At a recent compliance round-table event in Hong Kong, compliance experts, executives, and chief compliance officers shared their firms’ challenges in keeping pace with regulatory change within the financial sector. They also discussed the increasing demands placed upon compliance teams, emerging opportunities, and the role of technology in more effectively managing regulatory risk and upholding compliance obligations.
This article delves deep into the most prominent topics shaping compliance executives’ priorities in 2023 and beyond.
Automation holds significant benefits for financial institutions. It can transform internal operations, boost productivity, and deliver additional customer value. However, automation can also bring increased risk.
Automated trading systems, or algorithmic trading, allow traders to program rules for trade entries and exits for automatic execution. This type of trading system offers benefits such as increased speed, lower costs incurred, and the removal of emotion from trading. However, as the electronification of trading increases, so does the risk of market manipulation.
Regulatory bodies around the globe make it illegal to manipulate markets through deceptive practices. And while regulators’ rules and definitions may vary between regions, the basic principles remain the same. Conduct that affects market integrity by leveraging unfair advantages, price manipulations, misuse of material non-public information (MNPI), deceptive practices, and the creation of unfair market conditions can all amount to market manipulation.
Market manipulation carries severe penalties, as seen in 2022 when Singapore’s High Court sentenced the two masterminds behind the country’s largest recorded stock market manipulation. The individuals involved were sentenced to 36 years and 20 years in jail, respectively, after their penny stock scam wiped out $7.8 billion in market value. As Loo Siew Yee, Assistant Managing Director, Policy Payments and Financial Crime at MAS described, “The elaborate scheme masterminded by the offenders to manipulate shares listed on SGX led to large losses by investors and harmed public confidence in the integrity of Singapore’s capital markets.” Read more about this case.
In late 2022, former senior executives and traders on a large firm's precious metals desk were convicted of a multi-year market manipulation scheme involving spoofing and attempted price manipulation. As Assistant Director Luis Quesada of the FBI’s Criminal Investigative Division explained in a U.S. Department of Justice press release, “For years the defendants allegedly placed thousands of false orders for precious metals, creating a ruse that lured others into making disadvantageous trades.”
While unethical practices have taken advantage of automated trading systems, automation can also combat market manipulation. For example, Know Your Transactions (KYT) RegTech software automates the monitoring of trade surveillance, market abuse and customer suitability. MCO’s KYT solution employs an intelligent rules engine with customisable alerts and workflows to detect illegal and unethical trading practices, including market manipulation, fraud, money laundering, insider trading, speculation, and unsuitable investments. Learn more about a Trade Surveillance solution to help your firm minimise risk and ensure regulatory compliance.
See our in-depth article:
How to Reduce Insider Trading Risk (and Stay Out of the Headlines).
Crypto and virtual assets have seen increased interest and adoption at both retail and organisational levels in recent years. Regulators around the globe are now catching up to the growing popularity (and associated risks) of virtual assets.
In Hong Kong, regulators refer to digital assets and crypto assets as “virtual assets”, while other jurisdictions may reference the same technology as “digital assets” or “crypto assets”. Virtual assets include:
Headlining developments in the virtual assets space have highlighted the need for proper regulation. As a result, many regulators are now transitioning from a light-touch approach, previously focusing on anti-money laundering (AML) and counter-terrorism, to regulating from an investor protection perspective. Here are some key developments happening now in the Asia-Pacific (APAC) region.
As of 1 June 2023, VATP conducting business in Hong Kong or actively marketing to Hong Kong investors must be licensed by Hong Kong’s SFC (Securities and Futures Commission) - irrespective of whether or not they provide trading services in security tokens. The SFC is taking a future-focused approach to developing and enhancing policies to regulate virtual assets and create a more stable environment for firms and investors dealing with virtual assets in the region.
The Monetary Authority of Singapore (MAS) published new investor protection measures on 3 July 2023, detailing requirements for Digital Payment Token (DTP) service providers to hold customer assets in a statutory trust. The new regulations aim to reduce investor risk and the misuse of customer assets. MAS is also seeking public feedback on the draft legislative amendments to the Payment Services Regulations. See the Consultation Paper on Proposed Amendments to the Payment Services Regulations for more information.
In another move towards implementing global standards on cryptocurrency and fighting against the exploitation of virtual assets by criminals and terrorist financiers, Japan is rolling out tougher AML procedures. The new crypto rules in Japan will require exchange operators to share customer information, aiming to crack down on money laundering.
The Japan Virtual Currency Exchange Association has introduced “travel rules”, as recommended by the Financial Action Task Force (FATF). These rules require an exchange to provide detailed customer information to another exchange when cryptocurrency is transferred. In doing so, a trail of cryptocurrency transactions is established, which will assist enforcement authorities in working against cross-border illegal activities that take advantage of virtual assets.
