail to perform on an obligation to the institution. For many financial institutions, credit risk in the investment portfolio may be low relative to other areas, such as lending. However, this risk, as with any other risk, should be effectively identified, measured, monitored, and controlled.
An institution should not acquire investments or enter into derivative contracts without assessing the creditworthiness of the issuer or counterparty. The credit risk arising from these positions should be incorporated into the overall credit risk profile of the institution as comprehensively as practicable. Institutions are legally required to meet certain quality standards (i.e., investment grade) for security purchases. Many institutions maintain and update ratings reports from one of the major rating services. For non-rated securities, institutions should establish guidelines to ensure that the securities meet legal requirements and that the institution fully understands the risk involved. Institutions should establish limits on individual counterparty exposures. Policies should also provide credit risk and concentration limits. Such limits may define concentrations relating to a single or related issuer or counterparty, a geographical area, or obligations with similar characteristics.
In managing credit risk, institutions should consider settlement and pre-settlement credit risk. These risks are the possibility that a counterparty will fail to honor its obligation at or before the time of settlement. The selection of dealers, investment bankers, and brokers is particularly important in effectively managing these risks. The approval process should include a review of each firm's financial statements and an evaluation of its ability to honor its commitments. An inquiry into the general reputation of the dealer is also appropriate. This includes review of information from state or federal securities regulators and industry self-regulatory organizations such as the National Association of Securities Dealers concerning any formal enforcement actions against the dealer, its affiliates, or associated personnel.
The board of directors is responsible for supervision and oversight of investment portfolio and end-user derivatives activities, including the approval and periodic review of policies that govern relationships with securities dealers.
Sound credit risk management requires that credit limits be developed by personnel who are as independent as practicable of the acquisition function. In authorizing issuer and counterparty credit lines, these personnel should use standards that are consistent with those used for other activities conducted within the institution and with the organization's over-all policies and consolidated exposures.
Liquidity Risk
Liquidity risk is the risk that an institution cannot easily sell, unwind, or offset a particular position at a fair price because of inadequate market depth. In specifying permissible instruments for accomplishing established objectives, institutions should ensure that they take into account the liquidity of the market for those instruments and the effect that such characteristics have on achieving their objectives. The liquidity of certain types of instruments may make them inappropriate for certain objectives. Institutions should ensure that they consider the effects that market risk can have on the liquidity of different types of instruments under various scenarios. Accordingly, institutions should articulate clearly the liquidity characteristics of instruments to be used in accomplishing institutional objectives.
Complex and illiquid instruments can often involve greater risk than actively traded, more liquid securities. Oftentimes, this higher potential risk arising from illiquidity is not captured by standardized financial modeling techniques. Such risk is particularly acute for instruments that are highly leveraged or that are designed to benefit from specific, narrowly defined market shifts. If market prices or rates do not move as expected, the demand for such instruments can evaporate, decreasing the market value of the instrument below the modeled value.
Operational (Transaction) Risk
Operational (transaction) risk is the risk that deficiencies in information systems or internal controls will result in unexpected loss. Sources of operating risk include inadequate procedures, human error, system failure, or fraud. Inaccurately assessing or controlling operating risks is one of the more likely sources of problems facing institutions involved in investment activities.
Effective internal controls are the first line of defense in controlling the operating risks involved in an institution's investment activities. Of particular importance are internal controls that ensure the separation of duties and supervision of persons executing transactions from those responsible for processing contracts, confirming transactions, controlling various clearing accounts, preparing or posting the accounting entries, approving the accounting methodology or entries, and performing revaluations.
Consistent with the operational support of other activities within the financial institution, securities operations should be as independent as practicable from business units. Adequate resources should be devoted, such that systems and capacity are commensurate with the size and complexity of the institution's investment activities. Effective risk management should also include, at least, the following:
•  Valuation. Procedures should ensure independent portfolio pricing. For thinly traded illiquid securities, completely independent pricing may be difficult to obtain. In such cases, operational units may need to use prices provided by the portfolio manager. For unique instruments where the pricing is being provided by a single source (e.g., the dealer providing the instrument), the institution should review and understand the assumptions used to price the instrument.

