Upload
haduong
View
222
Download
9
Embed Size (px)
Citation preview
The Added Value of IBS Compliant Solutions
April 11, 2017
Carl Bahneman, IBS Product Line Manager
Karla Booe, Deputy Chief Compliance Officer
Peter Dugas, Managing Director, Center of Regulatory
Intelligence
The Added Value of IBS Compliant Solutions
2
• Introductions
• The Regulatory Landscape
– Now
– Future
• The FIS Corporate Compliance Process
• Recent IBS Compliance Projects
• Other Resources
– IBS
Delivers timely, unique, practical analysis and actionable intelligence
FIS Center of Regulatory Intelligence
4
• Located in Washington D.C.
• Provides the latest intelligence, thought leadership,
and cutting-edge insight into risk, information
security, and compliance issues.
– Single source of comprehensive research and analysis on
political, economic, legislative and regulatory actions.
– Enables management to quickly detect and respond to
regulatory, political, and market changes.
1101 Pennsylvania Ave.
Washington, D.C.
fisglobal.com/Insights/RISC
Advanced Regulatory Intelligence
White Paper
Legislation Rulemaking
5
Speeches
Op-Eds
Enforcement Actions
Appropriations
Congressional Floor Statements
Congressional
Reports
State Legislation
Testimonies
News
Litigation
Lobbying, LDAs,
PACs
Speeches
Law Firms
Hearings
CRS
Reports
Amendments
Lobbying
Firms
Guidance/FAQs/Exam Manuals
Exams
HotlineNational
Committees
Courts
Legislative
History
Cost-Benefit Analysis
Staff Analysis
Public Comments
Foreign Laws
GAO
Reports
5
Nominees
President Trump Nominees
7
• Department of the Treasury – Steve Mnuchin*
• Department of Justice – Jeff Sessions*
• Department of Commerce – Wilbur Ross*
• Department of Housing & Urban Development – Ben Carson*
• Department of Homeland Security – John F. Kelly*
• S.E.C. – Jay Clayton
• National Economic Council – Gary Cohn
• O.M.B. – Mick Mulvaney*
• *Confirmed
Executive Order: Core Principles for Regulating the U.S. Financial System
8
Core
Principles
Empower Americans to make independent financial decisions
and informed choices in the market place, save for
retirement, and build individual wealth
Prevent taxpayer-funded bailouts
Foster economic growth and vibrant financial markets
through more rigorous regulatory impact analysis that
addresses systemic risk and market failures, such as moral
hazard and information asymmetry
Enable American companies to be competitive with foreign
firms in domestic and foreign markets
Advance American interests in financial regulatory
negotiations and meetings
Make regulation efficient, effective, and appropriately tailored
Restore public accountability within Federal financial
regulatory agencies and rationalize the Federal regulatory
frameworks
Dodd-Frank Act Relief
9
• Sec. 1
Provide for election to be a strongly
capitalized, well managed financial
institution.
• Sec. 2
End “Too Big to Fail” and Bank Bailouts.
• Sec. 3
Empower Americans to achieve financial
independence by fundamentally reforming
the CFPB and protecting investors.
• Sec. 4
Demand accountability from financial
regulators and devolve power away from
Washington.
• Sec. 5
Demand accountability from Wall Street
through enhanced penalties for fraud and
deception.
• Sec. 6
Unleash opportunities for small
businesses, innovators, and job creators
by facilitating capital formation.
• Sec. 7
Provide regulatory relief for Main Street
and community financial institutions.
House Committee on Financial Services
Congressional Review Act (CRA)
10
6-13-2016Final Rules Within 60-
Legislative-Day Window
1-3-2017115th Congress
Convened
5-17-2017Approximate
Congressional
Review Deadline for
2016 Midnight Rules
1-30-2017Start of 60-day
Congressional
Review Period
Timeline for Congressional Action
Midnight RuleA rule that is passed within the
last 60 legislative days of a
session of Congress during the
final year of a president’s term
Compliance Staffing
12
• Fulfilling our mission requires that we foster a culture of high ethical and moral
standards by establishing effective governance and oversight, policies and
procedures, risk assessment, testing, training and reporting.
