Organisations across the globe invest heavily in resources to strengthen relationships between the business and employees and create the best outcomes. Know Your Employee (KYE) initiatives centred around the recruitment process can result in high-quality talent acquisition. Background checking, identity verification, certifications, and other aspects are a high priority - and it’s no wonder. After all, the cost of replacing an employee is significant. ELMO & HRMI’s 2022 ANZ benchmark report shows an average of AUD $23,860 and 40 days to make new hires.
However, it is even more critical to invest resources into managing how your firm enables and supports the ethical behaviour of all its people throughout the organisation. Whether it is a Sales Representative or a Director’s behaviour under the microscope, fast analysis of employee activity and the flagging of exceptions can significantly reduce risk for your firm.
Small compliance departments and growing businesses can quickly become overwhelmed by the manual work involved in Know Your Employee (KYE) processes. It is typical for small departments to use spreadsheets or in-house manual systems to track activity and exceptions.
The problem with manual tracking and analysis is that many data points need to be combined to build a complete picture of activity. Some of these data points include personal trades, attestations, personal relationships, Outside Business Activities (OBAs), handling of Material Non-Public Information (MNPI), potential fraud and money laundering. Whether or not you can efficiently analyse and make sense of all that information can mean the difference between ensuring prevention or reacting to events that have already happened. As the saying goes, prevention is better than a cure.
This article explores how proper KYE processes can help safeguard your organisation and its employees against personal, financial, operational, and reputational damage. It also provides detail about the role Regulatory Technology (RegTech) plays in managing and mitigating that risk while improving regulatory compliance. Before diving in though, let us review some key conflicts of interest cases witnessed across the APAC region in 2022.
As Ms Loo Siew Yee, Assistant Managing Director (Policy, Payments & Financial Crime), MAS, details, “As the chief financial officer of a listed company, Mr Tan owed a duty to the company and its shareholders not to divulge price-sensitive information that has not been disclosed to the market at large. His act of conveying such information to his friends to benefit them and himself undermines public confidence in the transparency and integrity of our capital market. MAS will continue to pursue officers of companies who engage in such misconduct, to ensure a level playing field for all market participants.”
The case serves as a vital reminder that serious misconduct can happen at all levels within an organisation. Therefore, compliance teams must employ the communications and trade surveillance measures needed to capably monitor written and verbal communications, where sensitive information is involved, to detect collusion and administer appropriate preventative measures.
In July 2022, unlicensed foreign exchange trader Daniel Farook Ali was extradited from Poland to face the Brisbane Magistrates Court on charges of eight counts of fraud totalling AUD $977,000.
ASIC alleges that Ali dishonestly used funds provided to him by investors for trading and investment purposes. Between May 2016 and November 2017, it is alleged that Ali used funds, including those from self-managed superannuation accounts, for unauthorised purposes, such as buying real estate and luxury cars for his family members and related companies, and paying returns to other investors.
The matter is being prosecuted by the CDPP (Commonwealth Director of Public Prosecutions) following the referral of a brief of evidence from ASIC.
In September 2022, Hong Kong Securities & Futures Commission (SFC) Appeals Tribunal imposed a 2-year suspension on Christopher James Aarons, Hedge Fund Manager at Trafalgar Capital Management, for using material non-public information (MPNI) to gain unfair advantage in share trading activity in Korea.
The SFC’s disciplinary action followed administrative proceedings against Aarons in South Korea. It was found that Aarons had breached Korean legislation by dealing in KRX-listed security company shares while possessing MNPI that would prohibit the dealing. Aarons obtained a block trade of shares in 2016 during a “market sounding call” that preceded the public announcement of the block trade. Even though the securities company name was not mentioned during the call, proceedings determined there was sufficient detail of information enabling Aarons to reasonably assume the company in question.
The SFC found that Aarons’ conduct was unsuitable to continue being licensed as a representative (or to remain an RO) of Trafalgar. Mr Ashley Alder, the SFC’s Chief Executive Officer, explains: “The SFAT’s determination sends an unmistakable message to the market that both sell-side brokers and buy-side participants have obligations to uphold market integrity by maintaining the confidentiality of non-public information on block trades or private placements during the market sounding process. We would not tolerate misuse of such information and individuals who abuse the process warrant severe sanctions.”
