Compliance Risk Part 2

अब Quizwiz के साथ अपने होमवर्क और परीक्षाओं को एस करें!

Bribery/Corruption are the heart of the Compliance Risks for the Extractive Industry

1. ○Between 1977-2018, 329 Corruption enforcement actions have been brought 2. ○51% have been against Extractive Industry sector D. ▪

Corruption Vulnerabilities (think of these as Corruption Sub-Risks)

1. ○Policy, legislation, and regulatory institution design

Escalation Criteria - What Happens with Findings: A. Breaches by Employees (Restricted List, Information Barrier policies)

1. ●If following internal review an employee was found to have improperly directed trading or solicited/tipped a client in violation of firm policy, then standard misconduct, disciplinary and escalation procedures would apply 2. ○In cases of perceived or actual Insider Trading by an employee, Bank would contact the relevant regulator directly (in addition to filing a Suspicious Activity Report) B.

Social Media Companies: Section 230 of the Communications Decency Act was established as Title V of the Telecommunications Act of 1996, just as the internet was growing and expanding amid the first big tech boom of the 1990s. It was initially created to regulate pornographic material on the internet.

A. ▪ "No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider." B. ▪The law protects websites from being liable if one of their users posts something illegal or controversial C. ▪For example, you can't sue Twitter for a tweet someone posted D. ▪Because it allows free expression without repercussion, these social platforms have a large safe harbor from the usual legal risks attached to traditional media such as journalists and broadcasters E. ▪This law has been essential to creating social media as it currently exists since it allows people to converse freely, post creative works, and contribute information across platforms. F. Section 230 "Under Fire" G. ▪Has Section 230 resulted in making social media a "safe space" for lies, conspiracy theories, and defamation? H. ▪Or is it simply a virtual "town square"? I. Social Media Companies: J. Section 512(c) of the Digital Millennium Copyright Act K. ▪Section 512 seeks to limit an Internet Service Provider's ("ISP's") liability for when its "subscribers" (generally consumers) post content that infringes a valid copyright. L. ▪When a copyright holder finds content that allegedly infringes on a copyright, the holder can submit a notice that requires an ISP to take down the infringing content. M. ▪While this has protected many new websites and social media companies, it has also led to a significant amount of potential free speech suppression. N. ▪This "notice and takedown" scheme not only raises questions about the chilling of free speech, it also arguably fails to provide consumers with adequate due process.

▪Key Control Principles: TRANSPARENCY AND ACCOUNTABILITY

A. ▪Corruption Vulnerabilities (think of these as Corruption Sub-Risks) B. ○Policy, legislation, and regulatory institution design C. ▪Risks D. ▪Public officials may shape basic policies, rules, regulations, and processes in ways to favor certain groups or acquaintances in return for personal gain. E. ▪Foreign companies may influence policy to gain access to extractive resources by bribing decision-makers. F. ▪Extractive industry actors may exert undue influence through bribery to push for a lax regulatory regime. G. ▪There might be nepotism and patronage in the appointment of key positions in the regulatory and oversight institutions. H. ▪Controls I. ▪Laws that guarantee effective protection of land and property rights J. ▪Strict enforcement of laws that protect the rights of indigenous and local communities such as through (Free, Prior, and Informed Consent (FPIC) and Environmental and Social Impact Assessments (ESIAS)) K. ▪Effective parliamentary and/or inter-ministerial coordinating mechanisms that oversee the governance of the extractive industry L. ▪Regulatory regimes that establish comprehensive environmental protection requirements, post-extraction environmental impact analysis, safeguards and compliance standards, and enforce sanctions for non-compliance M. ▪Transparent and accountable policies and systems with strong checks and balances to safeguard citizens' interest in resource wealth N. ▪Corruption Vulnerabilities (think of these as Corruption Sub-Risks) O. ○Concessions and Contract Negotiations P. ▪Risks Q. ▪Abuse of discretionary power by a public official in charge of granting concession rights by receiving bribes from extraction companies in exchange for lucrative concessions/contracts R. ▪Bribery to influence allocation of extraction rights, area and rate of exploitation, length operations, amount of revenue sharing, cost recovery, etc. S. ▪Political patronage and nepotism—allocation of lucrative contracts to political patrons T. ▪Phantom rights—allocation of rights to private companies as well as those owned by politicians and government officials U. ▪Collusive bidding in which bidders agree who is going to tender the most competitive bid, allowing the bidders to artificially bid higher than the agreed bid and bribery to overlook anti-collusive regulations V. ▪Controls W. ▪Competitive and transparent bidding rounds that decrease risks of corruption compared to first come, first-served systems, or direct negotiations. X. ▪Having a coherent and coordinated negotiating team with representation by key stakeholders to participate in negotiations Y. ▪Publishing all of oil, gas, and mining contracts or licenses. Z. ▪Corruption Vulnerabilities (think of these as Corruption Sub-Risks) AA. ○Extraction Operations BB. ▪Risks CC. ▪Bribery and kickback in procurement of equipment and services for mining operations and oil and gas installations DD. ▪Fraud and bribery in underestimating and misreporting of reserve and production amount EE. ▪Regulatory capture and bribery to undermine environmental protection FF. ▪Extortion, embezzlement, and bribery to undermine the rights of indigenous and local communities during extraction processes GG. ▪Controls HH. ▪Open procurement standards and practices during the construction and instalment of facilities and infrastructure including access roads, rails, ports, processing plants camp accommodations, water supplies, etc. II. ▪Publishing information on agreed quantitative (production rates, recovery rates in the case of mining operations, concentrate grade, etc.) and qualitative (social and environmental safeguards, blasting patterns, etc.) criteria for the extraction operations JJ. ▪Keeping open communication between extractive companies and governments and between companies and surrounding communities throughout the production period KK. ▪Corruption Vulnerabilities (think of these as Corruption Sub-Risks) LL. ○Revenue Generation and Fiscal Management MM. ▪Risks NN. ▪Distortions in accounting and reporting of production volumes, revenue, and cost of extractive industries for personal gains and using bribery to overlook regulations OO. ▪Use of transfer pricing and trade mispricing to increase amount of production cost and cost recovery PP. ▪Under-invoicing of the value of resources sold/exported QQ. ▪Elite capture of national resource funds/sovereign wealth funds RR. ▪Bribery to evade taxes or reduce royalties SS. ▪Diversion of revenue to offshore bank accounts TT. ▪Controls UU. ▪Policy directives that establish transparent and accountable mechanisms for revenue flows and the operations of any extra-budgetary funds including natural resource funds and Sovereign Wealth Funds (SWFs) VV. ▪Disclosure of all payments made by companies to the government and, for the government, disclosure of all corresponding receipts accurately and regularly including in-kind benefits WW. ▪Full disclosure of the extent to which the government is involved in the extractive sector through equity participation and contingent liabilities associated with such involvement XX. ▪Corruption Vulnerabilities (think of these as Corruption Sub-Risks) YY. ○Expenditure Management ZZ. ▪Risks AAA. ▪Nepotism, clientelism, and cronyism, e.g., officials granting favorable projects to their friends, families, and business associates BBB. ▪Bribery and solicitation, e.g., 'selling' certain projects with high rent-seeking potential CCC. ▪Embezzlement of funds when officials collude with contractors to siphon off project funds for themselves DDD. ▪Fraudulent overbilling and cost overruns EEE. ▪Controls FFF. ▪Comprehensive scrutiny and appraisal of resource revenue spending choices to ensure allocative efficiency and alignment with development objectives (e.g., education, health care, drinking water, infrastructure, etc.) GGG. ▪Effective design of development projects, including well-defined specifications, scope of work, deliverables, project completion milestones, and assumptions about project risks HHH. ▪Stringent prequalification of contractors and subcontractors; competitive tendering for procurement of goods, equipment, and services, independent audits to ensure timely completion, quality deliverables, and value-for-money Open and transparent cash transfer schemes, monitored by legislative bodies.

The Federal Securities Laws: A. ●Securities Act of 1933 -- Key Concept: Issuer Disclosure B. ○Objectives:

(1) Require that investors receive financial and other significant information concerning securities being offered for public sale; and (2) prohibit deceit, misrepresentations, and other fraud in the sale of securities. C.