• We accomplish this through a staff of over 50 full-time Compliance associates
located across the globe.
• The Chief Compliance and Customer Advocacy Officer leads nine distinct
functional areas with a leadership team that averages over 15 years of
compliance experience.
Certifications/Degrees on the Compliance team include:• Certified Anti-Money Laundering Specialist (ACAMS)
• Certified Information Privacy Manager (CIPM)
• Certified Regulatory Compliance Manager (CRCM)
• Certified Information Privacy Professional (CIPP)
• Master of Business Administration (MBA)
• Juris Doctorate (JD)
Chief Risk
Office
Chief
Compliance
Office
Risk
Committee
Audit
Committee
Enterprise
Program
International,
Institutional &
Wholesale
Enterprise
Product
Compliance
Consumer
Model Risk
Management
BSA/AML
Anti-Bribery,
Corruption, Fraud
Privacy Office
Export &
Sanctions
Compliance
Compliance Organization – By Functional Area
13
Corporate Compliance Program
Governed by the
Executive Risk
Management Committee
and Board of Directors
The Corporate
Compliance Playbook
serves as the program’s
foundation
Reinforced by key
program pillars
Po
licy &
Pro
ce
dure
s
Ris
k A
sse
ssm
en
ts
Re
gu
latio
n M
an
ag
em
en
t
Mo
nito
rin
g
Te
stin
g
Tra
inin
g
Rep
ort
ing
Compliance Governance
& Oversight
Compliance Program Framework
14
Experience | | Expertise
Compliance Policies
16
Corporate Compliance owns and governs compliance for the following policies and
standards:
Policies & Standards
•Code of Business Conduct and Ethics
•Anti-Bribery and Anti-Corruption
•Anti-Money Laundering
•Fair Credit Reporting Act (FCRA)
•Unfair, Deceptive, or Abusive Acts or Practices (UDAAP)
•Fair Debt Collection Practices (FDCPA)
•Identity Theft Red Flags
•Export Control and Economic Sanctions Compliance Policy
•Country Risk
• The Corporate Compliance group performs compliance risk assessments for
all FIS products.
High risk products - assessed annually
Moderate risk products - assessed every other year
Low to no risk products - assessed every three years
• As new features or functionalities are added to a product a review will occur to
determine if the frequency needs to change.
• The risk assessment process includes an evaluation of the controls in place
measured against the inherent risk of the product or service, as depicted in the
chart below:
Control Environment
Strong SatisfactoryNeeds
ImprovementWeak
Inherent
Risk
High Low Moderate High High
Moderate Low Low Moderate High
Low Low Low Moderate Moderate
Risk Assessments
17
Federal Agencies
Federal Banking Agencies (FBA)
– Federal Reserve Board (FRB)
– Office of the Comptroller of the Currency (OCC)
– Consumer Financial Protection Bureau (CFPB)
– National Credit Union Administration (NCUA)
– Federal Deposit Insurance Corporation (FDIC)
International
• Financial Conduct Authority
• Monetary Authority of Singapore
Federal Trade Commission (FTC)
Internal Revenue Service (IRS)
Office of Foreign Asset Control (OFAC)
Financial Industry Regulatory Authority (FINRA)
Regulation Management - Inventory
18
Compliance monitors United States and international agencies on a daily basis and
maintains an enterprise-wide regulation inventory for our products and services. Examples
include:
Regulatory
Change Inputs
Logging &
Tracking
Tool
Impact
Analysis
Regulation Management – Change Control
19
LOB
Assessment
Control
Plans &
Monitoring
Regulatory implementation plans and change control follow a repeatable process
enhanced by a integrated, multi-disciplinary compliance management system.
Monthly
newsletterE-mail
distribution
list
Project
Meetings
&
User Group
Forums
Monthly
status group
Audit
support
Monitoring
20
Regulatory updates, risk assessments, and control plans are continuously
monitored and evaluated to ensure accountability and compliance. Effective
communication is achieved by engaging key stakeholders through a variety of
channels and tools.