The case carries a vital reminder that regardless of explicit detail, communications between sell-side brokers and buy-side participants must be handled ethically and in accordance with regulations.
As Justice Hartmann explained within the SFAT determination, “Put simply, a buy-side participant cannot take advantage of the delay or negligence of a sell-side broker by acting for purposes of gain on what he knows to be material non-public information received. Such conversations embody mutual good faith and adherence to fair conduct. If it was otherwise, the essential integrity of these important dealings would be undermined.”
In April 2022, the Malaysian High Court ruled in favour of the Securities Commission Malaysia (SC), which successfully proved its claim against former Deputy Chairman of Patimas Computers Berhad (Patimas), Raymond Yap, for insider trading.
While in possession of material non-public information (MNPI) relating to audit queries and transactions between Patimas and its debtors, Yap had disposed of 43,823,600 Patimas shares held by Law Siew Ngoh, former Managing Director of Patimas. Consequently, Yap was ordered to pay RM3.28 million, an amount three times the losses avoided by him as a result of the insider trading activity. Additionally, Yap was ordered to pay the SC a civil penalty of RM1 million and barred from being a director of any publicly-listed company for five years, commencing 7 April 2022.
The enforcement of this case highlights the severe personal and financial penalties for misconduct around insider trading, and the increasing scrutiny of employee activity across APAC.
In September 2022, IT services giant Wipro Ltd sacked some 300 employees for Outside Business Activities (OBAs), also commonly referred to as ‘moonlighting’ or a ‘side hustle’. The company took a tough stance against its employees taking up after-work hours, often for competitors within the industry.
Only weeks after Wipro's action against OBAs, Infosys took steps, letting at least a dozen employees go. Infosys CEO Salil Parekh said, “If we have found employees doing work in two different companies, where there are confidentiality issues, we have let them go in the last 12 months.”
There has been a growing concern among IT firms in India and internationally about employees taking up secondary jobs after their regular work hours. Worries about productivity, potential conflicts of interest, and even possible data breaches have led some companies to strengthen their policies and take action.
As Wipro explained in a statement, “Certain employees found to be operating in circumstances that are in direct conflict with Wipro’s interests have been terminated.” After Wipro had taken these drastic measures, chairman Rishad Premji also announced on Twitter, “There is a lot of chatter about people moonlighting in the tech industry. This is cheating - plain and simple.”
Conversely, several tech startups and unicorns have taken a different approach. For example, the moonlighting / OBA policy for food delivery platform Swiggy allows employees to take up any project or activity outside their regular office hours, so long as it does not affect productivity or create a conflict of interest. The company has developed strict guidelines for employees with an approval process in place, enacted when any external project is deemed at risk of conflicts of interest with the duties of its employees.
The move by Swiggy shows that whether or not an organisation is culturally in favour of OBAs taking place, robust policies and proper management of those activities are vital.
See my full article, Outside Business Activity: Putting the Spotlight on Moonlighting, for further detail about this topic.
Outside Business Activity (OBA) is where employees engage in work other than what they produce for their primary employer under contract, aka ‘moonlighting’ or a ‘side hustle’. In the face of COVID-19 uncertainty and job security fears, moonlighting gained a new focus. ING’s Sense of Us 2022 report reveals that 11% of Australians who specifically set financial goals for 2022 listed ‘Starting a side hustle or business’ as their goal. Additionally, the ABS reports the number of multiple job holders reaching a record high of 900K people in the June quarter of 2022, an increase of 4.3 per cent over the previous quarter.
Those looking for additional income security or simply exploring other interests over the last few years have become increasingly attracted to the side hustle. Challenges can arise, however, when moonlighting is undertaken without notifying the primary employer. Without employees communicating their OBAs, organisations have no visibility of increased risk it can present or potential conflicts of interest that may arise. Additionally, employees can stretch themselves beyond capacity, impacting the performance of their primary roles and responsibilities.
Multiple employment activities are nevertheless common. Directors may sit on many boards, for example, and employees may help out in family businesses from time to time. Issues generally arise, however, in cases where employers aren’t aware of OBAs.
To more effectively manage OBAs and reduce risk to your organisation in 2023, ensure you have:
RegTech (Regulatory Technology) is helping small compliance teams manage OBAs more effectively with far less effort and time than manual management.