FINRA Rule 3110. Supervision: (a) Supervisory System Each member shall establish and maintain a system to supervise the activities of each associated person that is reasonably designed to achieve compliance with applicable securities laws and regulations, and with applicable FINRA rules. Final responsibility for proper supervision shall rest with the member. A member's supervisory system shall provide, at a minimum, for the following:

(1) The establishment and maintenance of written procedures as required by this Rule. (2) The designation, where applicable, of an appropriately registered principal(s) with authority to carry out the supervisory responsibilities of the member for each type of business in which it engages for which registration as a broker-dealer is required. (3) The registration and designation as a branch office or an office of supervisory jurisdiction (OSJ) of each location, including the main office, that meets the definitions contained in paragraph (f) of this Rule. (4) The designation of one or more appropriately registered principals in each OSJ and one or more appropriately registered representatives or principals in each non-OSJ branch office with authority to carry out the supervisory responsibilities assigned to that office by the member. (5) The assignment of each registered person to an appropriately registered representative(s) or principal(s) who shall be responsible for supervising that person's activities. (6) The use of reasonable efforts to determine that all supervisory personnel are qualified, either by virtue of experience or training, to carry out their assigned responsibilities. (7) The participation of each registered representative and registered principal, either individually or collectively, no less than annually, in an interview or meeting conducted by persons designated by the member at which compliance matters relevant to the activities of the representative(s) and principal(s) are discussed. Such interview or meeting may occur in conjunction with the discussion of other matters and may be conducted at a central or regional location or at the representative's (') or principal's (') place of business. (b)

Each report provided to senior management pursuant to paragraph (a) in the calendar year following a calendar year in which a member reported $200 million or more in gross revenue must include, to the extent applicable to the member's business:

(1) a tabulation of the reports pertaining to customer complaints and internal investigations made to FINRA during the preceding year; and (2)

FINRA Rule 3120. Supervisory Control System: (a) Each member shall designate and specifically identify to FINRA one or more principals who shall establish, maintain, and enforce a system of supervisory control policies and procedures that:

(1) test and verify that the member's supervisory procedures are reasonably designed with respect to the activities of the member and its associated persons, to achieve compliance with applicable securities laws and regulations, and with applicable FINRA rules; and (2) create additional or amend supervisory procedures where the need is identified by such testing and verification. The designated principal or principals must submit to the member's senior management no less than annually, a report detailing each member's system of supervisory controls, the summary of the test results and significant identified exceptions, and any additional or amended supervisory procedures created in response to the test results. (b)

an associated person of the member is the subject of any disciplinary action taken by the member involving suspension, termination, the withholding of compensation or of any other remuneration in excess of $2,500, the imposition of fines in excess of $2,500 or is otherwise disciplined in any manner that would have a significant limitation on the individual's activities on a temporary or permanent basis.

(b) Each member shall promptly report to FINRA, but in any event not later than 30 calendar days, after the member has concluded or reasonably should have concluded that an associated person of the member or the member itself has violated any securities-, insurance-, commodities-, financial- or investment-related laws, rules, regulations or standards of conduct of any domestic or foreign regulatory body or self-regulatory organization. (c) Each person associated with a member shall promptly report to the member the existence of any of the events set forth in paragraph (a)(1) of this Rule. (d) Each member shall report to FINRA statistical and summary information regarding written customer complaints in such detail as FINRA shall specify by the 15th day of the month following the calendar quarter in which customer complaints are received by the member.

Scope of Control Room Monitoring: A. Business Divisions

1. Investment Banking 2. Private Banking & Wealth Management B. Product Coverage 1. Equities, equity-related securities and related derivatives 2. Fixed Income securities and related derivatives C. Account Types 1. Firm (proprietary, client facilitation, hodge) 2. Employee 3. Institutional Clients 4. Private Banking Clients 5. Discretionary Portfolios 6. Asset Management Funds D. Deal Types 1. Restricted List 2. Watch List 3. Wall Crossings 4. Bank deal lookbacks 5. non-Bank deal lookbacks 6. Watch List lookbacks 7. Research front-running

What is Insider Trading?:

1. Legal Conduct a. ●Corporate insiders (officers, directors, and employees) buy and sell stock in their own companies during open trading windows b. ●When corporate insiders trade in their own securities, they must report their trades to the SEC 2. Illegal Conduct a. ●Buying or selling a security, in breach of a fiduciary duty or other relationship of trust and confidence, while in possession of material, nonpublic information about the security

U.S. Securities and Exchange Commission Primary SEC Divisions The SEC has multiple units to address all aspects of securities regulation:

1. •Corporate Finance 2. •Trading and Markets 3. •Investment Management 4. •Economic and Risk Analysis 5. •Division of Enforcement 6. •Office of Compliance, Inspections and Examinations

Public Side:

1. •Equities and Fixed Income Sales and Trading 2. •Prime Services 3. •Private Banking 4. •Asset Management 5. •Shared Services functions with no access to Inside Information

Inside Information and Insider Trading Controls: Private Side vs. Public Side: A. Private Side:

1. •Investment Banking Department 2. •Capital Markets 3. •Asset Backed Origination 4. •Structured Lending 5. •Solutions Partners 6. •Private Equity 7. •Shared Services functions with access to Inside Information B.

○Disclosure is generally accomplished through registration of securities. The registration forms companies file provides essential facts while minimizing the burden and expense of complying with the law. In general, registration forms call for:

1. ■a description of the company's properties and business. 2. ■a description of the security to be offered for sale. 3. ■information about the management of the company; and 4. ■financial statements certified by independent accountants. D. ●

Focus on Pharmaceutical. Company Compliance: A. ○On March 3, 2015, SEC's then-Division of Enforcement Director Andrew Ceresney stated in remarks that the SEC was particularly focused on the pharmaceutical industry's compliance with the FCPA in recent years B. ○Ceresney noted that there are three types of misconduct that the SEC typically sees in pharmaceutical FCPA cases. Those include:

1. ▪ "Pay-to-Prescribe" 2. ▪ Bribes to get drugs on an "approved list"

FCPA: Introduction- Key Risks and Controls: A. ○The Foreign Corrupt Practices Act (FCPA) is a U.S. criminal statute that prohibits bribery of foreign government officials and requires public companies to maintain accurate records and have vigorous internal controls B. ○Applies to:

1. ▪ Publicly traded companies in the U.S. 2. ▪ Companies incorporated or based in the U.S. 3. ▪ Officers, employees, and agents of such companies 4. ▪ U.S. nationals and residents wherever they may be 5. ▪ Any person who furthers foreign bribery while "in" the U.S. 6. ○Enforced by DOJ (including the FBI) and SEC 7. ○DOJ and SEC have made FCPA enforcement a high priority 8. ○https://m.youtube.com/watch?v=g1n0kat_i4s

Social Media Companies: What are the risks for Social Media companies providing social media to corporations and individuals?

1. ▪Advertising, Marketing and Promotion 2. ▪Privacy and Data Security 3. ▪Confidentiality 4. ▪Publishing Risk and Section 230 5. ▪Copyright Infringement and Section 512

What happened after the Consent Order in 2016?

