Compliance is, in general, the compliance of requirements with appropriate resources.

Transcription

1 is, in general, the compliance of requirements with appropriate resources. Definition / content Objectives Activities In the narrow sense: _ with external specifications KWG, WpHG, GWG, financial embargos, EU regulations,... In a broader sense: _ with external & internal specifications, e.g. including corporate governance, training requirements for employees, compliance with policies,... _ Fulfillment of the protection function against the organization, the capital, the employees, the customers and the community _ Prevention of material damages (punitive payments, losses, etc.) as well as non-material damage (e.g., reputation) _ Proper business organization (according to MaRisk) _ Management of compliance risks as a function of risk management _ Creating a compliance culture _ Analysis of compliance risks / trends _ Definition of standards _ Information, training, consulting _ Monitoring, control, reporting _ Establishment of early warning systems, eg. Whistleblower Hotline _ Etc.

2 with internal and external requirements Regulatory Management Comprises the control of risks and measures, in order to be compliant / compliant with internal and external requirements and regulations Anti-Financial Crime (AFC) WpHG MaRisk Corporate... Anti-Money Laundering Sanctions & Embargoes Anti-Bribery & Corruption Anti- Fraud Protection of customers' interests Protection of the company's assets Protection of the organization and the employees Money laundering and terrorist financing Economic and trade and financial bargaining Corruption Fraud to customers and by customers or employees

3 Focus on the 4C performance offer Management and supervision Supervisory bodies Management Internal control system (ICS) Functions of risk management / components of the risk management process Risk Controlling Corporate Governance Business Continuity Internal Audit Anti-Financial Crime _ Risk management: Regular risk management to assess the overall risk profile _ Risk management: assessment of the risks to capital investments, earnings and liquidity position _ Risk controlling: Monitoring and communication of risks _ Ensure a proper business organization and its further development _ with legal requirements within the scope of corporate management, control and control (stakeholder interests) _ Emergency concept: guarantee for emergency emergencies in time-critical activities and processes to reduce possible damage _ IT Security: Fulfilling the requirements for IT and communication technology _ Risk-oriented & processindependent assessment of the effectiveness and appropriateness of risk management in general, the internal control system and the regularity of all activities and processes _ WpHG : Protection of customer interests _ MaRisk : Protection of the Institute's assets _ Corporate : Protection of the organization and the employees of the institute _ Anti-Money Laundering _ Sanctions & Embargoes _ Anti-Fraud _ Anti-Bribery & Corruption

4 Special focus in the area of compliance excerpt: WpHG / MaRisk and Corporate Risk Management Arrangements, procedures and principles Consulting and training Monitoring and control Reporting _ risks _ Corporate Risk Profile _ Risk-based identification of (essential legal) regulations and specifications _ Risk-based monitoring plans _ reputational risks/ function group risks _ Effectiveness & appropriateness _ Conflict of interest management _ Areas of confidentiality _ Restricted & Watchlist _ Business Continuity Management _ Quality improvement _ Fitness _ Recording / retention obligations _ Best Execution _ Director's Dealings _ Outside Business Interests _ Donations _ culture _ Products, markets, processes _ 1st level controls _ training _ Training and qualification activities of the business units _ Product Information / Advertising _ Basic Creation / Update _ Work instructions _ Reliability / Expertise _ Proportionality _ On-site inspections _ Process tests _ with confidentiality areas _ Price Sensitive Information _ Employee definition / obligation and monitoring employee transactions _ Customer complaints _ with trade restrictions _ Front / parallel running _ Churning _ Market manipulation _ Suspected case display _ Monthly / quarterly / annual report _ Ad-hoc reporting _ Monitoring reports _ Risk reports _ Notification / notification requirements _ Storage requirements / documentation

5 REGULATORY ROADMAP JULY 2017 Significant milestones in the legislative / implementation process of proposed and already adopted regulations in the fields of anti-financial crime and compliance Anti-Financial Crime Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 5. EU Money Laundering Directive Benchmark Regulation PRIIP Regulation MiFID II MiFIR PSD II EU Shareholders' Rights Directive EU Prospectus Regulation Regulation on remuneration schemes Investment Services Examination Regulation WpHG Leaders Reports Regulation Suggestion / draft Adoption Come into effect Application / Conversion period proposed adopted *planned

6 REGULATORY ROADMAP JULY 2017 Significant milestones in the legislative / implementation process of proposed and already adopted regulations in the areas of risk management, tax and other Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Risk Management AnaCredit Interest rate risk in the investment book (IRRBB) EU securitization regulation European Deposit Guarantee Scheme (EDIS) 5. MaRisk-Novelle Settlement Guideline (BRRD) Capital Requirements Directive V (CRD V) Capital Requirements Regulation II (CRR II) Banking requirements for IT (BAIT) Tax OECD Common Reporting Standard EU Office for Emergency Aid (amendment 2016/2258) Others EU Data Protection Regulation Suggestion / draft Adoption Come into effect Application / Conversion period proposed adopted *planned