MCO’s award-winning RegTech suite enables pre-clearance of various OBAs, including directorships, contracts and voluntary positions. Configurable workflows can also be created for each type of Outside Business Activity with multiple approval levels, and escalation of requests based on hierarchy. Additionally, OBAs can be embedded into standard attestation questionnaires to reduce barriers to keeping OBAs updated.
See the MCO Outside Business Activities (OBA) Management brochure for further detail on how a leading-edge RegTech solution can do the heavy lifting for small compliance departments.
The first action towards KYE preventative risk management is the observation and analysis of employee activity. By monitoring dealers’ trading activities, you can more effectively detect patterns that warrant further scrutiny.
Communications surveillance involves the monitoring of dealers’ written and verbal communications to detect collusion (for example, what has been seen globally with benchmark rigging) or the disclosure of confidential information.
Technology solutions such as MyCompliance Office (MCO) Trade Surveillance Software can significantly help your firm, even without large volumes of trading activity, to move away from spreadsheets and manual tracking processes to maintain and monitor internal activity.
MCO automates and standardises insider trading list management with proactive identification of employees presenting potential conflicts based on their roles. Those with temporary MNPI visibility due to specific deals, corporate events, or publication of financial statements and profit warnings are also included. Compliance professionals can build and manage insider lists quickly and efficiently with MCO’s Insider & MNPI Management module.
In 2023, compliance teams will need to focus on implementing robust policies and procedures to identify and collate any gifts received or given by employees to clients or counterparties.
Clarity within those policies and procedures is also essential in driving the proper outcomes. For example, if an employee invites a client to an event, it’s considered entertainment, whereas an employee giving event tickets to a client is a gift.
Your policies and other critical actions taken as part of your processes should include:
MCO's Gift, Entertainment and Hospitality (GEH) is a comprehensive solution for monitoring employee gifts, meals, entertainment, travel and hospitality activities, allowing firms to record and detect risk within declared gifts and entertainment. It will enable your firm’s policies to be embedded with a rules-based approach to identifying potential misconduct and bribery risk.
As one MCO client explains, "The cumulative nature of MCO's reporting and visibility is also incredibly helpful. We can see a profile of employees that includes all conduct, case, and gift-related data over time. Seeing this all on the one employee dashboard gives us a birds-eye view of overall activity."
Download your Gifts, Entertainment, and Hospitality Compliance brochure for more information.
The velocity of change is a pressing concern for compliance officers and departments heading into 2023. There is an increasing expectation for compliance teams to be involved in various areas, act in more of a regulatory capacity, and go beyond compliance with a ‘judgement-based mindset’ to determine whether a course of conduct is the right thing to do.
It’s vital for compliance teams to understand the many forms of compliance risk, including and beyond KYE priorities, while also driving more than ‘tick-box compliance’ to create a culture of ethical behaviour within the organisation.
In addition, dealing with cross-border complexities and changes to regulations across multiple countries can be a formidable task, particularly for growing international firms reaching into new territories.
Our detailed 15-page eBook, Compliance Risk Management Priorities Across Southeast Asia, addresses some of these challenges.
RegTech can help firms deal with a rapid pace of change by streamlining the management of regulatory compliance developments and updates. For example, MCO’s Know Your Risk (KYR) module enables firms to set regulatory priorities, identify policy and procedure gaps, and deliver proof of adherence with metrics and documentation. The Regulatory Change Manager (RCM) also adds a regulation news and horizon scanning tool that makes it incredibly efficient to understand what regulators are communicating and how that might apply to specific business operations.
As the breadth of compliance responsibilities continues to expand in 2023, small compliance teams will need to leverage RegTech solutions that directly address their business needs and empower them to keep pace and do more without additional headcount. These technologies are already helping departments around the globe to monitor and analyse employee behaviours, and make faster judgements on the data to identify risk and take preventative measures.
For more information about a RegTech solution that can be tailored to your organisation’s unique requirements, book a 15–minute discovery session with MCO’s APAC Director, Kelly-Ann McHugh.
"Without MCO, we just wouldn't be able to handle the sheer volume of manual work. The MCO platform has made my job - and my team's jobs - so much more efficient and effective."
- Australian MCO Customer
Learn more about MCO Essentials - Compliance for Small and Growing Firms.