Risk Management Presentation March 11 2013

Page |1
International Association of Risk and Compliance Professionals (IARCP)

1200 G Street NW Suite 800 Washington, DC 20005-6705 USA Tel: 202-449-9750 www.risk-compliance-association.com
Top 10 risk and compliance management related news stories and world events that (for better or for worse) shaped the week's agenda, and what is next
Dear Member,
Who leads the world in its implementation of Basel I II ?

According to Wayne Byres, Secretary General, Basel Committee on Banking Supervision, Asia!
I would also like to acknowledge that the Asian region leads the world in its implementation of Basel I I I . But he continues: Goldilocks explored the bears house, testing the porridge, the chairs and the beds until she found things that she thought were just right What? Goldilocks explored the bears house? Oh, no, Goldilocks is not covered in our Basel iii course. I t could be important. Bears house? He means Russia? No, no, it has nothing to do with the cold war. Lets learn more Google Search Goldilocks:
I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com
Page |2
In 1837 Robert Southey published "The Story of the Three Bears".

In Southey's tale, three anthropomorphic bears "a Little, Small, Wee Bear, a Middle-sized Bear, and a Great, Huge Bear" live together in a house in the woods. Southey describes them as very good-natured, trusting, harmless, tidy, and hospitable. Each bear has his own porridge bowl, chair, and bed.
One day they take a walk in the woods while their porridge cools.
An old woman (who is described at various points in the story as impudent, bad, foul-mouthed, ugly, dirty and a vagrant deserving of a stint in the House of Correction) discovers the bears' dwelling. She looks through a window, peeps through the keyhole, and lifts the latch. Assured that no one is home, she walks in. The old woman eats the Wee Bear's porridge, then settles into his chair and breaks it. Prowling about, she finds the bears' beds and falls asleep in Wee Bear's bed. The climax of the tale is reached when the bears return. Wee Bear finds the old woman in his bed and cries, "Somebody has been lying in my bed, and here she is!" The old woman starts up, jumps from the window, and runs away never to be seen again.
Page |3
Twelve years after the publication of Southey's tale, Joseph Cundall transformed the antagonist from an ugly old woman to a pretty little girl in his Treasury of Pleasure Books for Young Children.
The little girl saw a succession of names, including Goldilocks. Here is where Basel iii comes in, when the old ugly lady (Basel 2) becomes a pretty girl (Basel 3) Disclaimer: This is how I understood it But yes, Wayne Byres, Secretary General of the Basel Committee on Banking Supervision said: Goldilocks explored the bears house, testing the porridge, the chairs and the beds until she found things that she thought were just right.
It is encoded!!! Pillar 2, confidential. Lets break it.

Goldilocks (Basel 3) explored the bears house (Bear Stearns and other banks), testing the porridge (internal models, the butter and porridge on the bread of consultants), the chairs (fit and proper for the board and senior management) and the beds (bonuses) until (it will take until 2019 to test everything) she found things that she thought (in Basel we have realistic assumptions, not facts) were just right (final Basel iii implementation, ready for Basel iv) You can learn more (about the speech, not Goldilocks, at N umber 3 of our list below
Welcome to the Top 10 list.
Page |4
The UK Prudential Regulation Authority (PRA)

On 1 April 2013 the Prudential Regulation Authority (PRA) will become responsible for the prudential regulation and supervision of banks, building societies, credit unions, insurers and major investment firms. In total the PRA will regulate around 1,700 financial firms. The PRAs role is defined in terms of two statutory objectives to promote the safety and soundness of these firms and, specifically for insurers, to contribute to the securing of an appropriate degree of protection for policyholders.
Semiannual Monetary Policy Report to the Congress

Speech by Mr Ben S Bernanke, Chairman of the Board of Governors of the Federal Reserve System, before the Committee on Banking, H ousing, and Urban Affairs, US Senate, Washington DC
Wayne Byres, Secretary General Basel Committee on Banking Supervision
SIMPLICITY, RISK SENSITIVITY AND COMPARABILITY: THE REGULATORY BALANCING ACT

BCBS-EMEAP-FSI High-Level Meeting, Seoul, Korea
Page |5
Protecting Investors through Reliable Audits

Jeanette M. Franzel, Board Member Wayne State University, George R. Husband Distinguished Lecture Series, Detroit, M I The creation of the PCAOB ended more than 100 years of self-regulation by the public accounting profession in the U.S., and established the Board's regulatory framework for firms that conduct audits of companies whose securities trade on the U.S. markets.
Council of the European Union Basel I I I in Europe CRD4
Irish Presidency reaches breakthrough on new rules for stronger EU banks

The I rish Presidency has reached a breakthrough in talks with the European Parliament on an overhaul of banking rules increasing EU financial stability.
Update on Measures to Address Unrecorded Financial Flows

Bank Negara Malaysia would like to provide an update on measures that have been undertaken by members of a High Level Multi-Agency Special Task Force (Task Force) to reduce illicit financial flows.
Page |6
PCAOB Issues Report on 2007-2010 Inspections of Domestic Firms that Audit 100 or Fewer Public Companies
Washington, D.C. The Public Company Accounting Oversight Board today released a report summarizing inspection observations identified in the 2007 through 2010 inspections of U.S. firms that audited 100 or fewer public companies.
Remarks by Thomas J. Curry

Comptroller of the Currency Before the National Association of Attorneys General Washington, DC
NIST Solicits Views, Ideas from Stakeholders for Cybersecurity Framework for Critical Infrastructure
The National I nstitute of Standards and Technology (NIST) issued a Request for Information (RFI) in the Federal Register as its first step in the process to develop a Cybersecurity Framework, a set of voluntary standards and best practices to guide industry in reducing cyber risks to the networks and computers that support critical infrastructure vital to the nation's economy, security and daily life.
Page |7
CRD IV FSA refreshed statement regarding CRD IV implementation

The original proposed deadline for entry into force of the draft European Union legislation to update the framework for capital requirements, known as CRD I V, has now passed. Negotiations between the European Parliament, European Commission and Council of Ministers to finalise the legislation are still underway.
Page |8
The UK Prudential Regulation Authority (PRA)

On 1 April 2013 the Prudential Regulation Authority (PRA) will become responsible for the prudential regulation and supervision of banks, building societies, credit unions, insurers and major investment firms. In total the PRA will regulate around 1,700 financial firms. The PRAs role is defined in terms of two statutory objectives to promote the safety and soundness of these firms and, specifically for insurers, to contribute to the securing of an appropriate degree of protection for policyholders. In promoting safety and soundness, the PRA will focus primarily on the harm that firms can cause to the stability of the UK financial system. A stable financial system is one in which firms continue to provide critical financial services a precondition for a healthy and successful economy. The PRA will make forward-looking judgements on the risks posed by firms to its statutory objectives. Those institutions and issues which pose the greatest risk to the stability of the financial system will be the focus of its work. The PRA was created by the Financial Services Act (2012) and will be part of the Bank of England.
Page |9
It will have close working relationships with other parts of the Bank, including the Financial Policy Committee and the Special Resolution Unit.
The PRA will work alongside the Financial Conduct Authority (FCA) creating a twin peaks regulatory structure in the UK. The FCA will be a separate institution and not part of the Bank of England. The FCA will be responsible for promoting effective competition, ensuring that relevant markets function well, and for the conduct regulation of all financial services firms. This includes acting to prevent market abuse and ensuring that consumers get a fair deal from financial firms. The FCA will operate the prudential regulation of those financial services firms not supervised by the PRA, such as asset managers and independent financial advisers. Prior to 1 April 2013, the Financial Services Authority (FSA) will continue to be responsible for prudential and conduct regulation in the UK. The Bank of England will have a responsibility for financial stability, based on an amended statutory objective to protect and enhance the stability of the financial system of the United Kingdom. And, in support of this objective, the Financial Policy Committee (FPC) will be established within the Bank, charged with identifying, monitoring and taking action to remove or reduce systemic risks.
The FPC, which already exists in interim form, will be able to make recommendations and give directions to the PRA and the FCA on specific actions that should be taken in order to achieve the FPCs objectives.
P a g e | 10
Sourse: Andrew Bailey, Executive Director of the Bank of England and Managing Director of the Financial Services Authoritys Prudential Business Unit, and Sarah Breeden and Gregory Stevens of the Banks PRA Transition Unit
P a g e | 11
P a g e | 12
The letter
Dear
Latest update as we transition to the Prudential Regulation Authority (PRA)

This letter gives you more information on what you need to do to be ready for legal cutover (LCO) on 1 April 2013. The PRAs approach to supervision was outlined in the two approach documents one for insurers and one for deposit-takers and investment firms. We will publish revised versions of these documents at LCO, and thereafter the documents will act as standing references for firms on the PRAs supervisory approach, key PRA policies, and how we intend to meet our statutory objectives. Below is an overview of the key messages from the approach documents:
- The PRA will have two statutory objectives to promote the safety and soundness of firms and specific to insurers, to contribute to securing an appropriate degree of protection for policyholders.
A stable financial system, that is resilient in providing the critical financial services the economy needs, is a necessary condition for a healthy and successful economy. - The PRA will not operate a zero-failure regime. The PRA will, however, seek as far as possible with resolution arrangements in place, to ensure that any firms that fail do so in a way that avoids significant disruption to the supply of critical financial services, including an acceptable degree of continuity of cover for policyholders; and
P a g e | 13
- The PRAs approach to supervision will be clearly based on judgement rather than narrowly rules-based, Supervisory judgements will be forward-looking, taking into account a wide range of possible risks to the PRAs objectives.
The approach documents can be accessed via the FSA website: Banking http:/ / www.fsa.gov.uk /static/ pubs/other/pra-approach-banking.pdf Insurance http:/ / www.fsa.gov.uk /static/ pubs/other/pra-approach-insurance.pdf In December 2012, I gave a short interview entitled A new approach to financial supervision: the Prudential Regulation Authority which can be viewed here: http:/ / www.youtube.com/ watch?v=yJDp1XY3DJM The following is an update on certain aspects of the transition where we can now provide greater clarity.
1. Changes in policy Individual Guidance

The PRA will have a different regulatory and supervisory focus than the FSA, including a new set of objectives and a different approach to supervision, as set out in the approach documents. This means that guidance previously issued to firms by FSA supervisors to individual firms will not have been issued with PRA aims and objectives in mind. Therefore, apart from the four categories listed below, FSA individual guidance will not automatically be permanently transitioned or confirmed by the PRA. Guidance to be transitioned
P a g e | 14
The following four categories of individual guidance will be automatically transitioned at LCO:
1.Individual Capital Requirements Guidance, including capital planning buffers for banks and capital guidance issued to insurers 2. Individual Liquidity Guidance 3.Individual guidance given by the FSA that enables a firm to move from a higher proportionality tier to a lower proportionality tier as provided for in the FSAs General Guidance on Proportionality: The Remuneration Code (SYSC 19a) & Pillar 3 disclosures on remuneration (BIPRU 1 1) 4. Guidance on the completion and submission of Regulatory Returns
Other Guidance
Firms should review all individual guidance and their associated behaviour in accordance with such guidance and assess the appropriateness of that behaviour in line with the PRAs statutory objectives. Firms should in many cases be able to do this by exercising judgement and without consulting the PRA. Firms should document this review. In certain cases, firms may wish to request that the PRA (FSA until LCO) review items of FSA individual guidance which are: 1.Not included in the categories identified above; and
2.Where the firm wishes the PRA to explicitly consider and confirm whether behaviour or actions in line with that guidance will remain appropriate in the PRA.
This is not an opportunity to request that all previously issued individual guidance should be retained.
P a g e | 15
Between now and 30 September 2013, firms may submit a list of those items of individual guidance which they wish the PRA to review, together with their own assessment of whether the behaviour or actions set out in the guidance would contribute towards the advancement of the PRAs objectives.
Relationship managed firms should submit requests for review to their supervisor, and non-relationship managed firms should submit them to the Customer Contact Centre at email address fcc@fsa.gov.uk until 2 April 2013 and the PRA firm enquiries at email address PRA.Firmenquiries@bankofengland.co.uk from 2 April 2013 onwards. Firms will be able to continue to rely on guidance referred for review until the PRA reaches a decision on whether the guidance remains appropriate or otherwise. Supervisors will confirm the timetable for the review following the submission of the firms list; reviews will be completed no more than 18 months after LCO. Our judgement and any resulting response that we give to a firm will focus on the advancement of the PRAs objectives. Any guidance that is not referred to the PRA for review will cease to have any status as formal PRA individual guidance from 30 September 2013. This does not mean that firms should automatically change their behaviour. If firms deem that their behaviour is appropriate, they should continue to act in that way.
If firms decide to alter their behaviour, now or in the future, they should discuss this with their supervisor, in line with Principle 1 1.
This approach to individual guidance does not change recent assessments of the risks that we see as being posed by a firms business.
P a g e | 16
In particular, we still expect Risk Mitigation Plan points (reflecting the FSAs objectives) outlined in previous ARROW letters to be concluded, where we judge that they will contribute to advancing the PRAs objective.
Existing waivers will also be automatically transitioned to the PRA.
Threshold Conditions
The existing FSA Threshold Conditions will be replaced in their entirety by the Threshold Conditions being introduced by HM T via secondary legislation pursuant to the Financial Services Act 2012. The Threshold Conditions in the order that has been laid before parliament are essentially in the form H MT consulted on in October 2012. The new conditions will take effect at the same time as the rest of the amendments to FSMA are introduced, on 1 April 2013, for both existing authorised firms and all in-flight cases. The Financial Services and Markets Act (Threshold Conditions) Order 2013, as laid before parliament, can be viewed at: http:/ / www.legislation.gov.uk /ukdsi/ 2013/97801 1 1533802/ pdfs/ ukdsi_ 978011 1533802_en.pdf
2. Interaction with the PRA PRA web presence

A new web page for the PRA is now available on the Bank of England website at www.bankofengland.co.uk/ pra This will be the web address that firms should use from LCO. At this stage firms can find a brief introduction to the PRA on the website.
P a g e | 17
Corporate information About the PRA will be added and pages on policy and PRA news and events will be published.
The core operational information on authorisations and supervision will be published at LCO.
Firms are welcome to send feedback including comments and ideas about the PRA web presence to pra.webcontent@bankofengland.co.uk.
Firm Enquiries
The October 2012 approach documents explained that firms who do not have a dedicated supervision team should use the Firm Enquires Function as their first point of contact with the PRA. The PRA Firm Enquiries will be operational from 2 April 2013 and its contact details are: Telephone number 020 3461 7000 (operating hours 9:00 17:00) Email PRA.Firmenquiries@bankofengland.co.uk The FSA contact centre must be used for all enquiries up to 2 April 2013. However, during March some calls to the contact centre will be transferred to the PRAs Firm Enquiries, in preparation for taking firms enquiries at LCO.
P a g e | 18
3. Publication of the PRA Handbook

As previously stated, at LCO, certain provisions from the FSA Handbook will be split between the FCA and the PRA. Two new Handbooks will be created: one for the PRA and one for the FCA. Most provisions in the FSA Handbook will be incorporated into the PRAs Handbook, the FCAs Handbook, or both, in line with each new regulators set of responsibilities. The intention is to publish the PRA H andbook in March 2013. After LCO, the PRA will amend its own suite of policy material as an independent body in accordance with the processes laid down in the Financial Services Act 2012, including cooperation with the FCA and external consultation.
4. Enforcement Consultation
We published the consultation on the PRA's approach to enforcement, including proposed statutory statements of policy and procedure, on 20 December 2012. The consultation is on the FSA website, we welcome any comments on the proposals by 28 February 2013. http:/ / www.fsa.gov.uk/library/policy/cp/ 2012/12-39.shtml Attached is a set of updated FAQs and additional information. Yours sincerely
P a g e | 19
FAQs on transition to the PRA

1. General questions
At what stage is the Financial Services Bill?
The Financial Services Bill received Royal Assent on 19 December 2012 and became the Financial Services Act 2012 (The Act). Some sections of The Act came into force on 23 J anuary 2013, in order to enable the Treasury to make secondary legislation, and to ensure that the new regulators can prepare for their respective roles post legal cutover. The rest of the provisions relating to the new regulatory regime will come into force on 1 April, the date designated for legal cutover to the new structure. The Act will be supported by secondary legislation and Treasury has consulted on a number of draft orders which will need to be made prior to legal cutover.
The orders detailing the new Threshold Conditions, allocating responsibility for making rules in relation to FSCS between the FCA and the PRA, amending certain mutuals legislation, determining which types of holding company the regulators new powers over qualifying parent undertakings apply to and specifying which regulated activities will be subject to the PRAs regulation have already been laid before Parliament and are expected to be approved by both houses by mid-March.
http:/ / www.legislation.gov.uk /ukdsi/ 2013/9780111533802/ pdfs/ ukdsi_ 978011 1533802_en.pdf
How will the PRA determine which investment firms should be designated for prudential regulation by the PRA?
We published a draft statement of policy on the designation of investment firms by the PRA in October 2012: http:/ / www.fsa.gov.uk /static/ pubs/cp/ boe-pra-cp.pdf
P a g e | 20
The policy statement and the firms to be designated by the PRA will be finalised ahead of legal cutover.
Should I continue to submit my return through GABRIEL?

