Richard Steinberg 270004HRBG email@example.com | | Tags:  compliance openpages ocie sec | 0 Comments | 3,218 Visits
The head of the SEC's Office of Compliance Inspections and Examinations, Carlo di Florio, recently spoke about what his 900 professionals look for in conducting examinations of a wide range of financial institutions – noting the OCIE is breaking new ground. In carrying out its mission to improve compliance, prevent fraud, monitor risk, and inform policy, di Florio's office is expanding its focus to include boards of directors. In considering a firm's compliance culture, the OCIE is entering into direct discussions with boards of directors, to get a sense of the board's as well as senior management's attention to and focus on regulatory compliance issues. di Florio didn't name names, but media reports say such discussions already have taken place with the likes of Goldman, Morgan Stanley, Barclays and Wells Fargo. He did say that the new focus is due in part to the fact that a firm's compliance culture is an "elusive concept and a real challenge," having a huge impact on the extent to which a firm engages in ethical conduct, also noting the need to integrate compliance within risk governance processes.
If you've encountered Carlo di Florio, you may have observed a soft spoken, gentle demeanor and charming personality. But that shouldn't be misinterpreted for anything less than a hard-nosed and rigorous approach on the part of him and his staff. Having worked with him in our “past life,” I can assure you that he is not only thoughtful and creative in approach, he can be relentless in pursuing objectives.
OCIE's approach is multifold, focusing first on review of a firm's polices and related procedures, including policy management and flexibility in dealing with evolving conditions. There's focus on effectiveness of communication and training, and on such matters as how a firm assigns responsibility and handles accountability. Also in its sights are monitoring and testing processes, protocols for communicating issues upstream, and internal whistleblower processes. di Florio notes that the better the internal processes, the less OCIE will need to do. Highlighting its insightfulness, OCIE looks at such critical matters as where the power lies – the business side or legal/compliance – how bonus pools are allocated, independence of compliance staff, and involvement in critical decision-making. Also, the extent of compliance contributions of business units in performance assessment and reward processes are considered.
With all this, the focus on board of directors is consistent with attention to the tone at the top of a firm. Carlo di Florio is moving the lines, and I've no doubt he and his staff will have a sharper focus on and greater insight into what drives compliance.