Compliance Testing
21
Pre-Planning(No Impact to LOB)
Planning
Fieldwork (Testing)
Wrap Up & Reporting
•Project Scope
•Identify high risk regulatory requirements
•Identify Compliance Stakeholders
•Draft test scripts
•Conduct “walk-through” with Compliance Stakeholders
•Verify self-reported items
•Completion of Archer test scripts
•Control testing
•Conduct weekly meetings
•Evidence review and analysis
•Results communicated to business
•Issue remediation
•State of Compliance report
• The Enterprise Compliance Training program
outlines the required curriculum to educate
resources on compliance requirements that affect
FIS products and services.
• The program addresses resources not only in the
development organization, but also in support and
quality assurance, including specialty products and
services.
• In addition the program introduces new employees
to the regulatory requirements of the product they
will support, refresher training to keep employees
‘regulatory aware’.
• The program also outlines the training requirements
for Corporate Compliance so that members of the
compliance team maintain the required knowledge
of current laws and regulations.
New Employee Training
Refresher Training
Supplement Training
Job-Specific Training
Specialty Products & Services
Enterprise-Wide Training
Training Types
Compliance Training
22
All Enterprise Training is tracked as a KRI. Failure to complete the training
will result in either or all of the following: ineligibility for a raise, impact to
incentive or termination.
Additionally, the Chief Compliance and Customer Advocacy Officer
provides annual compliance training for the Audit Committee to the Board
of Directors.
Compliance Training (continued)
23
• Employees assigned to the regulatory teams receive additional training on an
ongoing basis as new or amended regulations are issued by the regulatory
agencies.
• Corporate Compliance monitors for training offerings and alerts the Lines of
Business of the availability of these opportunities.
• Annual mandatory training for all employees includes:
o Regulatory Compliance (including AML)
o Anti-Bribery/Corruption/Retaliation
o Privacy
o Code of Business Conduct and Ethics
Compliance Reporting
24
Corporate Compliance reports to senior management, the Executive Risk
Management Committee, and the Audit Committee to the Board of Directors at
least quarterly to provide the state of compliance as it pertains to:
Compliance issues, root cause, and remediation
Risk assessment and testing results
State of privacy processes
Anti-Bribery, Corruption, and Country Risk
Conflicts of Interest
Gifts and Entertainment
Making IBS Compliant
26
• Including Corporate Compliance throughout the project
• A Development team filled with Subject Matter Experts
• A solid repeatable Software Development Life Cycle process
• Compliance projects that drive automation and efficiency
• Flexible compliance solutions to support clients needs
• Clients willing to assist and be engaged
• Value add, not just the minimum
Metro 2 Credit Bureau Reporting
• Regulation
– FACT Act
The FACT Act, which stands for Fair and Accurate Credit Transactions Act, was signed into law in 2003
Regulation requires accurate credit reporting if the bank chooses to report
Data submission to major credit reporting agencies managed through the CDIA and reported in the Metro 2 format
• Overview of changes
– Full review of Metro 2 Guidelines to support preferred approach
– Support for full payment history profile
– Updated calculation of key fields
– More robust support for bankruptcy reporting
– New Credit Bureau reporting page in IBS Insight with separate entitlement
– Additional defaults and automation for closed/paid loan processing
– More robust reporting through the R7209 and BIC data
27
Metro 2 Credit Bureau Reporting
• Value Add
– Greater accuracy of reporting
– Reduced reliance on E-Oscar tool
– Great automation
– Increased flexibility
– Full data to answer client and auditor questions more easily
– Automated stopping reporting on paid loans
28
CFPB Mortgage Servicing Periodic Statement Changes
29
• Regulation
– One of the initial areas of focus of the Consumer Financial Protection Bureau, consisted of a number of changes to existing regulations intended to inform and protect consumers as it related to mortgage servicing. The largest area of impact consisted enhancement to the loan system periodic statement.
• Overview of Changes
– Redesign of R6090 to address the required changes in content and layout
Additional late fee and misc. fee information
Additional unapplied funds detail
Running totals on funds paid during the year broken out by the various payment components
Additional transaction detail
Enhanced delinquency information including current status and breakdown of all outstanding amounts past due
• Value Add
– New statement can be used for CFPB and not CFPB banks
– Ability to mask account numbers related to autopayments and ACH
– Flexibility to allow banks to customize messages
– Reduce postage by including delinquency info along with the statement
Flood Zone Tracking
• Regulation
– The National Flood Insurance Program is responsible for communicating the requirements that FEMA expects as it
related to tracking and monitoring properties and loans that reside within a flood zone. These enhancements were not
a response to any specific regulatory change but instead an opportunity to enhance support for these requirements
based on Compliance User Group feedback.