The PRA will have its own data collection and quality assurance team the Regulatory Data Group - which will take over the PRA regulatory data related work previously undertaken by the FSAs Data Monitoring Team (the FSAs central data collection team). For firms who report regulatory data via GABRIEL there will be no change to this reporting and you will continue to use the GABRIEL system to report as you do now. GABRIEL will be operated by FCA. Firms are to continue to use their current URL and login details to access the system. The existing data items will remain with only minor changes to the wording. Any technical queries about the system should be raised with the FCA Contact Centre on 0845 606 9966 or email address fcc@fsa.gov.uk.
Where should I submit my firms email/ paper returns?

For firms who report regulatory data via email or in hard copy (paper) more detail of where to submit your returns will be provided on the PRAs internet site www.bankofengland.co.uk /pra soon. Where firms provide data directly to FSA supervisors or policy teams, you will continue to do so after LCO.
If, after LCO, you are unsure where to report data, please firstly check the PRAs internet site under the section on regulatory data or contact PRAs Firm Enquiries.
Contact details will be: Telephone number 020 3461 7000
P a g e | 21
Email PRA.Firmenquiries@bankofengland.co.uk
When will the PRA release further contact details/ new address?
Moves to 20 Moorgate are taking place in stages, having started in early January 2013. Below is a table listing the move dates for each division:
Supervisors will confirm outstanding contact details such as telephone numbers, email addresses and email addresses around their move dates. For firms with PGP encrypted keys, communication on new access codes will also be included.
Will the FCA and PRA have separate registers?

There will be one register maintained by the FCA. I t will be available to all firms, reflecting the position of both the PRA and the FCA.
Will I retain the same registration number?

Yes. Your FSA numbers will be carried across to the new Register.
Will there be a Practitioner Panel?

Yes. The PRA will establish a Practitioner Panel.
P a g e | 22
2. Authorisations and transitional arrangements

What will happen to our existing permissions and waivers?
Transitional arrangements for grandfathering existing provisions are dependent on secondary legislation. We are in discussion with H M Treasury, with a view to the legislation providing that existing Part I V permissions, controlled functions, passports, limitations and requirements are grandfathered without the need for a firm to take action. Exact details of grandfathering arrangements will be finalised once secondary legislation has been published. We also published more detail on transitional arrangements for approved persons, and on H andbook transitionals more generally, on 25 January in CP13 /3 http:/ / www.fsa.gov.uk/library/policy/cp/ 2013/13-03.shtml
What happens if we are applying for a new or varied permission or waivers over the period including LCO?
The PRA will ensure that applications to the FSA that are made before legal cutover but not determined until after legal cutover are transitioned to the appropriate regulator and made against the appropriate statutory tests. Exact details of in-flight authorisation arrangements will be finalised once secondary legislation has been published.
When will we know the final changes being made to the Approved Persons regime?
There is more detail on our approved person regime in our Approach Documents and in the consultation paper (CP12 /26) covering changes to the approved persons Handbook sections.
P a g e | 23
This paper can be accessed here: http:/ / www.fsa.gov.uk/library/policy/cp/ 2012/12-26.shtml Consultation for CP 12/26 closed on 7 December 2012, we are currently reviewing the proposals in light of responses to the consultation and expect the final PRA rules on approved persons to be made by the PRA Board at or around LCO, when other substantive changes to the Handbook will also be made, and accompanying Policy Statements issued.
Please see section 4 Policy Material below for more detail on finalising the PRA H andbook.
We also published more detail on transitional arrangements for approved persons on 25th January in CP13/3 http:/ / www.fsa.gov.uk/library/policy/cp/ 2013/13-03.shtml
Will the new threshold conditions be more specific?

H M Treasury has published indicative threshold conditions. Dual regulated firms will need to meet two sets of conditions, one set from the PRA and one set from the FCA. For the PRA there will be threshold conditions specific to insurers and threshold conditions for all other firms regulated by the PRA. http:/ / www.hm-treasury.gov.uk /d/ condoc_fin_regulation_draft_secon dary_leg.pdf
Will authorisation and the different approval processes take more or less time with the PRA?
The statutory time limit on authorisations in FSMA will remain unchanged after legal cutover. The PRA will report against statutory time limits.
P a g e | 24
Should I continue to use ONA after legal cutover?

Immediately after LCO, the ONA system will continue to be used for the submission of applications and notifications, with some minor changes to reflect that it will be owned by the FCA, but accessible to both regulators.
Will firms still be required to disclose who they are authorised and regulated by?
Yes. We have consulted on revised wording of this status disclosure and a proposed transitional, as part of consultation on Handbook changes. The paper can be accessed here: http:/ / www.fsa.gov.uk/library/policy/cp/ 2012/12-24.shtml
Will I be required to resubmit any information or notifications that are submitted just before LCO?
No. Any submissions or information received prior to LCO will not need to be resubmitted.
CP 13/3 outlines Handbook transitional provisions related to information submissions.
How will I know where to send information or notifications after LCO?

Where information or notifications are required under a rule, the appropriate submission details will be updated in the PRAs rules or on the PRA website. CP 13/3 sets out more information in relation to the transition of time limits and notification requirements in the rulebook.
3. Supervision
What is the PRA's approach to supervision?
P a g e | 25
The PRAs approach to supervision was outlined in the two PRA approach documents one for deposit-takers and investment firms, one for insurers initially published in October 2012 to facilitate scrutiny of the PRAs proposed approach as the Financial Services Bill passed through Parliament.
The documents also set out some key policy material for firms. We will publish updated versions at legal cutover, and thereafter the documents will act as standing references for firms on the PRAs supervisory approach, key PRA policies, and the PRAs statutory objectives.
When will my last FSA risk assessment visit be?

We are currently planning the transition from the FSAs risk assessment framework to the PRA framework. Firms will be notified of how their supervision will be transitioned to continuous assessment from the Regulatory Period previously indicated in an ARROW or Supervisory Assessment letter. The new Supervisory Assessment Framework will be a continuous assessment model, focusing on judgements about key risks to the PRAs objectives. For more detail refer to the Approach Documents.
When will I know which category my firm falls into?

A core part of the PRAs work will be to assess the significance of a firm to its objectives. With this in mind we have divided all firms into five categories of impact. Before LCO we will write to firms notifying them of their categorisation.
P a g e | 26
Will my firm still be required to comply with FSA Risk Mitigation Programme (RMP) items? What will happen to RMP?
We have streamlined the number of actions in the RMP and split them into conduct and prudential actions. Your supervisor will have communicated with your firm to confirm the outstanding RMP actions, and your firm is accountable to the relevant regulator for their resolution.
Who will be my PRA supervisor?

One of the major changes we made in 2012 was to establish prudential and conduct supervision teams for dual regulated firms. You should now be aware of your PRA supervisor. If you have not been allocated a supervisor you should continue to contact us through the FSA Contact Centre. At LCO the PRA will have its own Firm Enquires, contact details will be: Telephone number 020 3461 7000 Email PRA.Firmenquiries@bankofengland.co.uk
Will individual capital guidance and individual liquidity guidance still apply?
Both the individual capital guidance and individual liquidity guidance issued by the FSA to PRA-regulated firms will continue to apply.
How will European and other policy initiatives such as Solvency I I and CRD IV affect the PRAs supervision model?
Information about how the interaction of such initiatives will affect the PRAs approach will be made available as part of the implementation of these policies.
P a g e | 27
4. Policy material
How will the PRA issue policy material after LCO?
The PRA Approach Documents set out that the PRA will establish and maintain published policy material which is consistent with its objectives, clear in intent, straightforward in presentation and as concise as possible. As set out in our December letter, only a limited amount of FSA non Handbook guidance will be transferred to the PRA. In addition, the letter accompanying these FAQs sets out in detail our approach to FSA Individual Guidance and the action required by firms.
5. Fees and costs

Will the current fee structure be adopted by the PRA?
Firms current fees will see them through this fee period. For the first fee year under the PRA (expected to be 2013/ 14) the PRA fees structure will be based on adapting the current structure, making only the necessary changes to accommodate dual-regulation. These proposed changes are in the fees policy Consultation Paper (CP12 /28) http:/ / www.fsa.gov.uk /static/ pubs/cp/ cp12-28.pdf
How will fees be set next year?

For the first year under the PRA (expected to be 2013 /14) the PRA fees will be set to recover the annual funding requirement it needs to meet its statutory objectives. This funding requirement and the fee rates to recover will be included in the PRA fees rates Consultation Paper (CP) expected to be published in April 2013.
P a g e | 28
How is creating the PRA going to be paid for?

The fees that we charge firms fund the FSA and the transition work that we are doing for the new regulator. We have set out the regulatory reform costs in this years business plan. The Act makes provision for the PRA to recover, from the industry, the regulatory reform transition costs of the FSA and the Bank of England.
6. Co-ordination with the Financial Conduct Authority

On what basis will the Financial Conduct Authority (FCA) and the Prudential Regulation Authority (PRA) work together?
The draft Memorandum of Understanding (MoU) between the FCA and the PRA sets out a high level framework for how the two regulators will work together within the new regulatory system provided for by the Act. It will be vital that the two authorities pursue their own mandates, respecting the UKs Twin Peaks supervisory system. But it will also be essential that they coordinate activities in some areas, and cooperate in others. The MoU sets out these arrangements to help ensure they are effective and efficient. There will also be a separate MoU covering the specific issues raised by the joint regulation of with-profits insurance contracts.
Both the FCA and PRA are visiting us next year, how do you intend to separate the two areas?
The FCA and PRA are two different regulators looking at different aspects of the business, although there is a requirement to share information. Detail of the FCA and the PRAs assessments and expectations of firms are set out in the respective Approach Documents
P a g e | 29
7. Current & forthcoming publications

There are a variety of publications that firms should be aware of, including: - Banking - The Bank of England, Prudential Regulation Authority approach document to banking supervision http:/ / www.fsa.gov.uk /static/ pubs/other/pra-approach-banking.pdf - Insurance - The Bank of England, Prudential Regulation Authority approach document to insurance supervision http:/ / www.fsa.gov.uk /static/ pubs/other/pra-approach-banking.pdf - Designation of investment firms by the PRA - this document sets out how the PRA will exercise the powers that will be conferred under FSMA 2000, Order 201 (the draft Order). http:/ / www.fsa.gov.uk /static/ pubs/other/designation.pdf
Draft Memoranda of Understanding (MoU)

- Draft MoU between the FCA and the PRA http:/ / www.fsa.gov.uk /static/ pubs/mou/ fca_pra.pdf - Draft With-Profits MoU between the FCA and the PRA http:/ / www.fsa.gov.uk /static/ pubs/mou/ draft-with-profits.pdf - Draft MoU between the PRA and the FSCS http:/ / www.fsa.gov.uk /static/ pubs/mou/ fca_pra.pdf - Draft MoU between the HM T, Bank, PRA and FCA on international organisations
P a g e | 30
http:/ / www.hm-treasury.gov.uk /d/ fin_fs_bill_mou_international_organ isations_jan2012.pdf

- MoU between HM T, Bank (including the PRA) on financial crisis management http:/ / www.hm-treasury.gov.uk /d/ fin_fs_bill_mou_financial_crisis_ma nagement_jan2012.pdf
P a g e | 31
Semiannual Monetary Policy Report to the Congress

Speech by Mr Ben S Bernanke, Chairman of the Board of Governors of the Federal Reserve System, before the Committee on Banking, H ousing, and Urban Affairs, US Senate, Washington DC *** Chairman Johnson, Ranking Member Crapo, and other members of the Committee, I am pleased to present the Federal Reserves semiannual Monetary Policy Report. I will begin with a short summary of current economic conditions and then discuss aspects of monetary and fiscal policy.
Current economic conditions

Since I last reported to this Committee in mid-2012, economic activity in the United States has continued to expand at a moderate if somewhat uneven pace. In particular, real gross domestic product (GDP) is estimated to have risen at an annual rate of about 3 percent in the third quarter but to have been essentially flat in the fourth quarter. The pause in real GDP growth last quarter does not appear to reflect a stalling-out of the recovery. Rather, economic activity was temporarily restrained by weather-related disruptions and by transitory declines in a few volatile categories of spending, even as demand by U.S. households and businesses continued to expand.
P a g e | 32
Available information suggests that economic growth has picked up again this year.
Consistent with the moderate pace of economic growth, conditions in the labor market have been improving gradually. Since July, nonfarm payroll employment has increased by 175,000 jobs per month on average, and the unemployment rate declined 0.3 percentage point to 7.9 percent over the same period. Cumulatively, private-sector payrolls have now grown by about 6.1 million jobs since their low point in early 2010, and the unemployment rate has fallen a bit more than 2 percentage points since its cyclical peak in late 2009. Despite these gains, however, the job market remains generally weak, with the unemployment rate well above its longer-run normal level. About 4.7 million of the unemployed have been without a job for six months or more, and millions more would like full-time employment but are able to find only part-time work. High unemployment has substantial costs, including not only the hardship faced by the unemployed and their families, but also the harm done to the vitality and productive potential of our economy as a whole. Lengthy periods of unemployment and underemployment can erode workers' skills and attachment to the labor force or prevent young people from gaining skills and experience in the first place developments that could significantly reduce their productivity and earnings in the longer term.
The loss of output and earnings associated with high unemployment also reduces government revenues and increases spending, thereby leading to larger deficits and higher levels of debt.
The recent increase in gasoline prices, which reflects both higher crude oil prices and wider refining margins, is hitting family budgets.
P a g e | 33
However, overall inflation remains low.

