In recent years Governance, Risk and Compliance has played an increasingly important role in the financial services industry.
With a dedicated Governance, Risk and Compliance Department, we can provide assistance on regulatory and compliance issues, authorisation processes, corporate governance obligations, conduct of business rules, fitness & probity obligations and Anti-Money Laundering /Counter Terrorist Financing Obligations.
Central Bank Authorisation Process
Assist firms seeking authorisation from the Central Bank of Ireland or existing regulated entities seeking amendments to their existing authorisations:
- Assist in the preparation and completion of the relevant application form for authorisation by the Central Bank of Ireland.
- Assist in the completion of The Key Facts Document.
- Assist in the preparation of The Programme of Operations.
- Prepare Financial Projections for the first three years of operation, including regulatory capital calculations for the entity in support of the application.
- Produce a suite of policies and procedures relevant to your firm.
- Perform the necessary due diligence for Pre-Approval Controlled Functions (PCF) and Controlled Functions (CF) roles in line with the Fitness and Probity Regulations and provide advice on the completion of Individual Questionnaires (IQs).
Assist with the establishment of a Compliance Function or provide advice in this area, including:
- Prepare the firm’s Regulatory and Compliance Polices & Procedures Manual.
- Prepare a Compliance Risk Assessment.
- Prepare a Compliance Plan and establish a Compliance Monitoring Programme, based on the compliance risk assessment.
- Provide regular compliance reports to the firm’s management team and/or Board of Directors.
- Assist in managing relations with the Central Bank, including Central Inspections.
- Provide guidance in many areas of compliance, in particular: AML/TF, Fitness and Probity, Client Asset Regulations.
Assist in establishing a Risk Management Function or provide advice in this area:
- Prepare the firm’s Risk Management Polices & Procedures Manual.
- Prepare a risk register and assist in determining your firm’s risk appetite and risk tolerance levels.
- Provide regular risk reports to the firm’s management team and/or Board of Directors.
- Provide and independent reviews of the risk function.
- Provide Risk Training to all staff.
Client Assets Regulations
The Client Asset Regulations and Investor Money Regulations provide for a number of important key requirements in the holding of client assets. The protection of client assets is a key priority for the Central Bank of Ireland. The purpose of the client asset regime is to safeguard client assets by ensuring firms adhere to the general principles and requirements in this regard. With an in depth knowledge of the regulations, we can assist firms implement and embed these requirements.
How we can help
- Assisting in developing the Client Asset Management Plan (CAMP), ensuring the client asset risks specific to your firm are adequately captured and documented using a risk matrix and evaluating those risks against relevant controls and other mitigants.
- Prepare the Client Asset Key Information Document (CAKID).
- Conduct an Annual Client Asset Assurance Examination. Under the new regulations an audit firm is required to undertake and annual reviews of the firms’ arrangements to comply with the regulations.
The regulatory reporting function within firms has had to deal with an ever increasing demand for greater amounts of information and on a more regular basis. In fact, the Central Bank of Ireland, has increased supervisory engagement in this area and in the past few years have issued a number of substantial fines to firms who fall below the expectations of the Central Bank.
How we can help
- Prepare Regulatory Reporting Procedures Manual appropriate to the size, nature and complexity of your firm.
- Implement appropriate end to end processes for the preparation and completion of regulatory returns including the filing of returns and the necessary controls and systems around the regulatory reporting process.
- Provide training to staff on the Central Bank On-Line Reporting System.
Adherence by designated persons to The Criminal Justice (Money Laundering and Terrorist Financing) Act 2010, as amended by the Criminal Justice Act 2013, has been and continues to be a high enforcement priority for the Central Bank of Ireland.
With effect from November 15th 2016, Article 30(1) of The European Union Fourth Anti-Money Laundering Directive has been transposed into Irish Law. As a result, most corporate and other legal entities incorporated in a Member State are now required to “obtain and hold adequate, accurate and current information on their beneficial ownership”.
Failure to adhere to the relevant legislation has resulted in very large fines and penalties and massive reputational damage for a large number of institutions in recent years.
“Ulster Bank DAC fined €3.2 million November 2016”
“Western Union Payment Services Ireland fined €1.75 million”
“Bank of Ireland fined €3.15 million for 12 breaches of the CJA 2010”
How we can help
- Advise on your obligations under the relevant AML legislation.
- Provide AML Policies and Procedures relevant to your firm.
- Provide independent AML Audit of the firms AML function.
- Conduct AML Risk Assessments.
- Provide Money Laundering Reporting Officer (MLRO) services.
- Provide AML Training to Directors and Staff on their obligations under the legislation.
On the 25th May 2018 the General Data Protection Regulation (GDPR) entered into force and implements a harmonised data protection regime throughout the EU. The regulation places certain obligations on organisations and demonstrating transparency, accountability and compliance are the governing principles.
How we can help:
- Prepare a Gap Analysis between current practices and those required under the new regulation.
- Ensure Data Protection/Records Management and Retention Policies and Procedures are in line with new regulations.
- Conduct a Data Mapping Exercise.
- Develop Privacy Notices/Disclosures for your organisation.
- Determine if a Data Protection Impact Assessment is required by your firm and provide assistance in implementing.
- Provide support to your appointed Data Protection Officer and ensure their roles and responsibilities fully include the requirements under the GDPR.
- Provide GDPR workshops/training to Board members and staff.