1. ▪CEO Resigns 2. ▪Head of the Community Bank Division Resigns 3. ▪Congressional Hearings 4. ▪Four Other Managers Fired 5. ▪Private Litigation Filed 6. ▪Board claws back $75 million in compensation 7. ▪Close your Wells Fargo Account Day was November 11, 2016 8. ▪Board commissions a special investigation 9. ▪And in 2017 10. ▪Auto Insurance Business Class Action 11. ▪Mortgage Lock-in Fees Class Action 12. ▪Wells Fargo Foreign Exchange Conduct 13. ▪And in 2018 14. ▪FRB Cease and Desist Order 15. ▪Restricts growth of Wells Fargo's business 16. ▪Loan Book cannot increase (think about those metrics) 17. ▪New directors; and 18. ▪Triggers source of strength clause 19. ▪FRB rejects Wells Fargo's remediation plan 20. ▪And in 2019? 21. ▪CEO resigns after disclosure of his 5% pay increase to 18.4 million in 2018 22. ▪New CEO announced on September 27, 2019

Fundamentals of AML: AML Risk Drivers:

1. ▪Client Types (WHO) 2. ▪Public Company 3. ▪Individual 4. ▪Private Corporation 5. ▪Personal Holding Company 6. ▪Politically Exposed Person (known as PEPs) 7. ▪Sanctioned Individual 8. ▪Jurisdiction (WHERE) 9. ▪FATF Country 10. ▪What is FATF? Financial Action Task Force 11. ▪Non-FATF Country but high score on Transparency International's Corruption Perceptions Index 12. ▪What is Transparency International's Corruption Perceptions Index? 13. ▪Sensitive Country/Industry 14. ▪Non-FATF Country with low score on TI's CP Index 15. ▪Sanctioned Countries 16. ▪Products/Services (WHAT and HOW) 17. ▪Cash, Wires and Transfers versus longer held investments

Mail/Wire Fraud: ▪Illegal to defraud via U.S. mail, email, telephone, bank wires.

1. ▪Encompasses theft of honest services 2. Money Laundering: ▪Illegal to conduct financial transaction with proceeds of crime. 3. ▪Intent to conceal source, ownership, or control of funds 4. ▪ "Laundering" illegally obtained money to make it look clean

Why is Insider Trading Prohibited?

1. ▪Ensure a level playing field 2. ▪Transparency and integrity of the financial markets 3. ▪Inspire investor confidence that the financial markets are not "rigged" 4. ▪Unfairness of insider trading gains for those with informational advantage 5. ▪Fundamental Fairness

○This case illustrates how broadly a "thing of value" can be interpreted C. ○Several other large banks (according to news reports in WSJ, Bloomberg, and other sources) continue to be investigated for similar issues (providing jobs, internships, or consultancies to family members of government officials in Asia and elsewhere) D. ○The Conduct:

1. ▪From 2006 to 2013, JPM's Asia-Pacific (APAC) investment banking division ran a "Client Referral Program," aka the "Sons and Daughters Program" 2. ▪JPM hired more than 100 interns and full-time employees referred by foreign government officials 3. ▪Candidates were typically less qualified and could not meet normal hiring standards 4. ○Purpose of the program was to hire referred candidates from clients in order to influence the award of client business 5. ○Program existed notwithstanding JPM's multiple FCPA, anti-bribery, and anti-corruption policies and procedures and APAC's referral candidate hiring compliance questionnaire 6. ○Key Takeaways: i. ▪This case illustrates how broadly a "thing of value" can be interpreted ii. ▪U.S. authorities are focused on hiring issues and regard them very seriously iii. ▪Compliance policies/procedures are by themselves, insufficient E. ▪ "The so-called Sons and Daughters Program was nothing more than bribery by another name. Awarding prestigious employment opportunities to unqualified individuals in order to influence government officials is corruption, plain and simple." - Then-Assistant Attorney General Leslie Caldwell A.

Why are Metrics so important in a CRA?

1. ▪Metrics are objective (generally quantitative) 2. ▪Numbers are often more easily understood (especially in financial services) 3. ▪Metrics should be both general for the business area and specific to the Compliance Risk Area 4. ▪Metrics provide critical information in and of themselves but also inform the areas of questioning to focus on and the kinds of questions to be asked

Non-Social Media Companies: What are the risks for Non-Social Media companies using social media?

1. ▪Using social media for External Purposes 2. ▪Advertising, Marketing and Promotion 3. ▪Privacy and Data Security 4. ▪Confidentiality 5. ▪Using social media for internal purposes 6. ▪Hiring 7. Employee supervision

Transparency International: A. ▪One global movement sharing one vision: a world in which government, business, civil society and the daily lives of people are free of corruption. B. ▪In 1993, a few individuals decided to take a stance against corruption and created Transparency International. Now present in more than 100 countries, the movement works relentlessly to stir the world's collective conscience and bring about change. Much remains to be done to stop corruption, but much has also been achieved, including:

1. ▪the creation of international anti-corruption conventions 2. ▪the prosecution of corrupt leaders and seizures of their illicitly gained riches 3. ▪national elections won and lost on tackling corruption 4. ▪companies held accountable for their behavior both at home and abroad.

Anything of Value:

1. ○"Value" may be monetary or in-kind 2. ○No minimum (but must be enough to suggest possible corrupt motive) 3. ○Examples: i. ▪Cash, checks, wire transfers, gift certificates, other cash or monetary equivalents ii. ▪Commissions or similar fees iii. ▪Meals, travel, and entertainment expenses iv. ▪Personal services, theater tickets, jobs v. ▪Tangible and intangible gifts and favors (e.g., unpaid internship for relative of government official) vi. ▪Political or charitable contributions G)

Typical Compliance Program Components to Protect Against FCPA Risks:

1. ○Anti-corruption policy 2. ○Travel and entertainment policies, with limits or approval levels for gifts and entertainment 3. ○Training and communications 4. ○Procedures for diligence and contractual representations for third parties 5. ○Restrictions on facilitation payments 6. ○Review of charitable donations 7. ○Enhanced scrutiny for transactions involving government officials (broadly defined) 8. ○Regular auditing and monitoring 9. ○Anonymous ethics hotline

An Improbable Insider Trading Case: A. ●Raj Rajaratnam - Founder of Galleon Hedge Fund recipient of inside information leaked by Gupta and Kumar B. ●Rajat Gupta - Former CEO of McKinsey serving on the boards of Goldman Sachs, American Airlines and Procter and Gamble leaked Boardroom secrets to Rajaratnam C. ●Anil Kumar - Senior Partner and Director of McKinsey (co-founded McKinsey's Silicon Valley office and viewed as the "star senior partner"; his mentor was Gupta and Kumar was leaking secrets about McKinsey clients

1. ○Flips and becomes the most important witness against Rajaratnam and Gupta 2. ○Reveals the triangular relationship among Rajaratnam, Gupta and Kumar 3. ○Prosecution had tapes of the phone calls D. ●Rajaratnam sentenced to 11 years in prison E. ●Gupta sentenced to 2 years in prison F. Kumar sentenced to 2 years' probation.

2017 Newman is overruled by the Second Circuit

1. ○In Martoma, the Second Circuit overruled itself and established a new standard for defining the boundaries of the "personal benefit" requirement. 2. ○A personal benefit to the tipper may exist "whenever the information was disclosed with the expectation that the recipient would trade on it and the disclosure resembles trading by the insider followed by a gift of the profits to the recipient."

Consequences of an FCPA Violation: A. For Companies:

1. ○Internal/external investigations - expensive, distracting 2. ○Criminal/civil fines and profit disgorgement 3. ○Compliance monitors 4. ○Suspension of right to do business with U.S. government and/or int'l institutions 5. ○Private lawsuits by competitors/ shareholders/terminated business partners. 6. ○Reputational harm 7. ○Disruption of business B.

Directly or Indirectly with Knowledge:

1. ○Liability for your own acts 2. ○Liability for acts of others if you have "knowledge" H) ▪If unlawful to make a payment directly, then unlawful to make it knowingly through a third person or entity 1. ○FCPA does not require proof of "actual knowledge" of third party's conduct i. ▪"Knowledge" standard is loose - evidence of "willful blindness," "deliberate ignorance," or a "head-in-the-sand" sufficient to convict ii. Failure to investigate suspicious circumstances - "red flags" - can amount to "willful blindness."