Over the second half of 2012, the price index for personal consumption expenditures rose at an annual rate of 1-1/2 percent, similar to the rate of increase in the first half of the year. Measures of longer-term inflation expectations have remained in the narrow ranges seen over the past several years. Against this backdrop, the Federal Open Market Committee (FOMC) anticipates that inflation over the medium term likely will run at or below its 2 percent objective.
Monetary policy
With unemployment well above normal levels and inflation subdued, progress toward the Federal Reserves mandated objectives of maximum employment and price stability has required a highly accommodative monetary policy. Under normal circumstances, policy accommodation would be provided through reductions in the FOMCs target for the federal funds rate the interest rate on overnight loans between banks. However, as this rate has been close to zero since December 2008, the Federal Reserve has had to use alternative policy tools. These alternative tools have fallen into two categories. The first is forward guidance regarding the FOMCs anticipated path for the federal funds rate.
Since longer-term interest rates reflect market expectations for shorter-term rates over time, our guidance influences longer-term rates and thus supports a stronger recovery.
The formulation of this guidance has evolved over time.
P a g e | 34
Between August 2011 and December 2012, the Committee used calendar dates to indicate how long it expected economic conditions to warrant exceptionally low levels for the federal funds rate.
At its December 2012 meeting, the FOMC agreed to shift to providing more explicit guidance on how it expects the policy rate to respond to economic developments. Specifically, the December postmeeting statement indicated that the current exceptionally low range for the federal funds rate will be appropriate at least as long as the unemployment rate remains above 6-1/2 percent, inflation between one and two years ahead is projected to be no more than a half percentage point above the Committees 2 percent longer-run goal, and longer-term inflation expectations continue to be well anchored. An advantage of the new formulation, relative to the previous date-based guidance, is that it allows market participants and the public to update their monetary policy expectations more accurately in response to new information about the economic outlook. The new guidance also serves to underscore the Committees intention to maintain accommodation as long as needed to promote a stronger economic recovery with stable prices. The second type of nontraditional policy tool employed by the FOMC is large-scale purchases of longer-term securities, which, like our forward guidance, are intended to support economic growth by putting downward pressure on longer-term interest rates. The Federal Reserve has engaged in several rounds of such purchases since late 2008. Last September the FOMC announced that it would purchase agency mortgage-backed securities at a pace of $40 billion per month, and in December the Committee stated that, in addition, beginning in January it would purchase longer-term Treasury securities at an initial pace of $45 billion per month.
P a g e | 35
These additional purchases of longer-term Treasury securities replace the purchases we were conducting under our now-completed maturity extension program, which lengthened the maturity of our securities portfolio without increasing its size.
The FOMC has indicated that it will continue purchases until it observes a substantial improvement in the outlook for the labor market in a context of price stability. The Committee also stated that in determining the size, pace, and composition of its asset purchases, it will take appropriate account of their likely efficacy and costs. In other words, as with all of its policy decisions, the Committee continues to assess its program of asset purchases within a cost-benefit framework. In the current economic environment, the benefits of asset purchases, and of policy accommodation more generally, are clear: Monetary policy is providing important support to the recovery while keeping inflation close to the FOMCs 2 percent objective. Notably, keeping longer-term interest rates low has helped spark recovery in the housing market and led to increased sales and production of automobiles and other durable goods. By raising employment and household wealth for example, through higher home prices these developments have in turn supported consumer sentiment and spending. Highly accommodative monetary policy also has several potential costs and risks, which the Committee is monitoring closely. For example, if further expansion of the Federal Reserves balance sheet were to undermine public confidence in our ability to exit smoothly from our accommodative policies at the appropriate time, inflation
P a g e | 36
expectations could rise, putting the FOMCs price-stability objective at risk.

However, the Committee remains confident that it has the tools necessary to tighten monetary policy when the time comes to do so. As I noted, inflation is currently subdued, and inflation expectations appear well anchored; neither the FOMC nor private forecasters are projecting the development of significant inflation pressures. Another potential cost that the Committee takes very seriously is the possibility that very low interest rates, if maintained for a considerable time, could impair financial stability. For example, portfolio managers dissatisfied with low returns may reach for yield by taking on more credit risk, duration risk, or leverage. On the other hand, some risk-taking such as when an entrepreneur takes out a loan to start a new business or an existing firm expands capacity is a necessary element of a healthy economic recovery. Moreover, although accommodative monetary policies may increase certain types of risk-taking, in the present circumstances they also serve in some ways to reduce risk in the system, most importantly by strengthening the overall economy, but also by encouraging firms to rely more on longer term funding, and by reducing debt service costs for households and businesses. In any case, the Federal Reserve is responding actively to financial stability concerns through substantially expanded monitoring of emerging risks in the financial system, an approach to the supervision of financial firms that takes a more systemic perspective, and the ongoing implementation of reforms to make the financial system more transparent and resilient. Although a long period of low rates could encourage excessive risktaking, and continued close attention to such developments is certainly warranted, to this point we do not see the potential costs of the
P a g e | 37
increased risk-taking in some financial markets as outweighing the benefits of promoting a stronger economic recovery and more-rapid job creation.
Another aspect of the Federal Reserves policies that has been discussed is their implications for the federal budget. The Federal Reserve earns substantial interest on the assets it holds in its portfolio, and, other than the amount needed to fund our cost of operations, all net income is remitted to the Treasury.
With the expansion of the Federal Reserves balance sheet, yearly remittances have roughly tripled in recent years, with payments to the Treasury totaling approximately $290 billion between 2009 and 2012.
However, if the economy continues to strengthen, as we anticipate, and policy accommodation is accordingly reduced, these remittances would likely decline in coming years. Federal Reserve analysis shows that remittances to the Treasury could be quite low for a time in some scenarios, particularly if interest rates were to rise quickly. However, even in such scenarios, it is highly likely that average annual remittances over the period affected by the Federal Reserves purchases will remain higher than the pre-crisis norm, perhaps substantially so. Moreover, to the extent that monetary policy promotes growth and job creation, the resulting reduction in the federal deficit would dwarf any variation in the Federal Reserves remittances to the Treasury.
Thoughts on fiscal policy

Although monetary policy is working to promote a more robust recovery, it cannot carry the entire burden of ensuring a speedier return to economic health.
P a g e | 38
The economys performance both over the near term and in the longer run will depend importantly on the course of fiscal policy.
The challenge for the Congress and the Administration is to put the federal budget on a sustainable long-run path that promotes economic growth and stability without unnecessarily impeding the current recovery. Significant progress has been made recently toward reducing the federal budget deficit over the next few years. The projections released earlier this month by the Congressional Budget Office (CBO) indicate that, under current law, the federal deficit will narrow from 7 percent of GDP last year to 2-1/2 percent in fiscal year 2015. As a result, the federal debt held by the public (including that held by the Federal Reserve) is projected to remain roughly 75 per cent of GDP through much of the current decade. However, a substantial portion of the recent progress in lowering the deficit has been concentrated in near-term budget changes, which, taken together, could create a significant headwind for the economic recovery. The CBO estimates that deficit-reduction policies in current law will slow the pace of real GDP growth by about 1-1/2 percentage points this year, relative to what it would have been otherwise. A significant portion of this effect is related to the automatic spending sequestration that is scheduled to begin on March 1, which, according to the CBOs estimates, will contribute about 0.6 percentage point to the fiscal drag on economic growth this year. Given the still-moderate underlying pace of economic growth, this additional near-term burden on the recovery is significant. Moreover, besides having adverse effects on jobs and incomes, a slower recovery would lead to less actual deficit reduction in the short run for any given set of fiscal actions.
P a g e | 39
At the same time, and despite progress in reducing near-term budget deficits, the difficult process of addressing longer-term fiscal imbalances has only begun.
Indeed, the CBO projects that the federal deficit and debt as a percentage of GDP will begin rising again in the latter part of this decade, reflecting in large part the aging of the population and fast-rising health-care costs. To promote economic growth in the longer term, and to preserve economic and financial stability, fiscal policymakers will have to put the federal budget on a sustainable long-run path that first stabilizes the ratio of federal debt to GDP and, given the current elevated level of debt, eventually places that ratio on a downward trajectory. Between 1960 and the onset of the financial crisis, federal debt averaged less than 40 percent of GDP. This relatively low level of debt provided the nation much-needed flexibility to meet the economic challenges of the past few years. Replenishing this fiscal capacity will give future Congresses and Administrations greater scope to deal with unforeseen events. To address both the near- and longer-term issues, the Congress and the Administration should consider replacing the sharp, frontloaded spending cuts required by the sequestration with policies that reduce the federal deficit more gradually in the near term but more substantially in the longer run. Such an approach could lessen the near-term fiscal headwinds facing the recovery while more effectively addressing the longer-term imbalances in the federal budget. The sizes of deficits and debt matter, of course, but not all tax and spending programs are created equal with respect to their effects on the economy.
P a g e | 40
To the greatest extent possible, in their efforts to achieve sound public finances, fiscal policymakers should not lose sight of the need for federal tax and spending policies that increase incentives to work and save, encourage investments in workforce skills, advance private capital formation, promote research and development, and provide necessary and productive public infrastructure.
Although economic growth alone cannot eliminate federal budget imbalances, in either the short or longer term, a more rapidly expanding economic pie will ease the difficult choices we face.
P a g e | 41
Wayne Byres, Secretary General Basel Committee on Banking Supervision
SIMPLICITY, RISK SENSITIVITY AND COMPARABILITY: THE REGULATORY BALANCING ACT

BCBS-EMEAP-FSI High-Level Meeting, Seoul, Korea Before I begin my remarks today, I would like to thank the FSI and EMEAP for once again organising yet another excellent event in the series of H igh-Level Meetings in Asia. Prior to taking up my current role in Basel, I attended these events as an Australian bank supervisor, and always found them to be valuable opportunities for the exchange of ideas and views between the regions senior regulators and industry representatives. Although I am now based in another part of the world, I am very happy to be able to continue to participate and contribute to these discussions. I would also like to acknowledge that the Asian region leads the world in its implementation of Basel I I I .
The region has benefited from the development of strong banking systems supported by strong regulatory regimes.
Furthermore, many of you have recognised Basel I I I as a minimum, and have adopted local practices that impose additional requirements to deal with local risks. The result is healthy banking systems that are well equipped to support economic growth, not least by stepping into the gap created by the constraints faced by many banks in other parts of the world.
P a g e | 42
Finding the right balance

I am sure that many of you know the story of Goldilocks and the three bears. In it, Goldilocks explored the bears house, testing the porridge, the chairs and the beds until she found things that she thought were just right. When I took up my role in Basel, a friend suggested I had a Goldilocks job. By this he meant that my task was to take a range of competing objectives, and find some middle ground that was just right. In an international policymaking context, that implies policies that are: comprehensive, yet simple; strong, but not burdensome;
risk-based, yet easy to understand and compare;

flexible and adaptable, yet consistently applied; suitable for normal times, but founded on the lessons from crises; built on consensus, but also on the broadest possible engagement; and utilising appropriately the relative strengths of both regulation (rules) and supervision (oversight). With such a multidimensional set of trade-offs, finding the optimal point for any given set of regulatory proposals is inevitably very difficult. In the case of Basel I I I , the Committee sought a suitable minimum amount of capital that was just right not so little that the financial system remained susceptible to the weaknesses revealed in 200708, but
P a g e | 43
not so much that banks could not perform their important economic functions.
The Committee also needed to improve the way that the adequacy of capital was measured so that it appropriately recognises the materially different magnitudes of risk within individual bank balance sheets, but at the same time provides an overall measure of soundness that investors can compare across banks. And, recognising that the Basel framework is the global standard for bank capital, the Committee needed something that was suitable for internationally active banks our core constituency but could also be applied more broadly.
Capital requirements adequate and comparable

Regulatory capital requirements do many things, but at their heart they must achieve two fundamental objectives: ensure banks have an adequate level of capital (ie relative to their risk profile); and provide a measure of capital that is comparable over time and between banks. The first of these objectives adequacy is an obvious goal, but failure to achieve the second comparability undermines confidence that the first is being achieved. Since we are dealing with institutions that have a business model founded on confidence, the importance of comparability should not be underestimated. During the recent crisis, questions began to be asked about the reliability of risk-based capital ratios as an indicator of bank health. In my view, there were three factors which served to undermine confidence in the risk-based measure of capital:
P a g e | 44
the regulatory capital base included capital instruments that were not truly loss-absorbing financial markets increasingly discounted these;
the regulatory capital base in some countries filtered out (ie ignored) some unrealised losses that banks had incurred financial markets wanted to account for these; and risk-weighted asset calculations had become complex and opaque, making them difficult for external investors to understand financial markets became confused by these.
In other words, questions were legitimately being asked about whether capital was both adequate and comparable.
The questions related to both the numerator and the denominator of the regulatory measure. The reforms contained in Basel I I I largely deal with these first two items. Basel I I I raises the minimum quantity of truly loss-absorbing capital by many multiples. It also improves the quality of that capital by eliminating quasi-capital instruments, and certain other assets, that proved of limited value in times of stress (indeed, investors in some of these instruments, rather than providing a source of support, had to be bailed out themselves!). In addition, by removing prudential filters and forcing banks to recognise unrealised losses on fair value assets, capital ratios will be more credible by better reflecting the true capacity of a bank to absorb further losses at any given point in time.
Having substantially simplified and improved the numerator of the capital ratio, the Committees attention is now turning to concerns about the risk-weighting framework:
it is said by some to be too complex and difficult to understand, and that something simpler (indeed, some say simple) would be better; and
P a g e | 45
it is said by some to provide too much flexibility on how risk should be measured, making it difficult to compare reported capital ratios.
These concerns are closely related although that does not mean less complexity and less flexibility always lead to more comparability.
Complexity and flexibility

