©2018-2019 by The GRC Institute - Governance, Risk & Compliance.  ABN: 42862119377

The run down for the 23rd annual GRC Conference at the Crown Towers in Melbourne

October 18, 2019

 

 

In the first keynote of the day, Andrea Clarke, author of 'Future Fit'  considered the future of leadership and the future of teams.

 

Four traits for modern leadership: 

 

  • The teacher 

  • the learner

  • the forecaster

  • the athlete

 

These traits are not just for the betterment of the organisation but also the betterment of self.

 

 

 

 

Professional Development 

 

She also highlights the importance of continuous learning. 

 

50 per cent of the freelancers invest in their continuous professional development versus 30 per cent of full-time workers. 

 

 

She challenged everyone in the room to come up with one thing that they intend to learn before the end of the year. 

 

 

Another issue that she focused on reputation capital, this matter because everyone leaves a reputation trail. 

 

Consider the Black Mirror episode where one’s entire life is being rated. In some cases, hiring decisions are being made through an algorithm 

 

 

The four elements to consider when it comes to improving our reputational capital:

 

  • Consider 

  • Create 

  • Amplify 

  • Engage 

 

 

“The future of work is not a digital divide but a motivational divide,” she said.

 

 

 

The reputation of compliance 

 

Iona Cheng a director from Control Risks on controls risks then jumped into the met of what it means to be a compliance professional and elevating the role of compliance. 

 

 

“The demand for compliance professionals now is the highest in history,” she said.

 

 

The problem for compliance professionals is they are not valued enough and don't get enough resources. 

 

“It is how we use the money and resources that we have to make it work more effectively.”

 

 

Regulatory Panel 

 

After morning tea, we had a regulatory panel.

 

The first speaker Elizabeth Parsons head of the Operational Risk at Australian Prudential Regulation Authority (APRA). 

 

She highlighted the importance of effective compliance to help encourage and change behaviours and this why AORA has been making focus on compliance across the major ADIs

 

 

A key concern was around poor compliance practices from previous reviews:

 

  • Unclear accountability 

  • Complexity 

  • Inadequate investment in compliance 

  • Poor data 

 

“This would be looking at the Band-Aid and the technical solutions that are being applied,” she said.

 

 

Next peak in financial services regulation, Sean Hughes from Australian Securities Investments Commission (ASIC). Hughes highlighted the on non-financial risks and they published their report from this perspective 

 

Addressed the extension of the BEAR regime and the joint administration with prudential regulator while avoiding duplication and overwork.

 

He reminded everyone of the Commissioner Hayne's  6 norms of conduct from the report:

 

  • Obey the law

  • Do not mislead or deceive

  • Act fairly

  • Provide services that are fit for purpose

  • Deliver services with reasonable care and skill

  • When acting for another, act in the best interest of that other.

 

He spoke the government focus on meeting the new requirements based on recommendations. 

 

 

He addressed his role at ASIC and how they hope they lead to fairer consumer outcomes:

  • reviewing school, banking programs and transparency of the programs and how they impact students and parents 

  • 'gratuitous concurrence' amongst the indigenous community even if it doesn’t meet their needs, it can be a cultural issue that can be exploited by salespeople 

  • product intervention power for add on insurance for vehicles- proposed for the break in the sales process for four days to mitigate the risk of the firms overloading consumers and so addressing consumer detriment 

 

 

He mentioned the recent report that they released with the Dutch Authority called Disclosure: Why it Shouldn’t be the default and they also launched the report Holes in the Safety Net: A Review of TPD Insurance Claims.

 

 

Next up was the not so new financial complaints body Pamela McAlister from the Australian financial complaints Authority (AFCA).

 

They got 60, 687 in the first ten months which was double what they expected, but have could resolve 73 per cent of them.

 

She said credit cards are by far the product they received the most they have heard about and credit reporting is in the top issues. 

 

 

McAlister did flag some growing areas of concern:

 

  • the growing number of financial difficulty cases

  • ensuring awareness of AFCA

  • member slow to respond to complaints when referred 

  • systemic issues of misconduct 

  • remediation programs 

  • going beyond compliance and in communicating with customers 

 

“Disclosure needs to go beyond compliance,” she emphasised.

 

 

Dr. Nathan Newman Australian Transactions Reports and Analysis Centre (Austrac) addressed the high cost of financial crime and that 70 per cent of the financial crime threats are offshore or have offshore linkages. He highlighted that money laundering on a global level is a $2 trillion business. 

