Regulatory Compliance & Risk
Financial services companies face tightening regulations that nowadays affect their entire value chain. In addition, the complexity encountered in regulatory change projects rises with each new bill or directive. Synpulse successfully guides clients from assessing the impact, designing effective solutions through to implementation to ensure effective compliance and robust control structures.
«Banks are facing unprecedented complexity in their regulatory and risk environments as a wave of regulatory changes in the industry has come with an increasing speed and impact since the financial crisis in 2008. Our interdisciplinary teams support our clients in assessing the impact of new and existing regulatory requirements, analyzing their current state of compliance and designing and implementing holistic and sustainable solutions.»
Financial Market Regulation and Client Protection (MiFID II and FIDLEG/FFSA)
Implementation of MiFID II and FIDLEG/FFSA and other provisions on financial market regulation and client protection in connection with financial transactions will bring renewed major changes to service provision and significantly influence compliance organization and the corresponding processes and controls.
In the wake of the financial crisis, a European initiative led to the creation of various new regulatory requirements. One of the objectives was to counteract the negative trends as well as any systemic failings within the financial industry. MiFID II is designed to modernize market structures and harmonize financial market regulation within the EU, but it also sets out to increase market transparency and in particular improve investor protection.
Careful and correct implementation of MiFID II or corresponding localized regulations is essential for Swiss and foreign banks if they are to secure their access to markets in Europe in the future.
Nevertheless, internalizing the new provisions can only take place in the context of other regulations and no longer as an isolated initiative, an undertaking that brings with it some complex challenges.
The requirements relating to client protection and the sale of financial services must be prepared and introduced in coordination with other regulations, such as those on money laundering, client identification or requirements in connection with FATCA or the automatic exchange of information (AEI).
Another of the aims of MiFID II, however, is to stabilize the infrastructures and indeed the financial markets themselves, in the process transferring off-exchange trading to what are known as Regulated Markets (trading venue requirement). The planned increase in trading transparency (pre and post trade) and additional reporting requirements are likewise intended to play a role and, as already mentioned, must be coordinated with regulations with a similar purpose such as EMIR (EU) and FinFraG/FMIA (CH).
Depending on the direction and orientation of a bank’s business model, MiFID II and the related regulations have different but by no means insubstantial effects on the operative business and hence the medium and long-term success of the bank.
Careful consideration and planning of tactical and strategic measures to internalize the new regulations help you to achieve manageable and efficient implementation. We are here to assist you, both in evaluating your options and in planning, development and implementation of your regulatory change project.
Client Identification (Client ID & Know Your Client) & Anti Money Laundering
The demands on financial services providers in relation to client identification are becoming increasingly complex. In some cases, there are even concurrent international and local rules and regulations to observe. Responding accurately to all the regulatory requirements in conventional and new, digital account opening and management processes presents financial services providers worldwide with some major challenges.
A quite considerable number of regulations on client identification and anti money laundering have to be considered when opening an account, but they also apply for the duration of service provision. They include, for instance, obtaining client master data, identifying the beneficial owners, and more recently also tax-related questions that have been introduced in connection with FATCA and the new rules on tax transparency.
Without technical support, it is virtually impossible for customer advisors to obtain and check the accuracy and completeness of all the necessary information before the documents enter the formality control process. Financial services providers must therefore constantly revise their account opening and management procedures to avoid making multiple requests for information from clients while still ensuring that the data they obtain is consistent.
Particularly challenging aspects of developing new, digitalized account opening and account management procedures are logic and completeness, since there is no customer advisor on hand to explain details and context and guide the client, if need be indirectly, to the desired outcome.
The new requirements on establishing tax residency in connection with the automatic exchange of information (AEI) have added a new degree of complexity. In the past, most processes were able to focus on the client or the contractual partners; now, however, additional information must be obtained, and if necessary officially reported, on the beneficial owners and the so-called «control persons». This extension of the group of individuals creates some major challenges for many financial services providers.
Many regulatory change projects have a direct effect on the principles and processes in connection with client identification (Client ID, KYC), anti money laundering (AML), and determining tax residency. Synpulse assists its clients with broad interdisciplinary knowledge and extensive front-to-back experience in projects of this nature.
General Data Protection Regulation
The new European Data Protection Regulation (EU GDPR) intends to strengthen rights of individuals with regard to their personal data vis-à-vis companies. For Swiss and other non-EU financial institutions, one of the important rules is the extension of the territorial scope, which newly includes companies that process data of individuals in the EU when offering goods and services in the EU (e.g., Swiss financial institutions serving EU resident clients).
The potential risks of non-compliance are severe:
- penalty of up to 4% of the global turnover or EUR 20 million
- litigation risk
- reputational risk
EU GDPR extends existing data protection rights such as the right of information, consent, access, rectification, or erasure and introduces new requirements such as the right to data portability and new organizational requirements regarding the data protection officer, reporting of data breaches, and data protection impact assessments. A prerequisite to comply with EU GDPR is a thorough understanding and control of the bank’s data flow and processing activities. EU GDPR impacts all areas of the bank – for example:
- The executive board having an overall responsibility for the bank’s compliance with EU GDPR
- Business where prospect and client data is collected and processed
- HR dealing with applicant and employee data
- Vendor or supply management managing relationships with service providers and their staff
- IT responsible for organizational and technical measures to protect data processed electronically
- Legal in charge to amend contractual agreements and general terms and conditions and to be involved for legality assessments and more complex data subjects’ requests
- Compliance responsible to extend existing control frameworks to consider extended data protection controls
The potential challenges of GDPR are wide-ranging and the consequences of non-compliance are severe. Depending on the maturity of a bank’s governance and control framework and state-of-the-art of its system landscape, a bank might face significant difficulties to take the right organizational and technical steps and maintain a comprehensive and resilient data protection framework to comply with EU GDPR.
With our experience from helping several financial institutions in implementing EU GDPR and our long-standing track-record in managing regulatory change and advising on compliance topics, Synpulse is the right partner to advise you on GDPR questions – be it a GDPR health check (based on our GDPR Checklist) or a clean-up of remaining implementation topics.
Take the next step towards GDPR compliance and contact us!
Banks and insurance companies are subject to constant organizational and technological change. Precisely where major restructuring or launch projects are concerned, professional training is key to success. In «Training Solutions», Synpulse has developed a methodology for mastering these challenges with modern and effective training solutions.
If you are facing the challenge of implementing a major change project in your organization, Synpulse is the ideal partner for your internal communication and training. «Training Solutions» is the methodology we have developed to prepare your organization well in advance for change.
Our first step is to explore with you your communication and training needs. Then we jointly decide on the most suitable training resources. Whenever possible, we use modern tools such as e-learning, webinars and e-classrooms. This gives you maximum effectiveness at minimal cost.
Precisely where international projects are concerned, it is essential that training can take place independent of time and place and that assessment is automated. Traditional training methods often break the agreed budget with the cost of travel alone, which frequentlyoften makes this option unviable.
We employ «Training Solutions» continually and successfully in projects and optimize it on an ongoing basis. Its pragmatic approach and the mix of training resources in particular mean that our clients can tailor the training process to their needs. It also means that we can make adjustments as and when they are required. Our customers additionally benefit from experienced Synpulse project team members, whose expert knowledge and skills from an insurance and banking background make them highly effective in putting together training packages.
«Training Solutions» is an ideal way of meeting a large-scale need for training. Our clients benefit from our many years of expertise. We help you to achieve maximum effectiveness from your training at minimal cost and working with modern tools and resources.