International banks are complex organisations. Today, not even traditional lines of business, such as retail and commercial banking, are simple businesses to run, if they ever were. Capturing the risk profile of these businesses in a single measure of financial soundness is extremely difficult. The complexity in the capital framework largely comes from the decision to allow banks to use their own internal models to measure risk, the major innovation contained in Basel I I. Although internal models had already been part of the regulatory framework for a decade, this was only for a relatively small area of activity. Basel I I provided the capacity to do this for the biggest risk most banks face the credit risk within their loan books. While, of course, banks were required to jump a large number of hurdles in relation to model specification and validation before they could use their own models the new framework did move banks away from the one model fits all approach that was at the core of Basel I. The primary objective behind this important step was to better align capital with underlying risks. Regulatory requirements create incentives; Basel I I attempted to align those incentives much more closely with economic reality than was the case in Basel I.
P a g e | 46
In this respect, Basel I I s goal can be thought of as promoting both capital adequacy and capital efficiency.
Properly applied, banks capital requirements could be much more responsive to the underlying risks they were taking; low-risk banks would benefit by not being burdened with unnecessary capital requirements, and those with higher risk profiles would need to hold additional capital commensurate with the risks they are exposed to. To put it another way, Basel I I sought to better distinguish between highand low-risk banks, and it required higher-risk banks to operate with lower levels of leverage than their low-risk peers. But as anyone knows who has built, supervised or just tried to understand internal risk models within a bank, they are not simple. They are, of course, a simplification of the real world, but that is not much of a consolation since the real world is extremely complex. The difficulty is that, if models are oversimplified, they do not produce risk measures that reflect reality. But if made too complex, hardly anyone can say whether they produce realistic risk measures or not! And by allowing a degree of flexibility for banks to model risks as they see them, we make it more difficult to achieve comparability. Getting it just right therefore requires careful judgement.
Comparability
Basel I I was undoubtedly a major improvement in the conceptual soundness of the capital measurement process. It also created important incentives for banks to refine and improve their risk models, and to avoid high correlations between risk management methods which could have detrimental implications for financial stability.
P a g e | 47
These benefits should not be lightly dismissed, but there are now concerns that the way in which models are currently used hinders comparability, since users of information cannot understand the impact that modelling choices have on the resulting capital requirements.
The Committee therefore needs to ensure that this additional risk sensitivity is not, as a result of its complexity, undermining the overall regime by making comparison too difficult for all but supervisory experts (and maybe even for the experts too!). But before we revert to a simpler measurement methodology, we need to be sure that it would really be more comparable. Comparability has two basic dimensions: between banks at a given point in time; and for a given bank, over a period of time. Any standardised approach will necessarily be blunt. It will be simpler to understand than an internal model, but that is because it will necessarily make many assumptions. These assumptions will mean risk can be incorrectly measured. They will also mean that changes in a banks risk profile can go undetected. Take the example of the leverage ratio. It will not distinguish between two similarly sized banks even if one holds a large portfolio of high-quality sovereign exposures, and the other a large portfolio of highly leveraged loans for property development. Nor will it show any response if a bank switches its balance sheet from one of those portfolios to the other over time.
P a g e | 48
A leverage ratio measures exactly what it says the degree of leverage on a banks balance sheet.
For this purpose, it is perfectly suited. That does not necessarily make the most useful measure for judging the adequacy of a banks capital base. Risk-based regimes seek to respond to this problem by introducing greater risk sensitivity.
But even with the standardised approaches in the Basel framework, there are limits to what can be achieved.
The risk-based framework would respond, via changes in the reported capital ratio, to the situations I have mentioned above. It would not, however, necessarily respond at a more detailed level for example, it does not meaningfully distinguish between portfolios of low loan-to-value ratio (LVR), full documentation, amortising mortgage loans, and high LVR, interest-only, self-certified mortgage loans. Only with additional complexity can we take greater account of the multifaceted risks within a banks loan book. However, as the framework becomes more and more risk-sensitive in judging capital adequacy, it may no longer be the best means of monitoring, comparing and controlling overall leverage. For these reasons, Basel I I I utilises both a risk-based capital ratio and a non-risk-based leverage ratio to provide complementary measures of capital adequacy and leverage. Both ratios serve their individual purposes: one a measure of capital relative to risk; the other a measure of overall leverage.
P a g e | 49
The two measures can also be compared with each other, providing additional information that would not be readily available from either measure on its own.
Improving comparability
The inclusion of the leverage ratio in Basel I I I does not remove the need to further review the comparability of the risk-based regime. To borrow from Winston Churchill, however beautiful the strategy, you should occasionally look at the results. The Committee has been conscious of this issue for some time, and over the past year it has been exploring the issue from both a bottom-up and top-down perspective. With regard to the concerns about the comparability of model-based risk-weighted asset calculations, the Committee has established two workstreams; one to look at the consistency of calculations in relation to the trading book and another parallel stream for the banking book.
This work has examined publicly available data for a selection of large banks across multiple jurisdictions, as well as asking a number of banks to provide risk measures for a series of hypothetical portfolios.
The outcome of this work has been supplemented with a series of meetings with individual banks by an international team of supervisory experts, with the aim of providing greater understanding of the reasons behind different results. The trading book review was published at the end of January , and I will focus my comments on it today. The results of the banking book work will be released in the coming months.
P a g e | 50
The trading book review found that it is reasonable for investors to complain that they find current risk disclosures opaque the Committees analysis found the same thing!
Current disclosures were not adequate for external parties to be able to judge whether movements in modelled risk-weighted assets over time, or between banks, were due to underlying differences in risk, or for other reasons. That there is variability in results between banks should not surprise.
It is inevitable, and indeed desirable, in any model-based framework that there be some.
What was possibly surprising, however, was that regulatory and supervisory decisions were producing a non-trivial proportion of the variability: contrary to the initial hypothesis of many, it did not arise solely from giving banks too much freedom to model risk. Around a quarter of the variability was due to one single factor: the use of supervisory multipliers, which are applied as an incentive for banks to improve their models and risk management systems. There are two other points worth noting from the trading book analysis: The variability driven by supervisors (due to the use of multipliers, or by restricting modelling choices) will almost invariably increase capital requirements relative to what they might otherwise be. In other words, some of the variability is due to some banks being held to a higher standard than the Basel minimum requires.
This improves the adequacy of capital resulting from internal models but, due to the fact that some supervisory discretion is not disclosed, reduces comparability.
The outcomes produced by banks were benchmarked to a risk model produced by the team of supervisory experts conducting the analysis.
P a g e | 51
The output of this model was broadly consistent with the average of the results being produced by banks.
Although the analysis is necessarily limited to the sample of banks and by the simple portfolios used, there was no evidence to suggest that the banks modelling efforts systematically under-estimated risk (and hence the adequacy of capital requirements) across the group as a whole. Nonetheless, even after allowing for supervisory decisions, bank modelling practices were the primary driver of variability, and that variability makes comparability more difficult to achieve. Thankfully, the analysis showed that the bulk of this could be attributed to a relatively small set of modelling choices, giving the Committee some obvious areas to look at if it decides that variability should be reduced. I will say more about this shortly. In parallel with this detailed analysis, the Committee has appointed a task force to look into the question of the simplicity and comparability of the regulatory framework from a top-down perspective. This task force has not been looking at specific issues of detail, but instead is approaching the issue from a more conceptual perspective: what is the optimal trade-off between simplicity, risk-sensitivity and comparability? The task force found that there are many drivers of complexity in the regulatory framework, and that the greater focus on the risk sensitivity of capital measures is just one of them. Others include the need to reflect developments in financial markets, integrate modern risk management practices, and respond to innovation. Nevertheless, the task force has highlighted a number of areas the Committee could consider if it wanted to rebalance the current framework to promote greater simplicity.
P a g e | 52
Getting the balance just right

The Committee is still considering what, if any, changes could to be made to the regulatory framework to enhance the comparability of risk-based capital ratios, bringing together the top-down strategic thinking of the task force with the bottom-up analysis of the teams examining the results of internal models. However, the potential means of enhancing comparability are likely to fall under three broad themes: Enhancing disclosure: I f current disclosure is inadequate to enable investors to understand changes in risk profile, then it makes sense to examine how disclosures can be improved. The Committee recently established a new Working Group on Disclosure, with a view to reconsidering existing Pillar 3 disclosure requirements, as well ideas proposed by groups such as the Enhanced Disclosure Task Force, to see whether they can be improved. That does not necessarily mean we will advocate ever-increasing levels of disclosure; it may be that less is more and that we can streamline disclosures and make them more useful at the same time. Making modelling more robust and consistent: To fully standardise internal models (ie to make them external models) would defeat some of their purpose: we would just be imposing a standard supervisory model on banks, and thereby imposing a single regulatory judgment on the best way to model risks. Thus, we would end up with a complex system, but without necessarily reaping any of the benefits that come from using internal models. The aim of this work therefore would not be to eliminate the use of models but, rather, to reinforce it. That is, to make models more robust and transparent, and to ensure that improved safeguards and backstops are in place.
P a g e | 53
Developing supplementary measures: Basel I I I already requires banks to disclose a risk-based ratio and a leverage ratio.
Following this approach, additional benchmarks could also be disclosed. For example, the current review of the trading book framework is currently considering industry feedback on a proposal to require banks to disclose capital requirements using both internal models and the standardised approach. All of these options have costs, and the Committee will need to consider them carefully. But the costs of a lack of confidence in bank capital ratios are likely to be substantial, so cost should not be a reason to immediately dismiss any ideas out of hand. Industry feedback on the merits of different solutions will be welcome.
Concluding remarks
In the post-crisis period, we have substantially strengthened the regulatory framework.
This is an important investment in the financial systems future resilience. While there have been complaints about the burden of reform, many studies show the cost-benefit trade-offs to be overwhelmingly positive. Much of this debate is now winding down: indeed, many countries including here in Asia now have the Basel I I I capital reforms in place, and their banking systems continue to perform well. It is important we press ahead to complete the reform agenda, particularly as there are signs that the banking industry is again shedding its inhibitions in its keenness to take advantage of improved market conditions.
P a g e | 54
Basel I I I substantially improved the adequacy of minimum capital requirements.

However, this work will be undone to some degree if counterparties and investors lose faith in the comparability of reported ratios. Much of the debate on this issue is focused on the role of internal models in the regulatory framework: do they help or hinder our understanding of banks financial soundness? It is stating the obvious to say that the faith placed in models has been dented by the events of the recent crisis. Reverting to simpler measures, however, does not necessarily produce comparable measures of a banks capacity to absorb the risks in its balance sheet. To do this well, some complexity is inevitable; indeed, it can be justified if it improves confidence in the adequacy and comparability of capital ratios.
P a g e | 55
Protecting Investors through Reliable Audits

Jeanette M. Franzel, Board Member Wayne State University, George R. Husband Distinguished Lecture Series, Detroit, MI It is my distinct pleasure to be here today as part of the George R. Husband Distinguished Lecture Series. It is impressive that former students and admirers of George R. H usband endowed an accounting professorship, several annual student scholarships, and this annual lecture series in his memory. Before I get started, I must tell you that the views I express today are my personal views and do not necessarily reflect the views of the Board, any other Board member, or the staff of the PCAOB. As you know, the PCAOB was created by the Sarbanes-Oxley Act of 2002 in response to numerous failures of the profession to fulfill its trusted role in corporate financial reporting and auditing when numerous financial reporting frauds and auditing failures caused a crisis of confidence in the integrity of the U.S. financial markets. The creation of the PCAOB ended more than 100 years of self-regulation by the public accounting profession in the U.S., and established the Board's regulatory framework for firms that conduct audits of companies whose securities trade on the U.S. markets. Many other countries also have realized the need for effective audit regulations and have formed audit regulatory regimes. Some of these countries have adopted audit regulatory regimes modeled, at least in part, on the Sarbanes-Oxley Act and the PCAOB. Today I will provide an update on the basic mission activities of the PCAOB in our four oversight areas registration, inspections,
P a g e | 56
enforcement, and standards. And as part of that discussion, I will detail the Board's progress in the areas of broker-dealer audits and international inspections.
Firms Registered with the PCAOB

The Sarbanes-Oxley Act and PCAOB rules require all U.S. and non-U.S. accounting firms to register with the Board if they prepare or issue audit reports or play a substantial role in preparing or issuing audit reports of issuers, brokers and dealers.
PCAOB-registered public accounting firms have been given an important role in the capital markets to provide assurance to investors and others that the audited financial statements fairly present the companies' or broker-dealers' financial results in conformity with applicable accounting and disclosure standards and rules. Registration is a significant oversight area for the Board.
Currently, about 2,360 firms are registered with the PCAOB, including about 910 non-U.S. firms located in 84 countries.
Not all PCAOB-registered firms regularly issue audit reports for issuers, but we inspect those approximately 750 firms, including more than 240 non-U.S. firms that do.
Additionally, approximately 90 registered firms do not regularly issue audit reports for issuers; however, they report that they play a substantial role in the audits of issuers. Together, these firms audit or play a substantial role in the audits of more than 9,700 U.S. issuer companies that have approximately $26.4 trillion in market capitalization. Furthermore, approximately 800 registered firms report that they audit brokers and dealers, including approximately 480 that report that they do not audit issuers.
P a g e | 57
Clearly, reliable financial statements play a key role in the financial markets, which are integral to the success and well-being of American households and businesses, the U.S. economy, and participants and stakeholders from around the world.
Inspection of PCAOB-Registered Firms

A second area of Board oversight is inspections. In PCAOB nomenclature, we have "annually inspected firms," those that audit more than 100 issuers and are inspected each year, and "triennially inspected firms," which are those that issue 100 or fewer audit reports each year and are subject to inspection at least every three years. PCAOB also inspects certain firms that audit broker-dealers under the Board's interim broker-dealer inspection program, which I will discuss in more detail later. During 2012, PCAOB inspected nine firms that audited more than 100 issuers in 2011.
We also completed 167 domestic firm triennial inspections and 77 non-U.S. firm triennial inspections.
For annually inspected firms, the PCAOB generally issued most of its completed 2011 inspection reports during the latter part of 2012, with some being issued in early 2013. The timing of our inspections reporting has been a challenge, and the Board is currently working to improve the timeliness of these reports. In terms of trends in findings, the number of serious audit performance deficiencies we reported spiked in our 2010 inspections, and remained high overall for the large firms in the 2011 inspections. Common areas where we found audit deficiencies included auditing revenue recognition, auditing fair value of hard-to-value financial
P a g e | 58
instruments, testing and evaluating internal controls, and the auditor's assessment of and response to fraud risk, among others.
On Feb. 25, 2013, the Board released a report summarizing observations identified in the 2007 through 2010 inspections of U.S.-based triennial firms. For these firms in particular, audit areas with frequent inspection findings included auditing related party transactions and auditing share-based payments and equity financing instruments, among others. The findings are serious, and represent deficiencies that are of such significance that it appeared that a firm, at the time it issued its audit report, had failed to obtain sufficient, appropriate audit evidence to support its audit opinion on the financial statements and/ or the opinion on internal control over financial reporting. These findings are reported in the public version of firms' inspection reports, which are available on the Board's website. A second category of inspection findings deal with criticisms identified in the firm's quality control system that, due to statutory restrictions, are not initially included in the public portion of the report. Quality control findings focus on issues that may have caused the audit performance deficiencies, as well as other aspects of the firm's management of its audit practice that could negatively impact audit quality. Some examples of areas of specific concern regarding quality control that appear in inspection reports include problems in the areas of professional skepticism, tone at the top of firm management, internal inspections, and firms' quality control processes related to specific aspects of auditing, such as testing and evaluating internal control over financial reporting, fair value, and other areas.
P a g e | 59
As the Sarbanes-Oxley Act provides, if a firm does not take satisfactory action to remediate quality control criticisms within 12 months of the inspection report, that portion of the report is also made public.
Remediation is a very important part of the process. It is through these actions that firms correct their quality control criticisms and drive improvements in audit quality. The Board encourages firms to initiate a dialogue with the Board's Inspections staff about how the firm intends to address the quality control issues. Based on the timing of the related remediation periods and the firms' efforts in those areas, it is reasonable to expect that firms should start to achieve significant improvements in their 2013 inspection results for those areas identified as problems during the 2010 and 2011 inspections. I think we will also see improvements in some firms' 2012 inspection reports, which will be issued this year.
Broker-Dealer Audit Oversight Program

The Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 authorized the Board to establish a program to inspect the auditors of brokers and dealers that are registered with the Securities and Exchange Commission. Congress decided to strengthen the regulatory oversight of securities industry auditors after the revelation of the Ponzi scheme operated out of Bernard L. Madoff I nvestment Securities.
The law leaves to the Board, subject to the approval of the SEC, important implementation decisions concerning the scope of the program and the frequency of inspections, including whether to differentiate among categories of brokers and dealers, and whether to exclude from the inspection program any categories of auditors.
P a g e | 60
There are approximately 4,400 brokers and dealers that filed audited financial statements with the SEC for fiscal periods ending during 2011.
The Board is currently conducting an interim broker-dealer audit inspection program, which has been in place for about 18 months, that will help us design a permanent broker-dealer audit inspection program. The Board issued its first report on the interim inspection program for audits of SEC-registered brokers and dealers on Aug. 20, 2012. The report, which is available on our website, details the findings from inspections of 10 audit firms and portions of 23 audits of securities brokers and dealers. PCAOB inspectors identified deficiencies in all of the audits inspected. Even with this small group of audits, the inspection results are disturbing. The deficiencies fell into three broad categories: (1)audit procedures over customer protection and net capital requirements, (2) audits of the financial statements, and (3) auditor independence. We inspected another 43 firms and portions of 60 audits during 2012, and will issue another report on those results in 2013. Unfortunately, we continue to find significant issues in this second batch of inspections. The Board's approach to establishing an inspection program for audits of brokers and dealers is focused on (1) how best to promote investor protection and
P a g e | 61
(2) how to create an efficient and effective regulatory scheme that appropriately addresses the diversity of audits of broker-dealers, weighing the differences in their risk profiles, and the costs and benefits involved.
In 2013, we will begin to work on the design for a permanent program of inspections of auditors of SEC-registered brokers and dealers. The interim inspection program will continue beyond 2013, until rules for a permanent inspection program take effect.
International I nspections and Oversight