•  Personnel. The increasingly complex nature of securities available in the marketplace makes it important that operational personnel have strong technical skills. This will enable them to better understand the complex financial structures of some investment instruments.

•  Documentation. Institutions should clearly define documentation requirements for securities transactions, saving and safeguarding important documents, as well as maintaining possession and control of instruments purchased.
An institution's policies should also provide guidelines for conflicts of interest for employees who are directly involved in purchasing and selling securities for the institution from securities dealers. These guidelines should ensure that all directors, officers, and employees act in the best interest of the institution. The board may wish to adopt policies prohibiting these employees from engaging in personal securities transactions with these same securities firms without specific prior board approval. The board may also wish to adopt a policy applicable to directors, officers, and employees restricting or prohibiting the receipt of gifts, gratuities, or travel expenses from approved securities dealer firms and their representatives.
Legal Risk
Legal risk is the risk that contracts are not legally enforceable or documented correctly. Institutions should adequately evaluate the enforceability of its agreements before individual transactions are consummated. Institutions should also ensure that the counter-party has authority to enter into the transaction and that the terms of the agreement are legally enforceable. Institutions should further ascertain that netting agreements are adequately documented, executed properly, and are enforceable in all relevant jurisdictions. Institutions should have knowledge of relevant tax laws and interpretations governing the use of these instruments.



JOB Description:

Supervisory Control - Global Investment Bank

Client is a global investment bank that offers a comprehensive set of strategic advisory, financing and risk management solutions to their corporate and institutional clients.

Job Description

  • Identify and manage supervisory risk within the markets division
  • Monitor, test and enhance existing supervisory platform and controls
  • Advise the business on the application of internal rules, policies and procedures
  • Update and develop supervisory policies and procedures in response to the changing regulatory environment
  • Pro-actively identify gaps and weaknesses and develop corrective action plans
  • Assist in the implementation of new regulatory initiatives
  • Provide general supervisory advice to global markets sales and trading
  • Form strong relationships with key stakeholders across the business

The Successful Applicant

  • High degree of attention to detail and exceptional organizational skills
  • Prior experience within a Supervisory Group, Compliance or other Internal Control functions
  • Good knowledge and understanding of applicable rules and regulations
  • Ability to interact and work closely with senior business partners and key stakeholders
  • Understanding of developing policy, assessing risks and implementing procedures
  • Proven ability to work in a high pressure, fast-paced international environment
  • Ability to think strategically and make key decision that affect how a business operates
R
  • Responsibilities:

    • Advice business areas on firm policies and procedures and applicable securities laws and FINRA regulations
    • Identify regulatory trends and developments that impact business areas, and advise staff as to how this may impact their current activities.
    • Draft, update, and implement relevant policies and procedures.
    • Provide regulatory/compliance training.
    • Assist the business implement and document various supervisory/control mechanisms.
    • Participate in internal investigations, respond to regulatory inquiries, and coordinate internal and external audits and inspections.
    • Interact with federal and state regulators
    • Perform testing and monitoring of compliance with firm policies and conduct risk assessments of the business to ensure effective business control framework
    - See more at: http://www.compliancesearch.com/cgibin/webdata_pro.pl?_cgifunction=form&_layout=new&keyval=jobs.ID=1319572785#sthash.0uo6D0Jf.dpuf
    Responsibilities:

    • Advice business areas on firm policies and procedures and applicable securities laws and FINRA regulations
    • Identify regulatory trends and developments that impact business areas, and advise staff as to how this may impact their current activities.
    • Draft, update, and implement relevant policies and procedures.
    • Provide regulatory/compliance training.
    • Assist the business implement and document various supervisory/control mechanisms.
    • Participate in internal investigations, respond to regulatory inquiries, and coordinate internal and external audits and inspections.
    • Interact with federal and state regulators
    • Perform testing and monitoring of compliance with firm policies and conduct risk assessments of the business to ensure effective business control framework
    - See more at: http://www.compliancesearch.com/cgibin/webdata_pro.pl?_cgifunction=form&_layout=new&keyval=jobs.ID=1319572785#sthash.0uo6D0Jf.dpu
Posted by at No comments:
Subscribe to: Posts (Atom)