Risk management is a continuous process rather than a linear one. A pragmatic Know Your Obligations (KYO) strategy starts with building an ongoing monitoring approach by deconstructing regulatory obligations and then measuring the performance of related procedures and controls to assure compliance. The final step is to evidence that compliance.
This is a critical part of the process because, as far regulators are concerned, without that supporting documentation, it’s like it didn’t happen.
Small businesses and financial firms have undergone seismic shifts over the last few years. The pandemic forced employers to rethink their positions on remote and hybrid working models, and employees have come to expect greater flexibility. PwC’s survey of over 18,000 workers across Asia-Pacific (APAC) reveals that 66% expect to perform their roles in a hybrid capacity 12 months from now. In contrast, 24% expect fully-remote and only 10% fully in-person.
It’s been just about a year since the Bank of England’s Prudential Regulation Authority (PRA) issued the Dear CEO letter Thematic findings on the reliability of regulatory reporting, serving notice to firms that the agency has seen “a historic lack of focus, prioritisation, and investment in this area.”
It’s not a new problem but the letter has brought it into sharp relief. One year on, where are firms regarding the expectations around regulatory reporting and governance set out in the letter?