• Overview of changes
– Designed a new IBS Insight page that mirrored the FEMA Flood Determination form
– Ability to support tracking of multiple properties
– Enhanced to link each form to a multiple collateral and/or escrow record
– New data added to BIC
• Value Add
– The entire project was a value add to help banks track and monitor those loans that were in a flood zone in the system
of record
30
Loan Modifications
• Regulation
– Home Affordable Modification Program
In 2009, in response to the sub-prime mortgage crisis, the Home Affordable Modification Program (HAMP) was designed to
help financially struggling homeowners avoid foreclosure by modifying loans to a level that was affordable for borrowers and
sustainable over the long term. This was done by interest rate reduction, fixing the interest rate, principal reduction or
forbearance, and term extension. The program provides clear and consistent loan modification guidelines and includes
incentives for borrowers, servicers and investors.
• Overview of changes
– Created a new IBS Loan Modification page in IBS insight to track and monitor the necessary data related to the
modification
– Created 4 new BIC reports to support the investor (FHLMC and FNMA) requirements
• Value Add
– Can be used to track any type of modification, extension or renewal
– Stores historical information if multiple different modifications have taken place
31
Same Day ACH
• Regulation
– NACHA Same Day Rule Change was approved with implementation to occur in three phases:
Phase 1 (credits) effective - 9/23/16
Phase 2 (debits) effective - 9/15/17
Phase 3 (timing) effective - 3/16/18
– All banks are required to accept and post Same Day payments. However, originating Same Day transactions is not
mandatory.
• Overview of Changes
– A cross application team of Product Managers met to define implications to all IBS products. A whitepaper was
created ‘IBS Response to Same Day ACH’ and posted on the client portal.
– Many changes were implemented across FIS and IBS to support Phase 1 and other changes are underway for Phase
2
32
Same Day ACH
• Value Add
– Capitalizing on the Same Day Returns Window (planned for 4Q)
With the NACHA Same Day Rule Change, a new FED window will be available for returns.
IBS banks will want to return ACH debits quicker using this new returns window to compete effectively with the large banks
that are moving in this direction. The sooner these debits are returned, the sooner your bank will receive credit for them.
This project will create a new End of Day Function in IBS Exceptions Processing that will enable banks to submit an end of
day for all ACH items that are set to be returned by a specific cut off time to be determined.
Once this end of day is submitted, the ACH returns will be sent to ACH so that they can settle at the other banks that day.
These transactions will be considered blocked in IBS Exceptions Processing and will no longer be able to be changed. Any
ACH transaction not returned in this early window will still be able to be decisioned in IBS Exceptions Processing.
After final end of day there may be additional ACH items returned.
33
Currency Transaction Reporting
34
• Regulation
– Comply with the ‘spirit’ of FinCEN regulations about reporting large currency transactions IF a bank has ‘knowledge of’
cash activity on accounts with common ownership, but unique TINs.
• Overview of Changes
– Created an ‘optional’ aggregation method
– Clients establish one ‘parent’ with multiple ‘child’ TIN relationships
– CTR analyzes ALL cash activity for ALL related TINs each business day
– Client option to create a report or an actual CTR
• Value Add
– Increased efficiency by eliminating an almost impossible/time-consuming manual activity
– Increased efficiency by generating a CTR automatically for bank review/approval
– Demonstrates compliance with the ‘spirit’ of FinCEN regulations to examiners
Other Resources
• Forums to Discuss Compliance
– Regional user groups
– Study/Focus groups
– Quarterly Compliance User Group
• Additional IBS Compliance Resources
– Roadmaps
– Client Portal
– Compliance Position Papers
– The Support Center
– Bulletins
35
Thank YouCarl Bahneman, [email protected]
Karla Booe, [email protected]
Peter Dugas, [email protected]