Cases of cryptocurrency management failure in recent years bring a stark reminder that firms must stay one step ahead of the market’s evolution. As crypto regulation accelerates across the APAC region and the rest of the globe, firms dealing with virtual assets must keep pace.
Proper virtual assets management relies on policies, processes, and technologies, such as regulatory technology (RegTech), to uphold anti-money laundering requirements and avoid conflicts of interest. Learn how MCO’s RegTech platform can help you stay ahead of crypto regulation and maintain compliance with your Crypto Asset Compliance Brochure.
Read more tips about reducing your firm’s risk of conflicts of interest when dealing with virtual assets.
How to Reduce Your Firm’s Risk of Virtual Asset Conflicts of Interest.
While there are almost limitless opportunities for this type of technology to enhance business operations, internal processes, and even customer outcomes for financial institutions, the integration of AI also attracts significant legal and regulatory implications. For example, ChatGPT has the potential to produce biased or discriminatory outputs and generate false or misleading information that could harm consumers. The degree to which customers rely on data from generative AI solutions may also create serious legal complexities.
Firms adopting generative AI systems must implement robust controls and internal restrictions to mitigate compliance risks and carefully manage regulatory requirements. Considerations for firms looking to implement AI solutions include:
AI models used in compliance management should undergo rigorous development, testing, and validation processes. Data used to train the AI model should also consider privacy concerns, such as owners’ consent in using their data and how this applies to AI model development.
Firms should thoroughly assess model performance, fairness, and explainability to mitigate potential biases, identify cases of misinformation, and ensure outputs meet regulatory compliance requirements.
Collection and maintenance of comprehensive audit trails are vital when demonstrating compliance to regulatory bodies. Firms should be able to show the decision-making processes of generative AI systems and provide transparency of the data produced.
Ongoing monitoring of AI outputs is vital in identifying and addressing any anomalies or non-compliant behaviours. Firms should use risk management frameworks and robust internal policies to detect and minimise potential risks arising from the use of AI technology.
While properly-trained generative AI models can benefit financial institutions, human oversight of generative AI systems remains critical. Compliance experts who can interpret AI outputs, validate decisions, and make complex judgments are vital to upholding regulatory compliance.
The volume and variety of eCommunications data points continue to expand as communication occurs across multiple electronic devices and applications. Add to this the numerous emerging eComms applications, such as WhatsApp, and complexities posed by Bring Your Own Device (BYOD) policies, and effective eComms surveillance becomes an increasingly difficult task.
When implementing or reviewing your eComms surveillance processes, pay particular attention to the following areas:
Communications compliance software can help your firm prevent, detect, and measure potentially harmful, unethical, or unlawful messages from being sent.
MCO's eComms Review module is one solution that detects and measures potentially harmful, unethical, or unlawful messages and even helps prevent the sending of those messages. The solution identifies unapproved communication channels, identifies regulatory risk, and prompts employees to change their language as they type words and phrases that trigger compliance policy exceptions.
Learn more about the eComms Review AI-driven communications compliance solution.
A financial institution’s advisers and employees must always act in the best interests of the firm’s clients. It is imperative that they demonstrate knowledge, ethics, and integrity in all dealings to uphold the integrity of financial markets and ensure the best outcomes for customers.
Financial regulators and authorities also specify clear guidelines about the Continuing Professional Development programs (CPD programs) that firms’ employees must undertake. As the CPD requirements enforced by regulators vary across jurisdictions, firms must proactively align their CPD policies with regulatory demands.
It is critical for firms to stay ahead of regulatory changes and ensure they are providing comprehensive training and education to employees regarding policies and processes, ethical obligations, compliance developments, and regulatory enforcement actions.
Additionally, it is important to recognise that compliance issues can arise when compliance teams lack visibility of employees’ continuing education adherence and certifications. Compliance plays a critical role in ensuring that employees are aware of their obligations and, through continuing education, work to reduce their risk of non-compliance, misconduct, or even conflicts of interest.
See 5 ways your firm can overcome compliance issues in CPD programs and uphold compliance obligations in our detailed article.
See our detailed article for 5 ways your firm can overcome compliance issues in CPD programs.
Addressing Compliance Within CPD Requirements .
Successfully navigating the evolving regulatory landscape is no simple task. However, RegTech is taking the hard work out of helping compliance executives stay up-to-date with regulatory requirements and proactively identify and act on potential regulatory risk.
The MyComplianceOffice (MCO) RegTech solution helps firms identify and prevent market manipulation, reduce risk in dealing with virtual assets, monitor eComms and employee activities, uphold CPD requirements, and minimise conflicts of interest.
MyComplianceOffice (MCO) brings the only fully integrated, comprehensive regulatory compliance management platform using a global company and security master dataset to identify conflicts across firm transactions (deals, research, and trades), employees, and third parties.
Learn more about reducing your financial institution’s regulatory risk and upholding compliance with your Integrated Compliance Management Brochure.