Internal Audit Inside Information Barriers: A. ●Manage the flow of inside information to prevent its inadvertent spread and misuse B. ●Restrict the sharing of inside information from employees on the "private side" of the Bank (e.g., those employees working in an investment banking or origination capacity) to employees on the "public side" of the Bank C. ●Consist of:

1. ○Policies & Procedures 2. ○Physical Barriers 3. ○Electronic Barriers 4. ○Monitoring 5. Training

Wall Crossings: A. ●Wall Crossing procedures must be followed when communicating inside information to public side (i.e., sales, trading and research) employees B. ●All Wall Crossings require:

1. ○Prior approval by a senior IBD/GMSG team member. 2. ○Prior approval by an appropriate senior business line manager (a "Conduit") of the person being brought over the wall; and 3. ○Consultation with a member of the Control Room

▪Five Key Actors

1. ○Public officials (regulators, politicians, parliamentarians, local government personnel) 2. ○Public entities (state-owned enterprises, ministries, agencies, etc.) 3. ○Private individuals (executives, consultants, bankers, traders, brokers, investors, lawyers, citizens, etc.) 4. ○Private organizations (international companies, institutional investors, domestic companies, supply companies, consulting firms, financial institutions, etc.) 5. ○Civil societies (NGOs, labor unions, chambers of commerce, think tanks, service providers, etc.) C. ▪

Overview of Control Room Monitoring and Testing: A. ●Monitor Firm, client and employee trading activity by the Investment Banking and Private Banking & Wealth Management divisions B. ●Covers all products including equities, debt, derivatives and bank loans C. ●Types of reports include:

1. ○Restricted List 2. ○Watch List 3. ○Over The Wall 4. ○Research Frontrunning 5. ○Restricted List Lookbacks 6. ○Watch List Lookbacks 7. ○External Deals

Focus on Financial Institution Compliance: A. ▪There are inherent FCPA risks for financial services firms, such as:

1. ○Seeking large mandates from government entities and state-owned enterprises 2. ○Travel, meals, entertainment, and gifts for government officials in light of conferences, events, and road shows 3. ○Hiring relatives of government officials as employees, interns, or secondees 4. ○Hiring a government official as a consultant 5. ○Including a government official on an advisory board or similar body 6. ○Developing relationships and fundraising efforts with government-owned/controlled entities 7. ○Establishing operations in foreign countries (which requires permits, licenses, and other interactions with government officials) 8. ○Private equity and proprietary joint ventures Case Study: JP Morgan- "Sons and Daughters: A. ○JP Morgan ("JPM") agreed in November 2016 to pay $264 million in SEC disgorgement and interest, a DOJ criminal penalty, and a Federal Reserve civil penalty to settle allegations that it hired otherwise unqualified children of Asian government officials and other favored referrals in order to help win or retain business B.

Obtain or Retain Business

1. ○The mere promise or offer of an improper payment is itself punishable 2. ○An attempt to bribe is punishable (thus no requirement that bribe actually be paid) 3. ○No requirement that offer or payment be successful in achieving the desired outcome 4. ○Serving as an authorizer of a bribe may lead to an FCPA violation F)

Insider Trading - Recent Developments on Tipping Theory: A. ●2014 Newman case (US Court of Appeals for the Second Circuit) significantly impacts ability to prosecute downstream tippee cases

1. ○Tipper must receive personal benefit, which must be more than friendship 2. ○Tippee must know of the tipper's breach and personal benefit 3. ○After Newman a number of insider trading prosecutions have been dropped. 4. ○Ultimate effect unclear - civil context, SEC administrative proceedings, etc. B. ●

Review Criteria - The "What" of Surveillance: A. ●Watch List/Lookback Reports

1. ○Trading activity by employees on the private side of the Inside Information barrier (Above the Wall personnel, Capital Markets, etc.) 2. ○Trades by employees who are Conduits for or are part of the same group as wall crossed individuals 3. ○Trades by clients who have been wall crossed (e.g., through Market Sounding) 4. ○Activity that deviates from known trading strategies (e.g., larger than normal trade size, holding positions when they are normally liquidated at end of day) 5. ○Timely trades with significant profit potential B.

Tipping

1. ○Trading on MNPI received as a tip from insider or misappropriated in exchange for a personal benefit

Typical Key Business Line Controls to avoid FCPA Risks:

1. ○Travel limits and approvals 2. ○Entertainment limits and approvals 3. ○Gift limits and approvals 4. ○Supervisor/Manager review of travel, entertainment and gifts 5. ○Enhanced manger approval of transactions involving government officials (broadly defined) 6. ○Regular auditing and monitoring

●Restricted List Reports

1. ○Whether the type of trading activity that occurred (e.g., firm vs. client activity, trading without approvals, etc.) represents a violation of the Restricted List C. ●

Control Room Notification Procedures: A. ●The Bank Information Barrier policy requires all employees to proactively notify the Control Room of activities that have resulted in (or likely will result in) the Bank's receipt of Inside Information B. ●Employees must also inform the Control Room when they learn of material developments associated with an existing assignment or situation C. ●This includes Inside Information received outside the ordinary course of business, such as:

1. ○from a company or business that the employee or the Bank does not cover or intend to do business with 2. ○from a friend or other social or professional acquaintance 3. ○from being the unintended recipient of the information (for example, as a result of overhearing another conversation)

Potential Insider Trading by Clients

1. ●A fortuitous, well-timed trade alone would not lead to an SAR filing—it would require the presence of additional factors, such as: 2. ○Reason to believe the client had access to Inside Information (e.g., as part of a market sounding exercise, inadvertent email, etc.); or 3. ○A potential connection exists between the client and the parties involved in the deal (e.g., a principal of the client is on Board of a target company or affiliate); or 4. ○A pattern of the client trading ahead of other deals with a common link (e.g., same company, advisor, law firm, etc.)

Elements of Insider Trading

1. ●Buying or selling a security 2. ●With intent to deceive 3. ●In breach of fiduciary duty or other relationship of trust 4. ●While in possession of MNPI about the security A.

Employee Personal Account Trading: Summary of Employee Personal Account Trading Controls

1. ●Disclose all personal securities accounts 2. ●Maintain accounts at a designated firm 3. ●Check the Restricted List before all trading 4. ●Obtain pre-trade approval for certain transactions 5. ●Hold securities for the required minimum holding period 6. ●Be aware of trading windows for certain securities

FCPA: Elements of an Anti-Bribery Offense:

1. ●Offer, Promise, Pay, Authorize, or Give Anything of Value 2. ●Directly or indirectly with "Knowledge" 3. Foreign Government Official 4. Influence the Official. E)

Overview of Financial Services: Insider Trading: What is Inside Information?

1. ●Relates to the securities of an issuer 2. ●Not publicly known 3. ○Has not been disseminated in a manner reasonably designed to provide broad, non-exclusionary distribution of the information to the public 4. ●Material 5. ○It has "market significance" (likely to affect the market price of any outstanding securities of the issuer) 6. ○A reasonable investor would consider the information important in deciding whether to purchase, hold or sell a security 7. ○Would be viewed by a reasonable investor as having significantly altered the total mix of information made available to holders of securities 8. ●Inside information is also known as material, non-public information (or "MNPI"). A.

Global Anti-Corruption Laws: Foreign National Legislation- ○Major international players have passed significant anti-corruption laws in the past few years:

A. ▪Chinese anti-bribery law took effect May 1, 2011 B. ▪UK Bribery Act took effect July 1, 2011 C. ▪Russian anti-bribery law passed in 2011 D. ▪Brazilian Anti-Corruption Law passed and implemented between 2013 and 2015 E. Other U.S. Anti-Corruption Laws: Travel Act, Mail/Wire Fraud, Money Laundering: F. Travel Act: ▪Illegal to travel or communicate (e.g., use U.S. mail, email, telephone, bank wires) to violate state commercial bribery laws. G. ▪Increasingly aggressive DOJ prosecutions

Fundamentals of AML: Definitions and Scope

A. ▪Definition - To understand Anti-Money Laundering, one must first understand what "Money Laundering" is B. ▪Money laundering is the process of making illegally gained proceeds (i.e., "dirty money") appear legal (i.e., "clean"). C. ▪Typically, it involves three steps: placement, layering and integration. D. ▪First, the illegitimate funds are furtively introduced into the legitimate financial system. E. ▪Then, the money is moved around to create confusion, sometimes by wiring or transferring through numerous accounts. F. ▪Finally, it is integrated into the financial system through additional transactions until the "dirty money" appears "clean." G. ▪Money laundering can facilitate crimes such as drug trafficking and terrorism, and can adversely impact the global economy H. ▪Compliance Departments design and implement programs to prevent businesses from being susceptible to potential money laundering and these programs are known as Anti-Money Laundering programs or AML Programs I. ▪Over time, AML Programs have expanded to include other types of financial crime such as bribery, as well as the related area of Sanctions which is designed to ensure payments and business with "sanctioned countries and individuals" only occurs when and where it is permissible