 

He  addressed AML culture and explored ideas around resistance and resilience. He highlighted the importance of having an escalation culture and reminded the industry that they are the first

 

 

 

Australian Competition and Consumer Commission (ACCC) David Salisbury reiterated the role of the competition regulator.

 

He addressed their ongoing regulatory roles in the monopoly industry, but also the industry codes of conduct like the Franchisor's code of conduct. 

 

He highlighted that they were in the process of setting up their enforcement priorities for 2020.

 

Ben Kelly from the Australian Tax Office (ATO) dealt with the concept of ‘positive risk culture’ but he chose to take look inwards at the work being by the tax office. 

 

He stressed that the absence of a positive risk culture could be detrimental and highlighted the importance of having a strong intelligence system. 

 

 

He addressed the importance of 'Reputational' risk and asking the question of what are we trying to achieve.

 

There needs to be longer-term of this since breach is inevitable, so the role that GRC management can play is clear, but it is important to ensure the methods effective and problem-specific. 

  • Safe environment for staff must speak up

  • Speaking up completely and objectively 

  • Intelligence driving insights and decision 

  • Transparency about what, how and why

  • Learning from experience 

 

 

Nathan Lynch from Thomson Reuters and Charlie Moraza from Meaningware were led in a panel discussion GRC Institute MD Naomi Burley. 

 

Lynch highlighted that there was so much misconception around AI and this broad decision making human making decisions.

 

He also highlighted the risk of AI and or the algorithms operating within the echo chamber and  used the example Robo-debt scenario as one example of why compliance and risk to be at an early.

 

 

The use of AI is about making people smarter, not replacing them.

 

 

He also shared a bit recommended reading:

 

And shared a space where employees can up-skill in the AI space https://ai.google/education/

 

And shared that he was reading AI Super Powers: China, Silicone Valley and the New World Order by Kai-Fu Lee

 

Moraza spoke from a developer and practitioner point of view who said that it starts with natural language processing machine learning and then deep learning. And addressed how deep learning to help work with the unstructured data and create something meaningful that good financial institutions.  

 

 

Compliance is usually brought at the end of the discussion but not at the beginning.

 

Moraza highlighted the importance of using verifiable data and explained that, if you want to use deep learning then there needs to be a data governance group with risk and compliance professionals so that you can vet the data. 

 

 

And his recommended reading: Hitchhikers Guide to AI and ethics: https://towardsdatascience.com/ethics-of-ai-a-comprehensive-primer-1bfd039124b0

 

 

Panel Sally Mcdow YourCall, Nicholas Berhardt Informed365, and Julian Hunn from Flight Centre looked at the shift between whistleblowing, human trafficking and the importance of having a clear view of your supply chain.

 

Hunn highlighted that that many issues that have existed in the Australian environment had to do with a lack of consequences.

 

 

Mcdow said that the new whistleblower changes have advanced Australia through to higher positions in terms of how they approach whistleblowers.  

 

 

She indicated that ASIC will be actively checking these programs and their policies in this space.  

 

 

Berhardt spoke to the issue of modern slavery and understanding what is happening with staff and understanding the larger picture.

 

 

Culture 

 

Afternoon comes to an end and we here form Fahmi Hosain from Rhizome Advisory Group Rosalyn Teskey from Deloitte and Pauline Vamos from Broad Financial Services  

 

Hosain talked about the genesis of the Banking Executive Accountability Regime (BEAR) which based on the UK Senior Manager Regime (SMR) because accountability was difficult to ascribe post-GFC. 

 

The focus on the government was around the bear were consequences as opposed to the initial goal of improving governance. 

 

 

Teskey continued further saying that the consultation 29 days long and the big 4 banks took months and this has impacted the implementation but the big 4 banks are maturing into it 

 

Despite the work that has done they still don’t know the impact of the accountability regime in Australia. 

 

In the UK, the SMR has had a profound impact. She added that there has been a big benefit to the CEOs in establishing those lines accountability in their organisations 

 

It needs to be a human lead project it cannot just be a compliance exercise, this an opportunity for the cultural change in your organisation. 

 

There are absolute obligations and then there are reasonable steps to protect your prudential standing, there is equivalent in the UK with the FCA. 

 

 

Vamos spoke from the director's perspective with the BEAR.

 

 “It’s really about how you can show you are managing non-financial particularly conduct culture,” she said.  

 

“I have seen the regulatory implementation for 35 years and the one thing I know when it is owned by compliance and legal is an absolute disaster. This, not your accountability, this is the board accountability and this business accountability,”. 

 

 

 

Please reload

Suggested Posts
Please reload

Tags
Please reload