Our international inspections and cooperation with foreign audit regulators continue to take on increasing importance. And while we inspect firms around the world that are affiliates of the large global networks, this is not just a big-firm phenomenon. Small U.S. audit firms are engaged - often as a subsidiary or component auditor - in both the audits of foreign private issuers from Europe, Asia, Latin America, Africa and elsewhere, as well as in audits of U.S. companies that operate in these parts of the world. In addition, small non-U.S. audit firms in Asia, Europe and elsewhere are registered with the PCAOB because they audit or wish to audit companies that have issued securities in the U.S. To date, the PCAOB has inspected audit firms in 40 non-U.S. jurisdictions. During 2012, almost one-third of the triennial inspections conducted by PCAOB inspection teams were for non-U.S. firms (77 of the 244 firms inspected). To facilitate these inspections, we have signed cooperative agreements with the audit regulators in 16 of those non-U.S. jurisdictions, including six in the European Union.
P a g e | 62
In the other jurisdictions where we inspect but do not have cooperative agreements, we do so because the local authorities have no objection to our conducting PCAOB-only inspections in their jurisdictions.
Unfortunately, PCAOB is currently blocked from inspecting - due to asserted legal conflicts or sovereignty issues - in 15 jurisdictions that have issuers whose securities trade in the U.S. These jurisdictions include China and certain countries in the European Union.
While we have not yet reached cooperative agreements with audit regulators in those jurisdictions, we continue to negotiate with them.
Our ongoing difficulties with inspecting audit work conducted in China, in particular, has received a lot of attention in the financial press due to the significance of the Chinese economy and the numerous financial reporting problems that have surfaced with respect to some Chinese companies listed on the U.S. markets, among other reasons. In particular, significant problems have surfaced regarding the financial statements of some Chinese companies that were audited by firms in China that the PCAOB has been blocked from inspecting. This has generated significant concern in the investor community about the quality of the audit practices and the accuracy of public disclosures of Chinese companies accessing the U.S. capital markets. Beginning in the latter part of 2010, approximately 67 China-based issuers have had their auditor resign, and 126 issuers have either been delisted from U.S. securities exchanges or "gone dark" meaning that they are no longer filing current reports with the SEC. Billions of dollars of market capitalization of such companies have been lost in U.S. securities markets, and it is fair to say that all China-based companies listed here have suffered serious losses of both market value and investor confidence as a result of the problems of other companies.
P a g e | 63
The PCAOB's inability to inspect the work of PCAOB-registered firms in China continues to create a gaping hole in investor protection.
Lately, however, we have been somewhat encouraged by some incremental progress in our negotiations with the Chinese authorities, including an agreement last year on guidelines that enabled us to send an inspection team to observe part of an inspection carried out by the Chinese audit regulator. We are continuing our efforts to establish a set of protocols that would provide for further cross-border cooperation with China in a manner consistent with our statutory mandate. If we are unable to reach agreement, we will have to make some important decisions about how best to protect investors.
Enforcement Activities I nvolving Firms and Individual Auditors

As for the Board's third oversight area, a strong enforcement function is essential to the Board's fulfillment of its investor protection mission.
To that end, the Board has been developing a robust, active enforcement program that seeks to identify potential cases of serious auditor misconduct, investigate them thoroughly and promptly, and litigate the resulting disciplinary actions.
The overriding goal is to ensure that auditors who commit serious violations of our audit standards face appropriate and real remedial or disciplinary consequences. The Division of Enforcement and I nvestigations carries out the Board's investigative and disciplinary authority. Under the Sarbanes-Oxley Act, the Board is authorized to investigate auditor conduct that may violate the laws, rules, or standards within the Board's jurisdiction.
P a g e | 64
The Board is further empowered to impose a range of remedial and disciplinary sanctions against registered accounting firms and associated persons who violate those laws, rules, or standards.
The Enforcement Division focuses its efforts on high-priority investigations involving significant investor protection considerations. Its matters arise from a number of sources, including Board inspections of registered firms, analysis conducted by the Board's Office of Research and Analysis, other regulators, public disclosures of restatements and auditor changes, news reports, and confidential tips. Our website has information on how to provide enforcement tips, referrals, and information on potential violations of law or PCAOB rules. PCAOB has been building its enforcement program since 2004 when the Board hired a director and started the tips and complaints center. In 2005, the Board announced its first four settlements and opened 17 formal investigations.
Since then, we have continued to build a fully functioning enforcement and investigations function.
The first adjudicated orders were publicly disclosed in 2009 and 2010. Then in 2011, the Board settled its largest case to date at that time, imposing censures and a $1.5 million penalty on PwC's I ndia affiliates for their audit failures concerning Satyam Computer Services. The Board coordinated its actions with the SEC's Division of Enforcement, which brought a parallel case against PwC's I ndia affiliate firms. During 2012, the Board issued eight settled disciplinary orders imposing sanctions on auditors ranging from censures to monetary penalties to bars against their association with registered accounting firms. Those sanctions covered four registered accounting firms and 1 1 associated persons.
P a g e | 65
In addition, the Board issued three adjudicated disciplinary orders after completing the administrative hearing process.
On Feb. 8, 2012, the Board issued a notable settled order regarding E&Y's audits of Medicis Pharmaceutical Corp. over three years and a related accounting consultation. The Board imposed a $2 million penalty against E&Y the largest monetary penalty imposed by the Board to date and imposed sanctions on four partners, including barring two from associating with registered accounting firms. Another significant aspect of this matter is that it started with a Board inspection finding about the same audit deficiencies that led to the enforcement order. To date, the Board has issued 56 publicly announced disciplinary orders in proceedings brought by the Enforcement Division. In these proceedings, the Board has imposed 42 sanctions on firms (including 27 revocations of registration) and 59 sanctions on individuals (including 50 bars or suspension). The Enforcement Division currently has more than 80 open informal inquiries, formal investigations, and non-public litigated proceedings in process. As I mentioned, the Board's disciplinary proceedings are, by law, non-public unless each party consents to public hearings. In the PCAOB's history, no respondent has ever consented to public proceedings. The confidential nature of our proceedings results in a number of unfortunate consequences for investor protection and the public interest. Among other things, we are unable to discuss the nature of our active disciplinary proceedings except in the most general of terms.
P a g e | 66
This process is not sufficiently informative to investors, audit committees, auditors, or others interested in understanding audit risks and challenges.
The non-public nature of our proceedings also provides an incentive for respondents to litigate matters regardless of whether they believe they ultimately will prevail, in order to delay public disclosure. Legislation, which I support, was introduced in the last Congress to make our proceedings open to the public, but it did not move forward.
I am hopeful that Congress will act to improve the transparency and efficiency of the Board's proceedings.
In addition to the other crucial functions of the Board's enforcement program, the Sarbanes-Oxley Act provides that penalties the Board collects in disciplinary proceedings are to be used to fund merit scholarships for students in accounting programs. The program was inaugurated in 2011.
Since then, the Board has used penalty funds collected in enforcement matters to award 95 scholarships of $10,000 each, for a total of almost $1 million in scholarships.
Auditing Standards
The PCAOB is uniquely positioned to use its insight from inspection and other oversight activities to improve existing auditing standards to support high quality audits to protect investors and the public interest. As we look to what the PCAOB has accomplished through its fourth oversight area, standard setting, and what still needs to be done, we have taken on an ambitious project to broadly reexamine our standard-setting approach. I won't go through our entire standards-setting agenda today, but it and related information can be found on the PCAOB website.
P a g e | 67
We currently have the following projects on our agenda for the first half of 2013:
1. Related parties (adoption or re-proposal) 2. Reorganization of PCAOB standards (proposal) 3. Auditor's reporting model (proposal) 4. Auditor's responsibilities with respect to other accounting firms, individual accountants, and specialists (proposal) 5. Audit transparency: identification of the engagement partner (adoption or re-proposal) We are also continuing to develop a long-term view and framework for setting standards beyond the current project list. This is a substantive workload, and it is something to watch throughout the coming year.
***
Every aspect of the PCAOB's mission registration, inspections, enforcement and standard setting points to the significant role high quality audits play in the effective functioning of our capital markets.
At the PCAOB, we have taken on an ambitious agenda dealing with numerous significant issues to help ensure high quality audits for the benefit of investors and the public interest now and for the long term. Accounting and business educators, professionals and students also need to have a mindset of working in the public interest with the highest level of ethical conduct and objectivity. The academic community can do its part by focusing students on these principles, so that they enter the profession mindful of their responsibilities to protect investors.
P a g e | 68
This, in turn, will help maintain confidence in the capital markets and will help ensure that we can continue to pass along opportunity and prosperity to future generations of Americans.
A paper that examines George R. Husband's life and accomplishments in research, service and teaching, states that Husband's students characterized his teaching principles in the following three basic positions: 1. ethical behavior is of utmost importance; 2. teachers are empowering the future leaders of the accounting profession; and 3. teachers should stretch students' thinking to the limits. I trust that the educators and students here at Wayne State University are continuing to embody these principles.
P a g e | 69
Council of the European Union Basel I I I in Europe CRD4
Irish Presidency reaches breakthrough on new rules for stronger EU banks

The I rish Presidency has reached a breakthrough in talks with the European Parliament on an overhaul of banking rules increasing EU financial stability. The Minister for Finance, Michael Noonan, welcomed the news: I am very proud to announce that the I rish Presidency has made this breakthrough it has been hard won The I rish Presidency has reached provisional agreement with the European Parliament on new rules that will help make sure that European banks hold enough good quality capital to withstand future economic and financial shocks. The provisional agreement tonight includes restrictions on bankers pay to make sure that pay practices do not lead to excessive risk-taking. It also includes new provisions to making European banks more transparent. The Minister for Finance, Michael Noonan, said: During the financial crisis, European taxpayers had to recapitalise banks.
P a g e | 70
This overhaul of EU banking rules will make sure that banks in the future have enough capital, both in terms of quality and quantity, to withstand shocks.
This will ensure that taxpayers across Europe are protected into the future. In these negotiations, as Presidency, we have had to balance many different interests: the desire to limit bankers pay while maintaining a competitive European banking sector; the need to provide a single but sufficiently flexible rule book across Europe. This agreement will have to be approved by EU Member States before it is final. There will also be significant further technical work to complete the details of the legislation. The Minister said I believe that the compromise package that we have reached tonight is well balanced. I will be presenting this package to Finance Ministers when we meet in Brussels next Tuesday and I hope they will endorse it.
Background
During the financial crisis, European taxpayers recapitalised banks who found themselves with insufficient capital to absorb losses. This overhaul of EU banking rules will make sure that banks in the future have enough capital, both in quality and quantity.
P a g e | 71
These standards have been agreed at G20 level in what is known as the Basel I I I agreement. The new EU rules are set out in a Regulation and a Directive, making up the Capital Requirements package. These new rules will apply to financial institutions across Europe, including the 8,000 banks currently operating in Europe. The package sets out rules for the amount of capital that banks need to hold, as well as the quality of those funds. It introduces a new liquidity coverage ratio as well as a leverage ratio to limit an excessive build up of leverage on banks balance sheets. There are new enhanced governance arrangements for banks, aimed at improving risk management. The package also introduces capital buffers on top of the minimum capital requirements. The provisional deal reached with the European Parliament also includes limits on the size of bankers bonuses. This package is a vital part of the single European banking rulebook, a fundamental building block for EU banking union. Completing banking union is an I rish Presidency priority.
As Presidency we are working to reach agreement with the European Parliament on the setting up of a single European banking supervisor.
We are also working on getting member state agreement on bank resolution and recovery and well as deposit guarantee schemes, important elements in completing banking union.
P a g e | 72
Getting the single supervisor in place will be key to allowing the European Stability Mechanism (ESM) to directly recapitalise banks across Europe. European Parliament
MEPs cap bankers' bonuses and step up bank capital requirements

Bankers' annual bonuses must not normally exceed their annual salaries and banks must hold more high quality capital to increase stability in the sector, says a deal reached by European Parliament and Council negotiators. The only possible exception, allowing bonuses of up to twice annual salary, would have to be authorised by holders of a half of a bank's shares. MEPs fought for a 1:1 ratio from the outset. "We have achieved the most comprehensive bank regulation package in the EU. Banks will be stabilised and more resistant to crises", said rapporteur Othmar Karas (EPP, AT) at his press conference today
Bonus cap
To curb excessive risk-taking, the basic salary-to-bonus ratio will be 1:1 but could be raised to a maximum of 1:2 with the approval of shareholders. This higher ratio would require the votes of at least 65% of shareholders owning half the shares represented, or of 75% of votes if there is no quorum.
P a g e | 73
To encourage bankers to take a long-term view, if the bonus is increased above 1:1, then a quarter of the whole bonus would be deferred for at least five years.
Quality capital
The rules will raise minimum thresholds of high quality capital to be retained. Banks will be required to hold a minimum of 8% good quality capital (mostly Tier 1, the lowest-risk form).
Transparency
The legislation would require banks to disclose profits made, taxes paid and subsidies received country by country, as well as turnover and number of employees. From 2014 these should be reported to the Commission and from 2015 made fully public.
Next Steps
The political agreement must be approved by member states and the European Parliament plenary, in which a vote is expected at the 15-18 April session. Once approved, member states would need to include the rules in their national laws by 1 January 2014.
P a g e | 74
Update on Measures to Address Unrecorded Financial Flows

Bank Negara Malaysia would like to provide an update on measures that have been undertaken by members of a High Level Multi-Agency Special Task Force (Task Force) to reduce illicit financial flows. The Task Force comprises of the Attorney Generals Chambers of Malaysia, Royal Malaysian Customs Department, Royal Malaysia Police, Malaysian Anti-Corruption Commission, I nland Revenue Board of Malaysia, I mmigration Department of Malaysia and Bank Negara Malaysia. The Task Forces role is to spearhead more effective coordination and collaboration among key law enforcement authorities in the country as well as between local and international enforcement agencies to mitigate illicit activity and financial flows.
Unrecorded financial flows are likely overstated

A recent report by an external non-governmental organisation has raised the issue of substantial illicit financial outflows from developing economies. It is important to note that estimates highlighted in its reports are essentially unrecorded financial flows, which are not necessarily synonymous with illicit financial flows. The report estimated that 80% of the unrecorded financial outflows in Malaysia amounting to USD227.1 billion during the period of 2001-2010 were due to trade mispricing. However, unrecorded financial flows which are derived by comparing import and export data between countries also arise due to data
P a g e | 75
discrepancies and the varying conventions used to compile trade statistics among countries.
This includes time lag, variations in valuation and exclusion of certain types of goods. The situation is further complicated by the treatment of goods that are exported via re-export hubs. Exports by Malaysia to a specific trading partner may for example not give rise to a similar number recorded as total imports from Malaysia by that country. This discrepancy arises as the imports are recorded based on country of origin that also includes those exports that are via other countries. After taking into account Malaysias trade that is exported via Singapore and H ong Kong (re-export hubs), the estimate of trade mispricing between Malaysia and its top 10 trading partners were reduced significantly by about 70%. Since the estimates in the report of trade mispricing do not take into consideration such discrepancies in trade statistics, the estimates of illicit flows are overstated. The report also estimated that 20% of illicit outflows were accounted for by unrecorded transfer of proceeds via informal channels that is captured by the Errors and Omissions (E&O) of the Balance of Payments (BoP) of the country. It should be noted that not the entire E&O figure is attributable to illicit activities, as it also includes genuine statistical errors from the compilation of statistics of external trade and cross-border financial transactions. Since Malaysia is a very open economy with total trade in goods and services amounting to an average of 192% of GDP during this period, such discrepancies are bound to be large in absolute amount.
P a g e | 76
It is recognised, however, that a portion of the E&O could arise from the transfer of funds obtained from illegal activities, organised crime and tax and custom duties evasion.
Importantly, the E&O has averaged at 2% of total trade, which is well below the 5% benchmark threshold prescribed by the International Monetary Fund (IM F). These ratios have also been on a moderating trend since 2010.
Measures have been undertaken and will be further intensified