Fundamentals of AML (Key AML Controls):

A. ▪Key Control for Client Type and Jurisdiction: Client Identification B. ▪KYC - Know Your Customer (important for Sanctions too) C. ▪Establishes required information to be obtained from the client including essential facts D. ▪Client's domicile E. ▪Occupation, source of funds F. ▪Two Levels of Client Identification: G. ▪Client Due Diligence H. ▪Enhanced Due Diligence for higher risk clients (PEPs, Sensitive Industries) I. ▪Refreshing and reviewing Client Identification Information J. ▪Key Control for Products and Services: Monitoring and Testing K. ▪Monitoring client activity for unusual or suspicious activity L. ▪Transaction monitoring (remember the HSBC case from earlier) is a window into whether the client is using the account for legitimate business purposes M. ▪Suspicious Activity Reports -- What Happens When Issues/Concerns Appear? N. ▪Filing a report with the appropriate regulatory authority when suspicious activity is identified O. ▪Strictly prohibited to disclose the filing of the report to parties involved P. ▪Why SARs? Q. ▪AML Programs are critical in financial services but also important in certain other financial related companies. R. ▪Global Financial Crime in the form of bribery or doing business with sanctioned countries/individuals affects a broader base of companies, including those companies outside of financial services S. ▪US BSA requires an annual AML Risk Assessment. This CRA can be incorporated into the broader CRA or conducted as a targeted CRA. T. ▪Unrelated to AML, targeted CRAs are becoming increasingly more "popular" as a tool to assist in responding to a hot topic or area of focus.

FINRA Rule 2111. Suitability: ▪FINRA Rule 2111 on Suitability establishes three primary obligations for firms and their associated persons:

A. ▪Reasonable-basis suitability requires a broker to have a reasonable basis to believe, based on reasonable diligence, that the recommendation is suitable for at least some investors. Reasonable diligence must provide the firm or associated person with an understanding of the potential risks and rewards of the recommended security or strategy. B. ▪Customer-specific suitability requires that a broker, based on a particular customer's investment profile, has a reasonable basis to believe that the recommendation is suitable for that customer. The broker must attempt to obtain and analyze a broad array of customer-specific factors to support this determination. C. ▪Quantitative suitability requires a broker with actual or de facto control over a customer's account to have a reasonable basis for believing that a series of recommended transactions, even if suitable when viewed in isolation, is not excessive and unsuitable for the customer when taken together in light of the customer's investment profile

The Insider Trading Case of Zachary Zwerko:

A. ▪Zachary Zwerko was a senior finance analyst in the financial evaluation and analysis group of Merck. B. ▪David Post was Zwerko's business school classmate who worked at Bank of New York Mellon. C. ▪Zwerko provided Post with information about Merck's potential acquisition targets. D. ▪Post would then place trades based on the information from Zwerko that generated over $683,000 in profits. E. ▪To effectuate their scheme, they used prepaid "burner" cell phones to exchange coded text messages in advance of Post's trading and also used a dummy e-mail account they could both access to draft an e-mail message in code and leave it in the draft folder for the other to read and then delete. F. ▪In exchange for the illegal tips, post paid Zwerko $7,000 at a Halloween party following his profitable trading in 2012, and, additionally, gave Zwerko $50,000 in a shoebox when Zwerko visited Post's home after additional insider trading by Post in mid-2014. Post then placed trades based on that information. G. ▪Indicted and both Zwerko and Post pled guilty receiving orders to disgorge profits, fines and imprisonment (Zwerko 37 months and Post 6 months).

Foreign Government Official:

A. ○FCPA does not apply to U.S. federal, state, or local officials (but other anti-bribery laws do) B. ○Term "foreign official" may include, regardless of rank, personnel of or agents acting for C. ▪National, regional, or local government body - e.g., department, agency, customs, tax, permitting agency D. ▪State-owned or -controlled company (e.g., state-owned airline) E. ▪Public international organization (e.g., UN) F. ▪Foreign political parties, party officials, and candidates for office G. ▪Royal family members H. ▪Sovereign wealth fund employees I. ▪Private party engaged to carry out a government function

FCPA Risks and Trends:

A. ○FCPA prosecutions/investigations continue at a rapid pace B. ○Dodd Frank whistleblower program incents reporting to SEC, often without company knowledge C. ○DOJ Corporate Enforcement Policy, formerly a pilot program, seeks to incentivize voluntary disclosure D. ○DOJ "Piling On" Policy E. ○New guidance from the DOJ regarding corporate compliance programs ("Compliance Program Guidance") F. ○Harsher, costlier penalties and settlements imposed G. ○Focus on prosecuting individuals in addition to companies/entities H. ○Focus on due diligence and third-party risk I. ○Increased use of industry-wide and country-specific probes J. ○Increased collateral litigation K. ○Increasingly active enforcement climate overseas L. ○Corporate compliance monitors are often imposed

FCPA: Internal Controls and Record Keeping:

A. ○FCPA requires issuers to maintain reasonable internal controls aimed at preventing and detecting FCPA violations B. ○FCPA requires issuers to "make and keep books, records, and accounts, which in reasonable detail, accurately and fairly reflect the transactions and dispositions of the issuer" C. ▪The US government will bring charges under the books and records provisions even when anti-bribery charges may not be appropriate D. ○There are no state of mind or materiality requirements, making any problems with internal controls and record keeping potentially serious E. ○Why books and records?

Obtain or Retain Business:

A. ○FCPA violated if intended result is to obtain new, renew, or maintain existing government business B. ○In addition, enforcement authorities take view that FCPA covers efforts to obtain essentially any favorable government action, not just winning business: 1. ▪Permits/licenses 2. ▪Taxes 3. ▪Regulatory decisions 4. ▪Customs/immigration

Influence the Official:

A. ○FCPA violated if payment or offer made with corrupt intent to influence official to: 1. ▪ Take any official action 2. ▪ Refrain from acting 3. ▪ Influence others improperly B. ○ "Corrupt intent" means motive to achieve quid pro quo in return for giving something of value

Case Study: Return to the Morgan Stanley Declination:

A. ○In 2012 the SEC and DOJ charged a former Morgan Stanley executive with FCPA violations and investment advisor fraud B. ○The SEC and DOJ alleged that a managing director at Morgan Stanley had a friendship and secret business relationship with the chairman of a Chinese-state owned entity C. ○According to the SEC and DOJ, the managing director arranged for at least $1.8 million disguised as finder's fees to be paid to himself and the Chinese official and for both parties to acquire a valuable real estate interest in a Morgan Stanley fund D. ○Both the SEC and DOJ declined to bring charges against the bank E. ○The DOJ specifically noted that Morgan Stanley maintained a system of internal controls, had internal policies which were updated regularly, and frequently trained its employees on those policies

Global Anti-Corruption Laws: Active Enforcement Climate:

A. ○In addition to the FCPA, international regimes, foreign laws, and other U.S. laws apply to corrupt payments B. ○Many countries prohibit bribery C. ▪OECD Anti-Bribery Convention (1997) D. ▪UN Convention against Corruption (2005) E. ▪Local domestic anti-corruption laws F. ○Parallel investigations add burdens, complications, expense, and risk G. ○Increasing cooperation between/among U.S. and international enforcement authorities H. ○Enforcement authorities in other countries are increasingly active (China, Brazil, UK, Switzerland, and others)

●Investment Advisers Act of 1940

A. ○Regulates investment advisers. Requires, with certain exceptions, that firms or sole practitioners compensated for advising others about securities investments must register with the SEC and conform to regulations designed to protect investors. B. ○Through amendments in 1996 and 2010, generally only advisers who have at least $100 million of assets under management or advise a registered investment company must register with the Commission.

