Finnish regulator challenges compliance oversight and effectiveness
The FIN-FSA has sent a supervisory letter (download below) outlining its findings of its thematic review regarding the organisation of the compliance functions of 96 supervised entities. The review has identified a number of shortcomings including:
- Inadequate oversight by the board of directors. The board must on an annual basis confirm that the compliance policy is up-to-date and the compliance function effectively organised focused on relevant regulatory risks
- 22% of firms reviewed had failed to appoint a permanent compliance officer. In some cases, the compliance function had other supervisory tasks regardless of potential conflicts of interest. The regulator was particularly concerned where the compliance function was also performing the role of internal audit
- The thematic evaluation was unable to ascertain the sufficiency of staff resources
- No risk assessment related to regulatory non-compliance had been conducted, or the risk assessment had not been updated. The review found that nearly 50% of the firms had not prepared any risk assessment at all since 2014; in some cases, the firm had no process for conducting the risk assessment
- A concern was identified regarding the outsourcing arrangements of supervised entities that had outsourced the compliance function to another company in the same group. In 70% of cases shortcomings were identified in the outsourcing arrangements
The regulator has tasked the boards of directors to consider these matters and provide minutes of the board meeting, detailing conclusions and actions, by 15th December 2017.
The TORI team have considerable experience of working with boards of directors to assess overall governance arrangements, the effectiveness of the three lines of defence, conducting risk assessments, reviewing the adequacy of compliance functions and compliance monitoring. We can work with you by putting in place a remediation plan, providing subject matter expertise or by providing interim resource.
Download supervisory letter below.