The Government has always considered any transgression of the countrys rules and regulations as a very serious matter. Indeed long before such reports on illicit outflows, efforts had already been made by the Government in combating illegal financial flows through various preventive measures. Collaboration between relevant agencies on this issue began in 2008, culminating in the establishment of the Task Force in 2010. On mitigating trade mispricing, the Royal Malaysian Customs Department has taken actions against entities and individuals who have evaded customs duties especially in cases of under- and over-invoicing of exports and imports of goods, as well as phantom shipments and other falsification of the value or quantity of shipments. Tighter monitoring and surveillance at various entry and exit points are in place, including the installation of closed-circuit televisions and scanners. In addition, all travellers (Malaysian residents and non-residents) are required to declare to the Customs if they carry into or out of Malaysia cash in amounts exceeding USD10,000 or its equivalent in Ringgit and in foreign currency. Effective 1 December 2011, the new Money Services Business Act 2011, under the purview of Bank Negara Malaysia, came into force to support
P a g e | 77
the development of a more dynamic and competitive money services business industry (comprising the money changing, remittance and wholesale currency businesses).
The relicensing exercise of all money services businesses was completed in 2012, resulting in the number of money changers being reduced from 839 to 511. This exercise has enhanced the capacity of the money services business industry to be more professional and prevent the players from becoming a conduit to illegal fund transfer activities. In addition, the exercise also resulted in the approval of qualified money changers as remittance agents. This is expected to facilitate the migration of remittances, especially by foreign workers, from informal to formal channels. The Money Services Business Act 2011 further complements the measures that have been put in place and actions taken under the Anti-Money Laundering & Anti-Terrorism Financing Act 2001 (AMLATFA 2001). The AMLATFA 2001 which came into force on 15 January 2002 criminalises money laundering of proceeds from serious crimes. Malaysia is now well supported by robust legislation to combat illegal financial flows. In addition, Malaysias efforts to strengthen the legislation and implementation of Anti Money Laundering/ Counter Financing of Terrorism measures have been recognised by the I MF and the World Bank during the recent Financial Sector Assessment Programme (FSAP), where Malaysia was accorded a Compliant rating for the Basel Core Principles (Principle 18) and Observed for the I nsurance Core Principles (ICP 22). Greater collaboration among local agencies as well as with their international counterparts through the sharing of databases, information
P a g e | 78
and intelligence and joint enforcement actions, with some of them facilitated by the Task Force had yielded positive results in combating illegal activities.
The I nland Revenue Board of Malaysia has taken actions on entities and individuals who have evaded corporate taxes. The Board had also conducted tax audit on firms and strengthened its enforcement to minimise tax evasion. The Customs have also intensified its enforcement efforts. These efforts have produced results shown by the significant rise in tax and duties collections. Moving forward, the trade mispricing issue will also be mitigated with the introduction of Goods and Services Tax (GST) which requires reporting of value-added at various stages of production. Recognising the importance of addressing illicit financial flows, continued concrete and coordinated efforts between various enforcement agencies including across borders will continue to be pursued to ensure the integrity and stability of the Malaysian financial system.
P a g e | 79
PCAOB Issues Report on 2007-2010 Inspections of Domestic Firms that Audit 100 or Fewer Public Companies Washington, D.C., Feb. 25, 2013
The Public Company Accounting Oversight Board today released a report summarizing inspection observations identified in the 2007 through 2010 inspections of U.S. firms that audited 100 or fewer public companies.
Such firms must be inspected at least once every three years (triennially inspected firms).
Overall, the results show a reduced rate of reported "significant audit performance deficiencies" when compared to a 2007 report the Board issued addressing observations from inspections of triennially inspected firms from 2004 through 2006. Significant audit performance deficiencies are those that result in the audit firm lacking sufficient evidence to support its audit opinion. The report notes lower rates of significant audit performance deficiencies overall in the group of firms that had second inspections during the 2007-2010 period. Of firms that had a second inspection during that period, 36 percent had at least one such deficiency in their second inspection, compared to 55 percent in their initial inspection. Despite the decrease in the rate of significant audit performance deficiencies noted in second inspections, the persistence of such deficiencies in audits performed by a large number of domestic triennial firms is of concern to the Board.
P a g e | 80
"The Board has issued this report to highlight areas where audit firms can focus their attention to enhance the quality of their audits," said James R. Doty, PCAOB Chairman.
"We also encourage firms to identify and address the root causes of any audit performance deficiencies identified during the inspections process." According to the report, 44 percent of the audit firms inspected during the 2007-2010 period had at least one "significant audit performance deficiency" compared to 61 percent in the 2004 2006 period . Of the individual audits inspected between 2007 and 2010, 28 percent had at least one significant audit performance deficiency compared to 36 percent of the audits inspected between 2004 and 2006. Audit areas with frequent inspection findings in the 2007-2010 period related to: - auditing revenue recognition; - auditing share-based payments and equity financing instruments; - auditing convertible debt instruments; - auditing fair value measurements; - auditing business combinations and impairment of intangible and long-lived assets; - auditing accounting estimates;
- auditing related party transactions;

- use of analytical procedures as substantive tests; and - audit procedures to respond to the risk of material misstatement due to fraud.
P a g e | 81
The "Report on 2007-2010 I nspections of Domestic Firms that Audit 100 or Fewer Public Companies" includes observations from 748 inspections of 578 domestic triennial firms conducted in the 20072010 period, and encompasses Inspection staff reviews of aspects of 1,801 audits.
Executive Summary
The Public Company Accounting Oversight Board (the "PCAOB" or the "Board") is issuing this report to provide a summary of observations from its inspection program.
This report covers domestic audit firms that audit the financial statements of issuers, and that regularly issue 100 or fewer audit reports each year.
Such firms must be inspected at least once every three years ("triennially inspected firms"). This report describes inspection findings from 578 firms and 1,801 individual audits that were inspected in 2007-2010.
The PCAOB has previously issued similar reports describing inspectionrelated observations for triennially inspected firms and other firms, which are available on the PCAOB's website at
http:/ / pcaobus.org/ Inspections/ Pages/ PublicReports.aspx
PCAOB Inspections
PCAOB inspections assess auditors' compliance with certain laws, rules, and professional standards in connection with audits of issuers. A PCAOB inspection of an audit firm examines in depth certain aspects of a limited number of audits performed by the audit firm as well as certain elements of the firm's system of quality control over its audit processes.
P a g e | 82
Individual audits and areas of inspection focus within those audits are generally selected on a risk-weighted basis and not randomly.
Areas of focus vary among selected audits, but often involve audit work on the areas of financial statements with the highest risk of material misstatement. In connection with their inspection of individual audits, PCAOB inspectors may identify significant audit performance deficiencies where the auditor did not obtain sufficient audit evidence to support its audit opinion. In addition, inspectors may identify deficiencies in the firm's overall system of quality control that increase the risk that the firm's system will not provide reasonable assurance that its personnel comply with professional standards.
General Observations from Inspections in 2007-2010

This report summarizes observations resulting from inspections of triennially inspected firms that took place from 2007 through 2010. The Board previously issued a report in October 2007, addressing observations from inspections of triennially inspected firms from 2004 through 2006 ("the 2007 report"). Overall, the results in this report compared to the 2007 report show a reduced rate of reported significant audit performance deficiencies: - Approximately 44 percent of the audit firms inspected between 2007 and 2010 had at least one significant audit performance deficiency compared to the 2007 report where approximately 61 percent of the audit firms inspected between 2004 and 2006 were reported as having at least one significant audit performance deficiency. - Of the 1,801 individual audits inspected between 2007 and 2010, 28 percent had at least one significant audit performance deficiency
P a g e | 83
compared to 36 percent of the 1,589 audits inspected between 2004 and 2006.
- For the 455 firms that had a second inspection in the 2007- 2010 period, 36 percent had at least one significant audit performance deficiency in their second inspection, compared with a rate of 55 percent in their first inspection. While reported significant audit performance deficiencies have decreased, the continued identification of these deficiencies in audits performed by a large number of triennially inspected firms is of concern. The Board and I nspections staff take a number of actions to encourage the firms to address these deficiencies. In each inspection, the staff discusses the findings with the firm to make sure that all of the facts are considered and to help the staff and firm understand the deficiency identified. Based on this understanding, the firms should design and implement any necessary changes to their quality control procedures. The Board encourages firms to initiate a dialogue with the Board's Inspections staff early on about how the firm intends to address quality control criticisms, including those identified as a result of these significant audit performance deficiencies. The Board encourages this dialogue so that a firm can receive timely feedback from the I nspections staff and enhance its efforts, if necessary, during the twelve-month remediation period. In addition, for a number of years, the Board has held a series of forums for auditors of smaller companies to share inspection results, remediation observations, and information about recently issued auditing standards. As described in more detail in the report, the Board also encourages firms to identify and address the root causes of any audit performance deficiencies identified during the inspections process.
P a g e | 84
The causes of these deficiencies are typically complex and are often the result of a combination of factors, including, among others:
- a lack of technical competence in a particular audit area; - a lack of due professional care, including professional skepticism; - ineffective or insufficient supervision, which at times may have been due to heavy partner and professional staff workloads; - ineffective client acceptance and continuance practices that fail to consider technical knowledge called for in particular audits; or - ineffective engagement quality reviews. With respect to the inspections conducted from 2007 through 2010 that are the subject of this report, firms have remediated quality control deficiencies described in Part I I of the inspection report to the Board's satisfaction in approximately 90 percent of those cases in which the Board has concluded on the firm's efforts. Firms' remediation activities to address specific quality control deficiencies have encompassed a range of actions, including enhancements of quality control policies and procedures, developing technical guidance targeted to specific issues, developing and requiring training targeted to specific issues, developing new audit tools, and requiring additional audit procedures.
Observations of Audit Areas with Common Deficiencies

Although audit deficiencies can occur in many different areas of an audit, Inspections staff have identified certain areas in which deficiencies occurred more frequently. This report includes general descriptions of deficiencies in certain such common problem areas, along with specific examples from inspection reports.
P a g e | 85
Audit areas with frequent findings in the 2007-2010 period related to:
- auditing revenue recognition (deficiencies also discussed in prior reports); -auditing share-based payments and equity financing instruments (deficiencies also discussed in prior reports); - auditing convertible debt instruments (new category in this report); - auditing fair value measurements (deficiencies also discussed in prior reports, but re-categorized); - auditing business combinations and impairment of intangible and longlived assets (deficiencies also discussed in prior reports); - auditing accounting estimates (deficiencies also discussed in prior reports, but re-categorized); - auditing related party transactions (deficiencies also discussed in prior reports); - use of analytical procedures as substantive tests (deficiencies also discussed in prior reports, but re-categorized); and - audit procedures to respond to the risk of material misstatement due to fraud (new category in this report, but previously the subject of a separate report). Some categories above are identified as "deficiencies also discussed in prior reports, but re-categorized" from the presentation in our 2007 report. Specifically, auditing fair value measurements and use of analytical procedures as substantive tests were discussed in the equity transactions and revenue categories of the 2007 report, respectively. While auditing accounting estimates is a new category in this report, the
P a g e | 86
2007 report addressed auditing allowance for loan losses and allowance for doubtful accounts in the category on loans and accounts receivable.
For fraud procedures, the Board released on January 22, 2007, a report titled "Observations on Auditors' I mplementation of PCAOB Standards Relating to Auditors' Responsibilities with Respect to Fraud," which described observations by I nspections staff relating to procedures relevant to an auditor's consideration of fraud. Categories of more frequent deficiencies in our 2007 report that are not included in this report are: auditors' going concern considerations, auditing loans and accounts receivable, auditors consideration of issuers use of service organizations, use of other auditors, use of the work of specialists, auditor independence, and concurring partner review. These categories are not included due to a lower frequency of these types of deficiencies reported during the 2007-2010 inspections that may have occurred for numerous reasons, including among others, lower frequencies in which certain audit areas were reviewed due to issuer audit selection and related matters, or improvements in auditing. While observations of certain independence violations (e.g., services related to bookkeeping and preparation of financial statements and notes to financial statements, and inclusion of indemnification clauses in engagement letters) have declined, the Board continues to be concerned about, and continues to identify instances in which a firm has not complied with the relevant independence requirements. Although not separately discussed within the report, the Board emphasizes that firms should take steps to comply with the relevant PCAOB and SEC independence requirements.
All registered public accounting firms that participate in audits of issuers should consider whether the audit deficiencies described in this report might be present in audits they are currently performing, and should take appropriate action to reduce the likelihood of recurrence of similar deficiencies in the future.
P a g e | 87
Audit committees may wish to discuss this report with auditors they oversee to better understand whether any of the common deficiencies may be a concern they should consider in connection with the audits of their companies.
4/ The 467 firms that issued audit reports for the year ended December 31, 2011 differ from the 578 domestic triennial firms that were inspected at least once during the 2007-2010 period for numerous reasons, including among others, firms choosing to no longer audit issuers (possibly temporarily) and firm mergers.
P a g e | 88
P a g e | 89
Remarks by Thomas J. Curry

Comptroller of the Currency Before the National Association of Attorneys General Washington, DC Its a pleasure to be here with you today, and particularly to be on this panel with Director Cordray. Together, we represent the nations oldest federal agency and its newest. As you may know, the OCC is celebrating its 150th anniversary this year; in fact, later today, we will hold an event at the OCC commemorating the enactment of the National Currency Act, which was signed into law by President Lincoln 150 years ago this week. Its an honor for me to head the agency at this time, with so much accomplishment behind us and so much promise ahead. I certainly cant begin to forecast what will happen over the course of another century and a half, but it is my firm belief that the OCC will continue to evolve to meet the needs of changing markets and a changing population of financial consumers. One of the things I ve most enjoyed during my still short term of office is the opportunity to work with Rich and the Consumer Financial Protection Bureau as that agency continues the process of standing up. We have somewhat different missions, but in the end, we are both working toward similar objectives: a banking and financial services industry that is not only safe and sound, but open and fair to the American consumer and capable of supporting the kind of economic growth that creates jobs and helps families fulfill their dreams.
P a g e | 90
In fact, the similarities between our missions and objectives are even more pronounced than that.
While the CFPB is classified as a consumer protection agency and the OCC is viewed as a safety and soundness agency, those jobs go hand in hand. Nothing is more important to a financial institutions viability than its reputation, and that reputation depends heavily upon how well it treats its customers. In fact, reputation is one of the key categories of risk that our examiners monitor. And while the overwhelming majority of the federal banks we supervise understand just how important reputation is, they deserve to know that none of their competitors, especially those that traditionally have operated with little regulation or supervision, can seek a competitive advantage by cutting corners. Thats an area where I think the CFPB will perform an especially vital service to both consumers and lenders. But neither of us can succeed in our missions if we dont work well together or communicate with each other. That requires an extensive amount of cooperation, and toward that end we have spent a good deal of time building a sound working relationship that will facilitate that cooperation. Rich and I talk frequently and meet on a regular basis, and our staffs meet regularly as well. All in all, I think its a good start. Much of what I ve said would also apply to our relationship with the nations Attorneys General.
P a g e | 91
Its important that we maintain a good working relationship based on honest and open communication and cooperation on issues of common concern.
It is true that we have different missions and different approaches toward meeting our missions, but in the end we have the same kind of common objective I cited with respect to the CFPB: we are all working toward a banking and financial services industry that treats the average person fairly and functions in a way that meets the needs of families, communities, and the national economy.
To achieve that, we have broad powers to act against institutions that engage in abusive acts or engage in unsafe and unsound practices.
Where appropriate, we use those powers to compel financial institutions to change the way they conduct their business. As the chief legal officers for your respective states, your powers to address problems through civil suits or other actions are probably familiar to many people. However, I think our authority as a prudential bank supervisor is not always well understood. In particular, people sometimes ask why enforcement actions are typically done through consent agreements. Thats a reasonable question, and I d like to spend a few minutes today answering it. As a prudential supervisor, we examine banks regularly and seek to identify issues early when they can most easily be fixed. Most often the banks take the necessary corrective action, and those are the cases no one hears about since under law the supervisory process is confidential.
P a g e | 92
But there are times when problems cannot be remedied through the supervisory process, and those are the cases that result in formal enforcement actions that sometimes make headlines.
In those situations, we very often end up taking actions that are aimed in the first instance at fixing the problem and which, depending upon the circumstances, may also include financial penalties or compensation for individuals who suffered harm as a result of improper practices. Theres a reason why I cited remediation as the first goal of an enforcement order. First, unlike actions brought by an Attorney Generals Office, our authority to take enforcement actions is an extension of, and in support of the supervisory process, and so the primary purpose of our actions is remediation to ensure that federal banks and thrifts operate in a safe and sound manner, and in compliance with the law. Under our statutory enforcement scheme, the purpose of our actions is not to punish banks or make examples of anyone. In that respect, we are very different from agencies like the Department of Justice, which is authorized under the law to bring actions for punitive purposes, including criminal actions, against institutions and individuals. By contrast, the OCC has no authority to investigate or prosecute criminal activity. Second, if there is a lapse significant enough to warrant a public action, then the underlying problem is almost certainly one that must be addressed immediately.
This is particularly true in cases involving financial harm to individuals, where we will move as quickly as possible to ensure those customers are compensated in a timely fashion.
While we have authority to impose civil money penalties, those fines often come later, after a remedial document has been put in place.
P a g e | 93
There are a number of reasons for this.