●Investment Company Act of 1940

A. ○Regulates the organization of companies, including mutual funds, that engage primarily in investing, reinvesting, and trading in securities, and whose own securities are offered to the investing public. B. ○Designed to minimize conflicts of interest that arise in these complex operations by, among other things, requiring these companies to disclose their financial condition and investment policies to investors when stock is initially sold and, subsequently, on a regular basis. C. ○Focuses on disclosure to the investing public of information about the fund and its investment objectives, as well as on investment company structure and operations.

●Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010

A. ○Signed into law on July 21, 2010. B. ○Sets out to reshape the U.S. regulatory system in a number of areas including but not limited to consumer protection, trading restrictions, credit ratings, regulation of financial products, corporate governance and disclosure, and transparency.

●Sarbanes-Oxley Act of 2002

A. ○Signed into law on July 30, 2002. B. ○Mandated a number of reforms to enhance corporate responsibility, enhance financial disclosures and combat corporate and accounting fraud, and created the "Public Company Accounting Oversight Board," also known as the PCAOB, to oversee the activities of the auditing profession.

Bribes masquerading as "charitable contributions. Case Study: GlaxoSmithKline plc-

A. ○UK-based pharmaceutical company GlaxoSmithKline ("GSK") agreed to pay a $20 million civil penalty to settle FCPA charges with the SEC in September 2016 B. ○Between 2010 and mid-2013, sales and marketing managers at GlaxoSmithKline's China-based subsidiaries spent millions of dollars on gifts, travel and entertainment, shopping excursions, family and home visits, and cash payments to foreign officials (including healthcare professionals) in a scheme to increase sales of products in China C. ○According to the SEC's order, "[t]he costs associated with these [improper] payments were recorded in [GlaxoSmithKline's] books and records as legitimate expenses, such as medical association sponsorships, employee expenses, conferences, speaker fees, and marketing costs" D. ○In addition to the $20 million civil penalty, the SEC's order required GSK to provide status reports about its remediation and enhanced compliance protocol for a period of two years E. ○GSK paid approximately $490 million in fines to the Chinese government in connection with related conduct

U.S. Regulatory Overview: Securities- FINRA: FINRA as Rule maker/ Enforcer of SEC Principles

A. ●Began as two separate SROs (New York Stock Exchange and National Association of Securities Dealers) B. ●Combined for a more integrated and efficient regulatory agency C. ●All FINRA rules subject to approval by SEC D. Regulatory Topics of Focus E. ●"Just and Equitable Principles of Trade" F. ●Suitability G. ●IPO Allocation H. ●Registration

FINRA Enforcement Division

A. ●Brings enforcement actions for alleged violations of rules B. ●Penalties include fines, censures, suspensions and bars from the industry

FINRA Examination Division

A. ●Conducts annual examinations of U.S. registered broker-dealers B. ●"For Cause" examinations C. ●Conducts market sweeps on topical issues

U.S. Regulatory Overview: Securities U.S. Securities and Exchange Commission:

A. ●Mission: Protect investors, maintain fair, orderly, and efficient markets, and facilitate capital formation B. ●Oversees the key participants in the securities world, including securities exchanges, securities brokers and dealers, investment advisers, and mutual funds. Primarily concerned with 1. ○promoting the disclosure of important market-related information, 2. ○maintaining fair dealing, and 3. ○protecting against fraud

Rule Mapping - The US Perspective:

A. ●No specific prohibition on Insider Trading - prohibitions from various statutes and caselaw. B. ●Section 10(b) of the Securities Exchange Act of 1934 and Rule 10b-5 promulgated thereunder C. ○Prohibits fraud in connection with a purchase or sale of securities D. ●Rule 14e-3 E. ○Prohibits trading when you have MNPI about a tender offer, if you got that information directly or indirectly from someone involved in the tender offer F. ●Section 16 G. ○Insider liability for short-swing profits (purchase/sale within 6 months) H. ●Regulation FD I. ○Prohibits selective disclosure by companies J. Theories of Insider Trading: K. ●Classical L. ○Corporate insider (e.g., board member, executive) M. ○Owes fiduciary duty N. ○Breaches fiduciary duty by trading on MNPI O. ●Misappropriation P. ○Corporate outsider (e.g., Lawyer) Q. ○Trusted with MNPI in confidence R. ○Breaches a duty owed to the source of the information S. ●Tipping T. ○Trading on MNPI received as a tip from insider or misappropriated in exchange for a personal benefit

Restricted List:

A. ●The Restricted List generally reflects pending transactions in which the Firm is involved that have been publicly announced and in which we may have, or appear to have, inside information B. ●The Restricted List also may be used for other regulatory purposes (e.g., to comply with the trading restrictions imposed by Reg. M or by the tender rules, Section 16, or if we own a large position or are an affiliate of the company) C. ●The Restricted List limits certain marketing, research and trading activity that could constitute misuse of inside information or otherwise appear to be improper D. ●The Restricted List is available to all employees via an internal web page as well as via direct feeds to trading systems and market data screens

Fundamentals of AML: Key Risks and Controls: Rule Mapping: A. ▪Anti-Money Laundering B. ▪Extensive and global rulebook of AML laws, rules and regulations. Notable ones include the following:

C. ▪US Bank Secrecy Act D. ▪USA PATRIOT Act E. ▪Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism F. ▪EU Directive on the Proceeds of Crime G. ▪Many more individual country statutes and laws H. ▪Sanctions I. ▪Commercial and economic penalties taken by one or more governments against another self-governing state, individual or group J. ▪OFAC - US Office of Foreign Asset Control K. ▪United Nations L. ▪EU Directives

Misappropriation

1. ○Corporate outsider (e.g., Lawyer) 2. ○Trusted with MNPI in confidence 3. ○Breaches a duty owed to the source of the information C. ●

Extractive Industries, social media and Other Frontiers Overview of the Extractive Industries: A. ▪What are extractive industries?

1. ○Extractive Industries are operations that involve extracting raw materials, such as oil, gas and minerals, from the earth, processing them for exports, transporting, shipping as well as consuming the materials as production imports and as final goods. B.

For Individuals:

1. ○Imprisonment (record sentences of 7 and 15 years) 2. ○Civil and criminal fines (employer may not indemnify) 3. ○Loss of job or other employment action 4. ○Debarment from operating U.S. listed company 5. ○Reputational harm 6. ○Local punishment

FCPA Basics-Key Provisions:

A) Anti-Bribery-Cannot offer/give anything of value to foreign official for purpose of obtaining/retaining improper business advantage. B) Books/Records-Issuers must keep accurate and reasonably detailed books and records. C) Internal Controls-Issuers must maintain sufficient internal accounting controls (interpreted by the government to mean controls designed to prevent, detect, and address FCPA violations, and enable accurate financial reporting) D)

FINRA Compliance Risk Themes and Controls:

A. Risk Themes 1. ●Just and Equitable Principles of Trade (Sales Practices) 2. ●Suitability (Sales Practices) 3. ●Promotions and Advertising (Sales Practices) 4. ●Financial Incentives 5. Controls 6. ●Supervision 7. ●Supervisory Control System 8. ○Forms 9. ○Approvals 10. ●Annual Certification of Compliance and Supervisory Processes 11. ●Monitoring and Testing 12. ●Reporting Requirements

Examples of "Real Life" Regulation by the Fed: Reg W

A. ●Requires that transactions between member banks meet certain stipulations, such as: 1. ○Credit extended to an affiliate bank must be secured 2. ○Transactions with any one affiliate total no more than 10% of an institution's capital 3. ○Transactions to all affiliates total no more than 20% of an institution's capital 4. ○Results in on-going reviews of affiliate transactions

Case Study: Nu Skin Enterprises, Inc. A. ○In September 2016, Utah-based Nu Skin Enterprises, Inc. paid approximately $766,000 to settle SEC FCPA books and records charges that it paid $150,000 to a charity set up by a high-ranking Chinese official with the expectation that the official would exercise influence on its behalf in an ongoing local government investigation

B. ○Outside counsel had advised that the company include anti-corruption commitments in the charitable donation agreement, but the language was removed by local personnel C. ○This was only the second case where charges were brought solely based on charitable contributions (the prior case also involved a pharmaceutical company)

Compliance Risk Assessment: Fundamentals of AML and FCPA: A. ●U.S. regulates financial services with separate regulatory frameworks for

1. -Banking Services (Deposit taking, lending) 2. -Securities Services/Investment Banking (buying/selling stocks, margin lending, participating in capital markets) B. •The two-pronged system was the result of the Great Depression (1929 - 1936) which was generally believed to have been caused in part by allowing banks to be in both the traditional banking business and the "riskier" securities/investment banking business C. •U.S. approach is layered. Regulation also occurs on the state level. This means that each of the 50 states may also have a regulatory regime over financial services provided in that state. This presentation primarily examines U.S. federal or national regulations and not individual state regulation.

