Internal governance and the cost of (non) compliance
In mid-2019 the European Commission published a study on the cost of regulatory compliance for a specific set of financial regulations (see below). The objective of the study was to gain an understanding of the scale and nature of the incremental costs of compliance with EU financial legislation and supervisory reporting since 2008.
Removing the one-off costs during the preparation, adoption and implementation phase of the new legislation in scope, the outcome of the analysis, translated to Swedish Supervisory Category 1 (incl. Nordea) and 2 banks, indicates that the ongoing costs for compliance amount to ~ SEK 4 bn annually. A figure which align to FCGs experience. It must however be noted that costs attributed to AML legislation is not included in the report and where there are clear indications that the cost-component for this area is significantly higher (compared to the legislation included in the report), both in terms of one-off costs as well as for ongoing costs. A low-cost assumption (the true cost is likely to be significantly higher) of an additional 150 basis points to the observed cost estimate in the report increase the cost of compliance for the same set of banks to SEK 10,4 bn.
(Source: “Study on the costs of compliance for the financial sector [European Commission]” and FCG estimates)
*The study includes the following bank-related legislation: CRR/CRD IV, MiFID (II) / MiFIR, EMIR, AIFMD, UCITS, MAD/MAR, FICOD, CSDR, SSR, BRRD, MCD, SRM and PRIIPs. On average, the ongoing cost of compliance is estimated to 2,39% (small banks) and 2,91% (large banks) out of total operating costs.
The capacity to ensure compliance is to a large extent dependent on the strategic vision and implementation of the bank-specific governance structures. Failures in this area form the basis for sanctions by regulators but also erodes internal and external trust and reputation. Customer exits and market reputational risk, together with sanction fees and corresponding legal costs all build up an additional cost component not covered in the study. The cost of non-compliance.
In the study Regulatory Sanctions and Reputational Damage in Financial Markets (Journal of Financial and Quantitative Analysis, 2017) the authors estimate that the impact of misconduct announcements in the U.K on the share prices for involved (mis-behaving) parties, are nearly nine times the size of the fines when the misconduct has affected the institutions’ customers or investors.
From FCGs point-of-view, a functional and sound internal governance structure is not about the mapping process between internal documentation and external regulatory requirements. FCG believes that a well-functioning governance system rather enables the institutions to formulate a clear vision and target state on what they want to achieve with its governance. With this vision and objective as a backdrop, strategic alternatives will be available and where each path is combined with a distinct and accessible set of roles, procedures and processes etc. that outlines how the organisation shall conform with the vision. Key components that must be integrated into the design of the governance framework are in our opinion
- Business and Strategy – Assessment of the viability of the business model while also putting in place a clear target state which incorporates the vision and ambition of the institution, all within the realm of the risk tolerance and appetite as decided by the board.
- Organisation and Structure – Ensuring appropriate centralisation and standardisation features where a common group approach is backed by central units supporting local ownership. Accountability and reporting lines are critical aspects here as well.
- Roles and Responsibilities – Setting clear roles with respect to accountability and responsibility, from top management, through committee structures all the way to business operations and independent control functions.
- Internal Rules and Processes – The importance of clear and accessible documentation of the governance framework, its processes, procedures, mandates etc. while at the same time aligning these to the business strategy and target state of the institution.
- Core Values – The institution’s core values are important as features to ringfence the components of the governance structure and serve as a guiding lighthouse for the measures to be taken setting up a sound governance framework.
Successfully managed, the ongoing work with governance will support the institution in building and maintaining trust with its stakeholders while also equipping top management with necessary tools and information for additional or revised strategic decisions.
Furthermore, and in relation to the observations above, an effective and sound governance structure may reduce the cost of compliance by removing overlapping processes, alignment of resources to periodic and recurring compliance related events (e.g. regulatory reporting responsibilities) or increase efficiency and effectiveness in the system by use of technological advancements.Even a successful governance framework may not provide defence for the institutions towards all types of events or elaborate misconduct schemes. But it may provide the opportunity for a constructive dialogue with internal and external stakeholders, including supervisory authorities, in case adverse events occur, thereby acting as a defence for the PnL- and balance sheet statements against the cost of non-compliance.
Contact us if you would like to discuss your specific arrangements!