One reason is that our enforcement statutes require us to consider additional factors and, in the case of larger tier 2 penalties, meet a heightened legal standard. In order to do this, it is helpful to have more time to assess why the bank or thrift dropped the ball in the first place and how well it reacted once the particular concern was identified. Finally, in cases where other agencies are involved, we will normally coordinate our penalty actions with the other agencies so that all actions can be brought together. Most often these actions are taken with the consent of the bank or thrift, and I think there is some confusion about what the term consent means in this context. I'll start with what it doesn't mean: it does not mean that we take an action only if the supervised bank agrees, nor does it mean that we are willing to compromise on the form or the substance of the action in order to achieve a negotiated settlement. The OCC is no different than other agencies when it comes to resolving its enforcement cases by consent. The vast majority of actions brought by the Department of Justice, the Securities and Exchange Commission, the Federal Trade Commission, and other federal agencies are resolved through negotiated settlements, in much the same way each of you resolve many of the actions you take. There are good reasons for this. I n most cases, entering into a settlement is a positive outcome for both the public and the agency. Litigated cases typically take a long time to resolve, and they can have an uncertain outcome.
P a g e | 94
This is a particular problem in consumer cases, where victims could literally be waiting years to obtain relief, if ever.
By contrast, when a case is settled, an enforceable order is immediately put in place that requires banks to take corrective and remedial action. Often the bank has to pay a significant monetary penalty as well. This supports our supervisory goals of getting problems fixed at the banks as timely and efficiently as possible, and ensuring that consumers are made whole. But let me be very clear: while most of our enforcement actions are resolved by settlement, we are prepared to litigate those actions if the bank or thrift refuses to consent. Before initiating an action, we conduct a thorough review of the facts and an analysis of the law, and we do not initiate actions unless we believe they can be successfully litigated. Consequently, we stand prepared to litigate each and every enforcement action that we present to a bank or an individual before an administrative law judge, which is the venue for such actions. Banks and the defense bar are well aware of this and, frankly, we believe it is a big reason why so many of the respondents in our cases are unwilling to challenge our actions and instead consent to our orders. There is a tendency among some to automatically dismiss any enforcement action we take against a large institution as insufficiently severe, but that criticism misses the mark on several points.
First, the actions we bring require banks to adopt or change policies and procedures, adjust systems and controls, and require other significant operational changes that are taken very seriously by the affected banks.
In the case of cease and desist orders, which are the most severe remedial action we can take under our enforcement scheme, the individual
P a g e | 95
directors sign the orders, committing themselves to ensuring that the terms of the order are effectively implemented and knowing that if they fail, they may be personally subject to additional action, including penalties.
Where appropriate, we have also imposed fines commensurate with the nature of the infraction, and those fines have sometimes been very substantial. For example, not only was the recent $500 million dollar penalty we assessed against H SBC the largest penalty the OCC has ever assessed, but it is by far the largest penalty that any federal banking agency has ever assessed, exceeding by a wide margin all of the banks cost savings for its deficient BSA compliance program. And as I noted a moment ago, we have no authority to prosecute criminal cases. However, we regularly make referrals directly to the Department of Justice, and we work closely with them as they develop cases. On occasion, we have found ourselves working on parallel tracks, investigating the same institution, and were able to provide support to Justice. While we dont disclose referrals, once they are made or once the Justice Department gets involved for any reason, it is solely up to Justice to decide whether to prosecute a financial institution. That isnt an easy call, and I think theyve done a very good job in exercising appropriate judgments. I would add that, in my time as Comptroller, weve worked with Justice on a number of cases, and both my legal staff and I have been extremely impressed with the professionalism and collegiality of the departments lawyers. Of course, that leaves open the question of whether more financial institutions should be brought into court more often.
P a g e | 96
That is, should we be seeking even more severe penalties that are less likely to result in consent orders and more likely to lead to actions before an administrative law judge?
Or, should more actions be taken by the Department of Justice based on referrals from any of the bank regulatory agencies or the department's own investigative work? I would simply say that, while such decisions should never be made lightly, no one should shrink from such action when necessary.
Banks play a vital role in the economic well-being of families and communities both here and abroad, and they are essential to the health of our national economy. But as important as they are, they should not be considered immune from prosecution when circumstances warrant.
No institution should be viewed as too big to prosecute. Nor should individual employees be considered immune. The OCC has ample authority to take action against culpable individuals and a long history of doing so, including removal and prohibition actions and civil money penalties. In virtually every case where we take an action against an institution, we also conduct a parallel review for possible actions against responsible individuals, and we take such actions where they are warranted and legally supportable. I believe the OCC has an excellent enforcement program that balances these considerations, and it has served us well in meeting our supervisory objectives, by ensuring the safety and soundness of our institutions, and ensuring that individuals harmed by deficient or abusive practices receive compensation. We stand ready to work with you and other federal and state regulatory and law enforcement agencies to help meet our common goals.
P a g e | 97
Thank you. I look forward to your questions.
P a g e | 98
NIST Solicits Views, Ideas from Stakeholders for Cybersecurity Framework for Critical Infrastructure
The National I nstitute of Standards and Technology (NIST) issued a Request for Information (RFI) in the Federal Register as its first step in the process to develop a Cybersecurity Framework, a set of voluntary standards and best practices to guide industry in reducing cyber risks to the networks and computers that support critical infrastructure vital to the nation's economy, security and daily life. Stakeholder meetings are also a part of the framework process, and the first such meeting will be held April 3, 2013, at the NIST headquarters in Gaithersburg, Md. President Obama called for the framework to reduce cyber risks to critical infrastructure such as power plants and financial, transportation and communications systems, in his February 12, 2013, Executive Order on "Improving Critical I nfrastructure Cybersecurity"
NIST requests ideas, recommendations and other input from critical infrastructure owners and operators, federal agencies, state and local governments, standards-setting organizations, and other interested parties about current risk management practices; use of frameworks, standards, guidelines and best practices; specific industry practices and more.
Specific questions are included in the RFI. For more on information about the framework and the process NIST will use to develop the framework within a year, see the February 13, 2013, announcement on the Department of Commerce Web page or the N IST Cybersecurity Framework Web page at: www.nist.gov/ itl/ cyberframework.cfm
P a g e | 99
The RFI on the new Cybersecurity Framework is available at https://www.federalregister.gov/ articles/ 2013/ 02/ 26 /2013-04413/devel oping-a-framework-to-improve-critical-infrastructure-cybersecurity
Comments are due by 5 p.m. ET, Monday, April 8, 2013, and should be sent to cyberframework@nist.gov with the subject line: "Developing a Framework to I mprove Critical Infrastructure Cybersecurity."
Registration information for the April 3 public workshop is available at

www.nist.gov/ itl/ csd/ cybersecurity-framework-workshop.cfm
P a g e | 100
Executive Order
Improving Critical Infrastructure Cybersecurity

By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered as follows:
Section 1. Policy
Repeated cyber intrusions into critical infrastructure demonstrate the need for improved cybersecurity. The cyber threat to critical infrastructure continues to grow and represents one of the most serious national security challenges we must confront. The national and economic security of the United States depends on the reliable functioning of the Nation's critical infrastructure in the face of such threats. It is the policy of the United States to enhance the security and resilience of the Nation's critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties. We can achieve these goals through a partnership with the owners and operators of critical infrastructure to improve cybersecurity information sharing and collaboratively develop and implement risk-based standards.
Sec. 2. Critical I nfrastructure

As used in this order, the term critical infrastructure means systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a
P a g e | 101
debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.
Sec. 3. Policy Coordination

Policy coordination, guidance, dispute resolution, and periodic in-progress reviews for the functions and programs described and assigned herein shall be provided through the interagency process established in Presidential Policy Directive-1 of February 13, 2009 (Organization of the National Security Council System), or any successor.
Sec. 4. Cybersecurity Information Sharing

(a) I t is the policy of the United States Government to increase the volume, timeliness, and quality of cyber threat information shared with U.S. private sector entities so that these entities may better protect and defend themselves against cyber threats. Within 120 days of the date of this order, the Attorney General, the Secretary of Homeland Security (the "Secretary"), and the Director of National I ntelligence shall each issue instructions consistent with their authorities and with the requirements of section 12(c) of this order to ensure the timely production of unclassified reports of cyber threats to the U.S. homeland that identify a specific targeted entity. The instructions shall address the need to protect intelligence and law enforcement sources, methods, operations, and investigations. (b) The Secretary and the Attorney General, in coordination with the Director of National I ntelligence, shall establish a process that rapidly disseminates the reports produced pursuant to section 4(a) of this order to the targeted entity. Such process shall also, consistent with the need to protect national security information, include the dissemination of classified reports to critical infrastructure entities authorized to receive them.
P a g e | 102
The Secretary and the Attorney General, in coordination with the Director of National I ntelligence, shall establish a system for tracking the production, dissemination, and disposition of these reports.
(c)To assist the owners and operators of critical infrastructure in protecting their systems from unauthorized access, exploitation, or harm, the Secretary, consistent with 6 U.S.C. 143 and in collaboration with the Secretary of Defense, shall, within 120 days of the date of this order, establish procedures to expand the Enhanced Cybersecurity Services program to all critical infrastructure sectors.
This voluntary information sharing program will provide classified cyber threat and technical information from the Government to eligible critical infrastructure companies or commercial service providers that offer security services to critical infrastructure.
(d)The Secretary, as the Executive Agent for the Classified National Security I nformation Program created under Executive Order 13549 of August 18, 2010 (Classified National Security I nformation Program for State, Local, Tribal, and Private Sector Entities), shall expedite the processing of security clearances to appropriate personnel employed by critical infrastructure owners and operators, prioritizing the critical infrastructure identified in section 9 of this order. (e)In order to maximize the utility of cyber threat information sharing with the private sector, the Secretary shall expand the use of programs that bring private sector subject-matter experts into Federal service on a temporary basis. These subject matter experts should provide advice regarding the content, structure, and types of information most useful to critical infrastructure owners and operators in reducing and mitigating cyber risks.
Sec. 5. Privacy and Civil Liberties Protections

(a) Agencies shall coordinate their activities under this order with their senior agency officials for privacy and civil liberties and ensure that
P a g e | 103
privacy and civil liberties protections are incorporated into such activities. Such protections shall be based upon the Fair Information Practice Principles and other privacy and civil liberties policies, principles, and frameworks as they apply to each agency's activities.
(b)The Chief Privacy Officer and the Officer for Civil Rights and Civil Liberties of the Department of Homeland Security (DHS) shall assess the privacy and civil liberties risks of the functions and programs undertaken by DHS as called for in this order and shall recommend to the Secretary ways to minimize or mitigate such risks, in a publicly available report, to be released within 1 year of the date of this order. Senior agency privacy and civil liberties officials for other agencies engaged in activities under this order shall conduct assessments of their agency activities and provide those assessments to DHS for consideration and inclusion in the report. The report shall be reviewed on an annual basis and revised as necessary. The report may contain a classified annex if necessary. Assessments shall include evaluation of activities against the Fair Information Practice Principles and other applicable privacy and civil liberties policies, principles, and frameworks. Agencies shall consider the assessments and recommendations of the report in implementing privacy and civil liberties protections for agency activities. (c)In producing the report required under subsection (b) of this section, the Chief Privacy Officer and the Officer for Civil Rights and Civil Liberties of DHS shall consult with the Privacy and Civil Liberties Oversight Board and coordinate with the Office of Management and Budget (OMB). ( d) I nformation submitted voluntarily in accordance with 6 U.S.C. 133 by private entities under this order shall be protected from disclosure to the fullest extent permitted by law.
P a g e | 104
Sec. 6. Consultative Process

The Secretary shall establish a consultative process to coordinate improvements to the cybersecurity of critical infrastructure. As part of the consultative process, the Secretary shall engage and consider the advice, on matters set forth in this order, of the Critical Infrastructure Partnership Advisory Council; Sector Coordinating Councils; critical infrastructure owners and operators; Sector-Specific Agencies; other relevant agencies; independent regulatory agencies; State, local, territorial, and tribal governments; universities; and outside experts.
Sec. 7. Baseline Framework to Reduce Cyber Risk to Critical Infrastructure