Rating and reporting the CRA Results:

1. What: Rating and reporting the results of the CRA at its various levels (business units, divisions, regions and enterprise-wide) 2. When: At least annually upon completion but consider quarterly or semi-annual refreshes 3. Who: Senior Management of business units, divisions, regions and enterprise-wide including Board of Directors 4. How: In a format that makes it the easiest to comprehend the key messages A. ▪Rating and reporting means providing the results of the CRA at its various levels (business units, divisions, regions and enterprise-wide) B. ▪Multiple levels and "cuts" of the CRA C. ▪With the ability to roll-up results into a master CRA while still able to drill down to a single business unit D. ▪Example: Morgan Stanley E. ▪Institutional Securities F. ▪Equity Sales and Trading G. ▪Equity Stocks H. ▪Equity Derivatives I. ▪Options J. ▪Fixed Income and Commodities Sales and Trading K. ▪Investment Banking L. ▪Wealth Management M. ▪Investment Management N. ▪Private Equity O. ▪Merchant Banking P. ▪Mutual Funds Q. ▪Discretionary Managed Money R. ▪Three Regions: Americas, EMEA (Europe, Middle East and Africa) and Asia-Pacific S. ▪When: Reporting the CRA results is done at least annually and ideally conducting periodic refreshing of the assessment T. ▪Quarterly U. ▪Semi-annually V. ▪Who: Senior Management up to and including the Board of Directors W. Important Note: Rating methodologies vary . . . X. ▪There is no single, accepted methodology for rating Y. ▪Rating Scales Vary (3 points, 4 points or more) Z. ▪The prominence of laws rules and regulations in scoring/rating is it a driver of inherent risk or a factor on its own

What happens after the CRA is conducted?

1. ▪Actions suggested for business units necessary (usually Very High or High) 2. ▪Actions range from new or enhanced controls to suspension of new business activities to closure 3. ▪Follow-up for those areas with Very High or High 4. ▪Consider more regular assessments for those areas with Very High or High 5. ▪Full suite of corporate reporting 6. ▪Internal Audit 7. ▪Senior Management 8. ▪Board of Directors 9. ▪Regulatory reporting

What to remember about using a metrics in a CRA:

1. ▪While objective in nature, metrics are still subject to interpretation 2. ▪Metrics alone may not always give a full picture of potential risk since risk can also be a product of manager/employee conduct 3. ▪Metrics are generally more weighted toward risk rather than controls 4. ▪Metrics may need to be presented as ratios or percentages to be proportional for more accurate results and comparison

Theories of Insider Trading: A. ●Classical

1. ○Corporate insider (e.g., board member, executive) 2. ○Owes fiduciary duty 3. ○Breaches fiduciary duty by trading on MNPI B. ●

FINRA Rule 2010. Standards of Commercial Honor and Principles of Trade:

A. A member, in the conduct of its business, shall observe high standards of commercial honor and just and equitable principles of trade.

General Business Area Metrics:

A. ▪Human Resources B. ▪Total Headcount C. ▪Relative Change in Headcount D. ▪Relative Turnover E. ▪% of Employees in unit less than 1 year F. ▪Ratio of Supervisors/Managers G. ▪Ratio of Compliance Staff H. ▪Revenue/Performance I. ▪Forecasted Revenue J. ▪Actual Revenue K. ▪Revenue Change YoY, QoQ, MoM L. ▪Revenue by product M. ▪Business and Products N. ▪Volume and Complexity of Business Activities O. ▪New Businesses/Products P. ▪% of new businesses or products Q. ▪Clients R. ▪Types of clients S. ▪% of clients with higher risk T. Third Parties U. ▪Employee Behavior V. ▪# of employees receiving discipline W. ▪% of employees receiving discipline X. ▪# of employees failing to complete eLearning Y. ▪% of employees failing to complete eLearning Z. ▪Regulatory AA. ▪Regulatory jurisdiction and changes BB. ▪Regulatory exam findings CC. ▪Regulatory actions and fines DD. ▪Regulatory filings (U-5s) EE. ▪Customer Complaints (include historic trend) FF. ▪Adverse Events GG. ▪Other Loss Events HH. ▪Compliance Monitoring and Testing Results II. ▪Litigation JJ. ▪Potential and existing litigation KK. ▪Internal Audits LL. ▪Internal Audit Rating MM. # Of High-Risk Findings

●Jumpstart Our Business Startups Act of 2012

A. ○The JOBS Act was enacted on April 5, 2012. B. ○Aims to help businesses raise funds in public capital markets by minimizing regulatory requirements.

SR 08-8

A. ●Establishes key elements of a Compliance Program B. ●Provides a benchmark for examining purposes C. ●Led to the drafting of a "Compliance Risk Framework D. Primary Regulators for Securities, Commodities, and Futures: E. ●U.S. Securities and Exchange Commission (SEC) (Securities) F. ●U.S. Commodity Futures Trading Commission (CFTC) (Commodities and Futures) G. ●Financial Industry Regulatory Authority (FINRA) (Broker-Dealers) H. ●Various Exchanges and Other "Self-Regulatory Organizations" I. State Regulators (Includes registration and anti-fraud occurring within the jurisdiction)

What Does the Control Room Want to Know About?

A. ●Identity of employees and businesses who receive Inside Information B. ●Trading activity while in possession of Inside Information (by employees, clients or the firm) or merely the appearance of (e.g., well timed trades) C. ●Breaches of Information Barriers through the use of electronic communications or otherwise D. ●Business changes that may invoke Information Barrier, Conflicts of Interest or Large Shareholding concerns (new businesses, reporting lines, physical location, booking systems, etc.) E. ●Transactions that where the firm would own 3% or more of a public company's equity securities (including through the use of derivatives) F. ●Disclosure of personal accounts and pre-clearance of trades G. ●Disclosure of outside business activities and directorships

Certification The certification shall state the following:

The undersigned is/are the chief executive officer(s) (or equivalent officer(s)) of (name of member corporation/partnership/sole proprietorship) (the "Member"). As required by FINRA Rule 3130(b), the undersigned make(s) the following certification:

The supervisory procedures required by this paragraph (b) shall include procedures for the review of incoming and outgoing written (including electronic) correspondence and internal communications relating to the member's investment banking or securities business. The supervisory procedures must be appropriate for the member's business, size, structure, and customers. The supervisory procedures must require the member's review of:

(A)incoming and outgoing written (including electronic) correspondence to properly identify and handle in accordance with firm procedures, customer complaints, instructions, funds and securities, and communications that are of a subject matter that require review under FINRA rules and federal securities laws. (B)internal communications to properly identify those communications that are of a subject matter that require review under FINRA rules and federal securities laws.

discussion of the preceding year's compliance efforts, including procedures and educational programs, in each of the following areas:

(A)trading and market activities. (B) investment banking activities. (C) antifraud and sales practices. (D) finance and operations. (E) supervision; and (F) anti-money laundering. (G) for purposes of paragraph (b), "gross revenue" is defined as: (1) total revenue as reported on FOCUS Form Part II or IIA (line item 4030) less commodities revenue (line item 3990), if applicable; or (2) total revenue as reported on FOCUS Form Part II CSE (line item 4030) less, if applicable, (A) commissions on commodity transactions (line item 3991); and (B) commodities gains or losses (line items 3924 and 3904).