(a) The Secretary of Commerce shall direct the Director of the National Institute of Standards and Technology (the "Director") to lead the development of a framework to reduce cyber risks to critical infrastructure (the "Cybersecurity Framework").
The Cybersecurity Framework shall include a set of standards, methodologies, procedures, and processes that align policy, business, and technological approaches to address cyber risks.
The Cybersecurity Framework shall incorporate voluntary consensus standards and industry best practices to the fullest extent possible. The Cybersecurity Framework shall be consistent with voluntary international standards when such international standards will advance the objectives of this order, and shall meet the requirements of the National I nstitute of Standards and Technology Act, as amended (15 U.S.C. 271 et seq.), the National Technology Transfer and Advancement Act of 1995 (Public Law 104-1 13), and OMB Circular A-1 19, as revised. (b) The Cybersecurity Framework shall provide a prioritized, flexible, repeatable, performance-based, and cost-effective approach, including
P a g e | 105
information security measures and controls, to help owners and operators of critical infrastructure identify, assess, and manage cyber risk.
The Cybersecurity Framework shall focus on identifying cross-sector security standards and guidelines applicable to critical infrastructure. The Cybersecurity Framework will also identify areas for improvement that should be addressed through future collaboration with particular sectors and standards-developing organizations. To enable technical innovation and account for organizational differences, the Cybersecurity Framework will provide guidance that is technology neutral and that enables critical infrastructure sectors to benefit from a competitive market for products and services that meet the standards, methodologies, procedures, and processes developed to address cyber risks. The Cybersecurity Framework shall include guidance for measuring the performance of an entity in implementing the Cybersecurity Framework. (c)The Cybersecurity Framework shall include methodologies to identify and mitigate impacts of the Cybersecurity Framework and associated information security measures or controls on business confidentiality, and to protect individual privacy and civil liberties. ( d) I n developing the Cybersecurity Framework, the Director shall engage in an open public review and comment process. The Director shall also consult with the Secretary, the National Security Agency, Sector-Specific Agencies and other interested agencies including OMB, owners and operators of critical infrastructure, and other stakeholders through the consultative process established in section 6 of this order. The Secretary, the Director of National I ntelligence, and the heads of other relevant agencies shall provide threat and vulnerability information and technical expertise to inform the development of the Cybersecurity Framework.
P a g e | 106
The Secretary shall provide performance goals for the Cybersecurity Framework informed by work under section 9 of this order.
(e)Within 240 days of the date of this order, the Director shall publish a preliminary version of the Cybersecurity Framework (the "preliminary Framework"). Within 1 year of the date of this order, and after coordination with the Secretary to ensure suitability under section 8 of this order, the Director shall publish a final version of the Cybersecurity Framework (the "final Framework"). (f)Consistent with statutory responsibilities, the Director will ensure the Cybersecurity Framework and related guidance is reviewed and updated as necessary, taking into consideration technological changes, changes in cyber risks, operational feedback from owners and operators of critical infrastructure, experience from the implementation of section 8 of this order, and any other relevant factors.
Sec. 8. Voluntary Critical I nfrastructure Cybersecurity Program

(a)The Secretary, in coordination with Sector-Specific Agencies, shall establish a voluntary program to support the adoption of the Cybersecurity Framework by owners and operators of critical infrastructure and any other interested entities (the "Program").
(b)Sector-Specific Agencies, in consultation with the Secretary and other interested agencies, shall coordinate with the Sector Coordinating Councils to review the Cybersecurity Framework and, if necessary, develop implementation guidance or supplemental materials to address sector-specific risks and operating environments.
(c)Sector-Specific Agencies shall report annually to the President, through the Secretary, on the extent to which owners and operators notified under section 9 of this order are participating in the Program.
(d)The Secretary shall coordinate establishment of a set of incentives designed to promote participation in the Program. Within 120 days of the
P a g e | 107
date of this order, the Secretary and the Secretaries of the Treasury and Commerce each shall make recommendations separately to the President, through the Assistant to the President for Homeland Security and Counterterrorism and the Assistant to the President for Economic Affairs, that shall include analysis of the benefits and relative effectiveness of such incentives, and whether the incentives would require legislation or can be provided under existing law and authorities to participants in the Program.
(e) Within 120 days of the date of this order, the Secretary of Defense and the Administrator of General Services, in consultation with the Secretary and the Federal Acquisition Regulatory Council, shall make recommendations to the President, through the Assistant to the President for H omeland Security and Counterterrorism and the Assistant to the President for Economic Affairs, on the feasibility, security benefits, and relative merits of incorporating security standards into acquisition planning and contract administration. The report shall address what steps can be taken to harmonize and make consistent existing procurement requirements related to cybersecurity.
Sec. 9. Identification of Critical I nfrastructure at Greatest Risk

(a) Within 150 days of the date of this order, the Secretary shall use a risk-based approach to identify critical infrastructure where a cybersecurity incident could reasonably result in catastrophic regional or national effects on public health or safety, economic security , or national security. I n identifying critical infrastructure for this purpose, the Secretary shall use the consultative process established in section 6 of this order and draw upon the expertise of Sector-Specific Agencies. The Secretary shall apply consistent, objective criteria in identifying such critical infrastructure. The Secretary shall not identify any commercial information technology products or consumer information technology services under this section.
P a g e | 108
The Secretary shall review and update the list of identified critical infrastructure under this section on an annual basis, and provide such list to the President, through the Assistant to the President for Homeland Security and Counterterrorism and the Assistant to the President for Economic Affairs.
(b)Heads of Sector-Specific Agencies and other relevant agencies shall provide the Secretary with information necessary to carry out the responsibilities under this section. The Secretary shall develop a process for other relevant stakeholders to submit information to assist in making the identifications required in subsection (a) of this section. (c)The Secretary, in coordination with Sector-Specific Agencies, shall confidentially notify owners and operators of critical infrastructure identified under subsection (a) of this section that they have been so identified, and ensure identified owners and operators are provided the basis for the determination. The Secretary shall establish a process through which owners and operators of critical infrastructure may submit relevant information and request reconsideration of identifications under subsection (a) of this section.
Sec. 10. Adoption of Framework

(a) Agencies with responsibility for regulating the security of critical infrastructure shall engage in a consultative process with DH S, OMB, and the National Security Staff to review the preliminary Cybersecurity Framework and determine if current cybersecurity regulatory requirements are sufficient given current and projected risks. In making such determination, these agencies shall consider the identification of critical infrastructure required under section 9 of this order.
P a g e | 109
Within 90 days of the publication of the preliminary Framework, these agencies shall submit a report to the President, through the Assistant to the President for Homeland Security and Counterterrorism, the Director of OMB, and the Assistant to the President for Economic Affairs, that states whether or not the agency has clear authority to establish requirements based upon the Cybersecurity Framework to sufficiently address current and projected cyber risks to critical infrastructure, the existing authorities identified, and any additional authority required.
(b)If current regulatory requirements are deemed to be insufficient, within 90 days of publication of the final Framework, agencies identified in subsection (a) of this section shall propose prioritized, risk-based, efficient, and coordinated actions, consistent with Executive Order 12866 of September 30, 1993 (Regulatory Planning and Review), Executive Order 13563 of January 18, 2011 (Improving Regulation and Regulatory Review), and Executive Order 13609 of May 1, 2012 (Promoting International Regulatory Cooperation), to mitigate cyber risk. (c)Within 2 years after publication of the final Framework, consistent with Executive Order 13563 and Executive Order 13610 of May 10, 2012 (Identifying and Reducing Regulatory Burdens), agencies identified in subsection (a) of this section shall, in consultation with owners and operators of critical infrastructure, report to OMB on any critical infrastructure subject to ineffective, conflicting, or excessively burdensome cybersecurity requirements. This report shall describe efforts made by agencies, and make recommendations for further actions, to minimize or eliminate such requirements. (d)The Secretary shall coordinate the provision of technical assistance to agencies identified in subsection (a) of this section on the development of their cybersecurity workforce and programs. (e)Independent regulatory agencies with responsibility for regulating the security of critical infrastructure are encouraged to engage in a consultative process with the Secretary, relevant Sector-Specific Agencies,
P a g e | 110
and other affected parties to consider prioritized actions to mitigate cyber risks for critical infrastructure consistent with their authorities.
Sec. 1 1. Definitions
(a)"Agency" means any authority of the United States that is an "agency" under 44 U.S.C. 3502(1), other than those considered to be independent regulatory agencies, as defined in 44 U.S.C. 3502(5). (b)"Critical I nfrastructure Partnership Advisory Council" means the council established by DHS under 6 U.S.C. 451 to facilitate effective interaction and coordination of critical infrastructure protection activities among the Federal Government; the private sector; and State, local, territorial, and tribal governments. (c)"Fair Information Practice Principles" means the eight principles set forth in Appendix A of the National Strategy for Trusted I dentities in Cyberspace. (d)"Independent regulatory agency" has the meaning given the term in 44 U.S.C. 3502(5). (e)"Sector Coordinating Council" means a private sector coordinating council composed of representatives of owners and operators within a particular sector of critical infrastructure established by the N ational Infrastructure Protection Plan or any successor. (f)"Sector-Specific Agency" has the meaning given the term in Presidential Policy Directive-21 of February 12, 2013 (Critical Infrastructure Security and Resilience), or any successor.
Sec. 12. General Provisions

(a) This order shall be implemented consistent with applicable law and subject to the availability of appropriations.
P a g e | 111
Nothing in this order shall be construed to provide an agency with authority for regulating the security of critical infrastructure in addition to or to a greater extent than the authority the agency has under existing law.
Nothing in this order shall be construed to alter or limit any authority or responsibility of an agency under existing law. (b)Nothing in this order shall be construed to impair or otherwise affect the functions of the Director of OMB relating to budgetary, administrative, or legislative proposals.
(c)All actions taken pursuant to this order shall be consistent with requirements and authorities to protect intelligence and law enforcement sources and methods.
Nothing in this order shall be interpreted to supersede measures established under authority of law to protect the security and integrity of specific activities and associations that are in direct support of intelligence and law enforcement operations. (d)This order shall be implemented consistent with U.S. international obligations. (e)This order is not intended to, and does not, create any right or benefit, substantive or procedural, enforceable at law or in equity by any party against the United States, its departments, agencies, or entities, its officers, employees, or agents, or any other person. BARACK OBAMA
P a g e | 112
CRD IV FSA refreshed statement regarding CRD IV implementation

The original proposed deadline for entry into force of the draft European Union legislation to update the framework for capital requirements, known as CRD I V, has now passed. Negotiations between the European Parliament, European Commission and Council of Ministers to finalise the legislation are still underway. The FSA continues to take all action it can to prepare for implementation of CRD IV and continues to expect firms to do the same. Taking into account the further slippages in the negotiation timetable, the FSA now expects to be able to begin collecting data under Common Reporting for the period beginning 1 January 2014, should the legislation have entered into force by this date. The European Commissions proposals for CRD I V, consisting of a Regulation and a Directive, had an implementation date of 1 January 2013, in line with the implementation date of the Basel I I I agreement. Due to the continued negotiations between the European Commission, Parliament and Council, this proposed implementation date has now passed. No alternative date has yet been communicated by the EU institutions. The FSA will continue to undertake all preparatory work that is possible in the absence of finalised legislative text. We expect all firms in scope of CRD to do likewise.
P a g e | 113
We set out our intended approach to capital transition in a statement in October 2012.
Once finalised legislative text is available at the EU level the FSA intends to publicly consult on changes to FSA rules. The provisions of the Regulation will directly apply to firms. The introduction of Common Reporting, which is incorporated into the requirements in CRD I V, is dependent on delivery of the necessary technical systems and on implementing technical standards to be drafted by the European Banking Authority and adopted by the European Commission. The FSA is proceeding with the necessary preparatory work to be ready to begin collecting data under Common Reporting for the period beginning 1 January 2014, should the legislation and related standards be in force by this date.
P a g e | 114
Disclaimer
The Association tries to enhance public access to information about risk and compliance management. Our goal is to keep this information timely and accurate. I f errors are brought to our attention, we will try to correct them. This information: is of a general nature only and is not intended to address the specific circumstances of any particular individual or entity; should not be relied on in the particular context of enforcement or similar regulatory action; is not necessarily comprehensive, complete, or up to date;
is sometimes linked to external sites over which the Association has no control and for which the Association assumes no responsibility; is not professional or legal advice (if you need specific advice, you should always consult a suitably qualified professional); is in no way constitutive of an interpretative document;
does not prejudge the position that the relevant authorities might decide to take on the same matters if developments, including Court rulings, were to lead it to revise some of the views expressed here; does not prejudge the interpretation that the Courts might place on the matters at issue. Please note that it cannot be guaranteed that these information and documents exactly reproduce officially adopted texts. I t is our goal to minimize disruption caused by technical errors. H owever some data or information may have been created or structured in files or formats that are not error-free and we cannot guarantee that our service will not be interrupted or otherwise affected by such problems. The Association accepts no responsibility with regard to such problems incurred as a result of using this site or any linked external sites. I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com
P a g e | 115
Certified Risk and Compliance Management Professional (CRCMP) distance learning and online certification program.
Companies like IBM, Accenture etc. consider the CRCMP a preferred certificate. You may find more if you search (CRCMP preferred certificate) using any search engine. The all-inclusive cost is $297. What is included in the price:
A. The official presentations we use in our instructor-led classes (3285 slides)

The 2309 slides are needed for the exam, as all the questions are based on these slides. The remaining 976 slides are for reference. You can find the course synopsis at: www.risk-compliance-association.com/Certified_Risk_Compliance_ Training.htm
B. Up to 3 Online Exams
You have to pass one exam.
If you fail, you must study the official presentations and try again, but you do not need to spend money. Up to 3 exams are included in the price. To learn more you may visit: www.risk-compliance-association.com/Questions_About_The_Certif ication_And_The_Exams_1.pdf www.risk-compliance-association.com/CRCMP_Certification_Steps_ 1.pdf
C. Personalized Certificate printed in full color

Processing, printing, packing and posting to your office or home.
P a g e | 116
D. The Dodd Frank Act and the new Risk Management Standards (976 slides, included in the 3285 slides)
The US Dodd-Frank Wall Street Reform and Consumer Protection Act is the most significant piece of legislation concerning the financial services industry in about 80 years. What does it mean for risk and compliance management professionals? It means new challenges, new jobs, new careers, and new opportunities. The bill establishes new risk management and corporate governance principles, sets up an early warning system to protect the economy from future threats, and brings more transparency and accountability. It also amends important sections of the Sarbanes Oxley Act. For example, it significantly expands whistleblower protections under the Sarbanes Oxley Act and creates additional anti-retaliation requirements. You will find more information at: www.risk-compliance-association.com/Distance_Learning_and_Cert ification.htm

Risk Management Presentation March 11 2013

Автор:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Risk Management Presentation March 11 2013

Автор:

Авторское право:

Доступные форматы

Page |1

International Association of Risk and Compliance Professionals (IARCP)

Who leads the world in its implementation of Basel I II ?

In 1837 Robert Southey published "The Story of the Three Bears".

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

It is encoded!!! Pillar 2, confidential. Lets break it.

Welcome to the Top 10 list.

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

The UK Prudential Regulation Authority (PRA)

Semiannual Monetary Policy Report to the Congress

Wayne Byres, Secretary General Basel Committee on Banking Supervision

SIMPLICITY, RISK SENSITIVITY AND COMPARABILITY: THE REGULATORY BALANCING ACT

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

Protecting Investors through Reliable Audits

Council of the European Union Basel I I I in Europe CRD4

Irish Presidency reaches breakthrough on new rules for stronger EU banks

Update on Measures to Address Unrecorded Financial Flows

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

Remarks by Thomas J. Curry

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

CRD IV FSA refreshed statement regarding CRD IV implementation

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

The UK Prudential Regulation Authority (PRA)

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

Latest update as we transition to the Prudential Regulation Authority (PRA)

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

1. Changes in policy Individual Guidance

2. Interaction with the PRA PRA web presence

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

3. Publication of the PRA Handbook

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

FAQs on transition to the PRA

Should I continue to submit my return through GABRIEL?

Where should I submit my firms email/ paper returns?

Will the FCA and PRA have separate registers?

Will I retain the same registration number?

Will there be a Practitioner Panel?

2. Authorisations and transitional arrangements

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

Will the new threshold conditions be more specific?

Should I continue to use ONA after legal cutover?

CP 13/3 outlines Handbook transitional provisions related to information submissions.

How will I know where to send information or notifications after LCO?

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

When will my last FSA risk assessment visit be?

When will I know which category my firm falls into?

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

Who will be my PRA supervisor?

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

5. Fees and costs

How will fees be set next year?

How is creating the PRA going to be paid for?

6. Co-ordination with the Financial Conduct Authority

7. Current & forthcoming publications

Draft Memoranda of Understanding (MoU)

http:/ / www.hm-treasury.gov.uk /d/ fin_fs_bill_mou_international_organ isations_jan2012.pdf

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com

Semiannual Monetary Policy Report to the Congress

Current economic conditions

I nternational Association of Risk and Compliance Professionals (I ARCP) www.risk-compliance-association.com