FINRA Rule 4530. Reporting Requirements: (a) Each member shall promptly report to FINRA, but in any event not later than 30 calendar days, after the member knows or should have known of the existence of any of the following:

(1) the member or an associated person of the member: (A) has been found to have violated any securities-, insurance-, commodities-, financial- or investment-related laws, rules, regulations or standards of conduct of any domestic or foreign regulatory body, self-regulatory organization or business or professional organization. (B) is the subject of any written customer complaint involving allegations of theft or misappropriation of funds or securities or of forgery. (C)is named as a defendant or respondent in any proceeding brought by a domestic or foreign regulatory body or self-regulatory organization alleging the violation of any provision of the Exchange Act, or of any other federal, state or foreign securities, insurance or commodities statute, or of any rule or regulation thereunder, or of any provision of the by-laws, rules or similar governing instruments of any securities, insurance or commodities domestic or foreign regulatory body or self-regulatory organization; (D)is denied registration or is expelled, enjoined, directed to cease and desist, suspended or otherwise disciplined by any securities, insurance or commodities industry domestic or foreign regulatory body or self-regulatory organization or is denied membership or continued membership in any such self-regulatory organization; or is barred from becoming associated with any member of any such self-regulatory organization. (E)is indicted, or convicted of, or pleads guilty to, or pleads no contest to, any felony; or any misdemeanor that involves the purchase or sale of any security, the taking of a false oath, the making of a false report, bribery, perjury, burglary, larceny, theft, robbery, extortion, forgery, counterfeiting, fraudulent concealment, embezzlement, fraudulent conversion, or misappropriation of funds, or securities, or a conspiracy to commit any of these offenses, or substantially equivalent activity in a domestic, military or foreign court. (2)

What does the Control Room do? A. ●The Control Room is a central function that monitors the Bank's Information Barriers and the flow of inside information throughout the Bank B. ●The functions of the Control Room related to Information Barriers include:

1. Development and maintenance of the Bank's Information Barrier policies and procedures 2. Monitoring the integrity of the Bank's Information Barriers (i.e., surveillance of Firm, Employee and Client trading activity) 3. Pre-clearance of private side employee personal account trades and certain Firm trades 4. Maintenance of the Bank's Watch and Restricted Lists and Approving Wall Crossings 5. Reviewing Equity and Fixed Income research for companies that may appear on the Watch List or Restricted List 6. Providing ongoing advice and training on matters related to inside information and information barriers.

Over The Wall Reports

1. ○Trading activity by an employee (for the Bank, client or their own personal account) in a security for which he or she is currently over the wall

What is Material?

1. ●There is no statutory definition of materiality - it is determined according to caselaw, with significant room for judgment. 2. ●Courts routinely reject bright-line mathematical tests for materiality 3. ●Both quantitative and qualitative factors can be relevant to materiality (5% rule of thumb) 4. ●Information may be material even if it relates to future, speculative, or contingent events. When events are contingent or speculative, the test for materiality depends upon a balancing of both the probability that the event will occur and the anticipated magnitude of the event in light of the totality of the company activity (the "probability/magnitude test"). Why do we care about Inside Information? To prevent misuse or misappropriation of Inside Information also known as Insider Trading

Case Study: Return to Och-Ziff ○In September 2016, Och-Ziff Capital Management Group ("Och-Ziff") and its wholly owned subsidiary entered into resolutions with the DOJ and the SEC and paid approximately $412 million to settle FCPA charges; the DOJ resolution involved a criminal internal controls charge

B. ○Per the resolutions, between 2007 and 2011, Och-Ziff entered into a series of transactions and investments, primarily using managed investor funds, in which Och-Ziff paid bribes through third parties (intermediaries, agents, and business partners) to high-ranking government officials in various African countries C. ○Some of the third parties were engaged without formal approval or due diligence D. ○This marks the first time a hedge fund has been held accountable for FCPA violations, and at the time was the seventh largest FCPA monetary settlement E. ○The SEC also separately charged two individual Och-Ziff executives in January 2017 F. ○Federal district court certified a class consisting of investors who had purchased Och-Ziff shares from February 2012 to August 2014 who had claimed Och-Ziff misled them about U.S. probes into its bribery in Africa G. ■$29 million settlement in October 2018 H. ■Reminder of collateral consequences of FCPA investigations

Securities Exchange Act of 1934 - Even Playing Field for Buying and Selling

E. ○Created the Securities and Exchange Commission. F. ○Empowers the SEC with broad authority over all aspects of the securities industry, including the power to register, regulate, and oversee brokerage firms, transfer agents, and clearing agencies as well as the nation's securities self-regulatory organizations (SROs) including the various securities exchanges, such as the New York Stock Exchange, the NASDAQ Stock Market, and the Chicago Board of Options as well as the Financial Industry Regulatory Authority (FINRA). G. ○Identifies and prohibits certain types of conduct in the markets and provides the Commission with disciplinary powers over regulated entities and persons associated with them. H. ○Empowers the SEC to require periodic reporting of information by companies with publicly traded securities.

FINRA Rule 3130. Annual Certification of Compliance and Supervisory Processes: (a) Designation of Chief Compliance Officer(s)

Each member shall designate and specifically identify to FINRA on Schedule A of Form BD one or more principals to serve as a chief compliance officer. (b) Annual Certification Requirement Each member shall have its chief executive officer(s) (or equivalent officer(s)) certify annually,1 as set forth in paragraph (c), that the member has in place processes to establish, maintain, review, test and modify written compliance policies and written supervisory procedures reasonably designed to achieve compliance with applicable FINRA rules, MSRB rules and federal securities laws and regulations, and that the chief executive officer(s) has conducted one or more meetings with the chief compliance officer(s) in the preceding 12 months to discuss such processes. (c)

Written Procedures (1) General Requirements

Each member shall establish, maintain, and enforce written procedures to supervise the types of business in which it engages and the activities of its associated persons that are reasonably designed to achieve compliance with applicable securities laws and regulations, and with applicable FINRA rules. (2) Review of Member's Investment Banking and Securities Business The supervisory procedures required by this paragraph (b) shall include procedures for the review by a registered principal, evidenced in writing, of all transactions relating to the investment banking or securities business of the member. (3) Reserved (4) Review of Correspondence and Internal Communications

Metrics: The "Case" for Metrics:

Wells Fargo Consent Order A. ▪Cross-selling B. ▪Unauthorized Deposit Accounts and Simulated Funding C. ▪1.5 million accounts opened with 85,000 incurring $2 million in fees D. ▪Unauthorized Credit Cards E. ▪500,000 card applications with 14,000 incurring $403,145 in fees F. ▪Unauthorized Enrollment into Online Banking Services G. ▪Unauthorized Debit Cards H. ▪Applicable Laws I. ▪Consumer Financial Protection Act of 2010 J. ▪FTC's UDAP becomes UDAAP K. ▪Unfair or Deceptive Acts or Practices L. ▪Unfair - causes or is likely to cause substantial injury to consumers and cannot be reasonably avoided by consumers and is not outweighed by countervailing benefits to consumers or competition M. ▪Deceptive - misleads or is likely to mislead the consumer and the consumer interpretation is considered reasonable under the circumstances and is material N. ▪Unfair or Deceptive or Abusive Acts or Practices O. ▪Abusive -- Materially interferes with the ability of a consumer to understand a term or condition of a consumer financial product or service. Takes unreasonable advantage of a lack of understanding on the part of the consumer of the material risks, costs or conditions of the product or service. The inability of the consumer to protect the interests of the consumer in selecting or using a consumer financial product or service. The reasonable reliance by the consumer on a covered person to act in the interests of the consumer. P. ▪Privacy Q.


संबंधित स्टडी सेट्स

APUSH Chapter 7,8 learning curve

View Set

Legal Enviornment of Business Final Exam Review

View Set

APUSH unit 4- chrome-extension://bpmcpldpdmajfigpchkicefoigmkfalc/views/app.html

View Set

Chapter 1 - The Sciences of Anatomy & Physiology

View Set

Ch. 31 - Assessing Children and Adolescents

View Set