misconduct risk prefer...Speech given by Mark Carney, Governor of the Bank of England, Society of...

P a g e | 1

_____________________________________________________________ International Association of Risk and Compliance Professionals (IARCP)

Monday, June 11, 2018 Top 10 risk and compliance related news stories and world events that (for

better or for worse) shaped the week's agenda, and what is next

Dear members and friends, We have a very interesting consultative document from the Financial Stability Board (FSB): “Recommendations for consistent national reporting of data on the use of compensation tools to address misconduct risk.” We read: “For the purposes of this document, misconduct is defined as “conduct that falls short of expected standards, including legal, professional, internal conduct and ethical standards” (please see also footnote 9). You guessed it. Immediately after reading that, I visited footnote 9, where I learned that throughout this document, the term “misconduct risk” is kept for consistency with the terminology used in the FSB work on measures to address “misconduct risk”. It is however noted that many firms prefer the use of the term “conduct risk” as conduct programmes extend well beyond efforts to address misconduct, and increasingly exhibit, for example, measures aimed at promoting positive conduct as well as remediating inappropriate conduct. I love the creative idea to change “misconduct risk” to “conduct risk”. Positive thinking doesn't mean that you keep your head in the sand and ignore life's less pleasant situations. Sometimes it means that you try to keep the heads of investors in the sand too. No, the FSB paper didn’t say that. Lao Tzu believed that “when virtue is lost, benevolence appears, when benevolence is lost right conduct appears, when right conduct is lost, expedience appears. Expediency is the mere shadow of right and truth; it is

P a g e | 2


the beginning of disorder.” I liked footnote 18: “Compensation is just one of the available tools to address misconduct risk. In certain instances, the incentivising/deterrent effect of compensation might not be sufficient, and it may be necessary to resort to other measures such as disciplinary sanctions, dismissal, deferment in career progression, mandatory training, depending on the severity of the misconduct.” Mandatory training sounds like the scariest option. Read more at Number 1 below. Welcome to the Top 10 list. Best Regards,

George Lekatis President of the IARCP General Manager, Compliance LLC 1200 G Street NW Suite 800, Washington DC 20005, USA Tel: (202) 449-9750 Email: [email protected] Web: www.risk-compliance-association.com HQ: 1220 N. Market Street Suite 804, Wilmington DE 19801, USA Tel: (302) 342-8828

mailto:[email protected]

http://www.risk-compliance-association.com/

P a g e | 3


Number 1 (Page 6)

FSB publicly consults on recommendations for compensation data reporting to address misconduct risk

The Financial Stability Board (FSB) published a public consultation on Recommendations for consistent national reporting of data on the use of compensation tools to address misconduct risk.

Number 2 (Page 8)

EBA updates list of O-SIIs in the EU

Number 3 (Page 10)

Annual Report, Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht – BaFin)

Number 4 (Page 12)

BIS Quarterly Review, June 2018 International banking and financial market developments

P a g e | 4


Number 5 (Page 13)

Are you Cyber-Savvy?

Number 6 (Page 14)

Four EU cybersecurity organisations enhance cooperation The European Union Agency for Network and Information Security (ENISA), the European Defence Agency (EDA), the European Cybercrime Centre (EC3) and the Computer Emergency Response Team for the EU Institutions, Agencies and Bodies (CERT-EU) today signed a Memorandum of Understanding (MoU) to establish a cooperation framework between their organisations.

Number 7 (Page 17)

From the Secretary General Jonathan Dixon, Secretary General

This month, work on the development of the IAIS 2020-24 Strategic Plan and Financial Outlook took a significant step forward.

P a g e | 5


Number 8 (Page 18)

Cybersecurity Enforcement Actions

Number 9 (Page 19)

Guidance, Contingencies and Brexit Speech given by Mark Carney, Governor of the Bank of England, Society of Professional Economists

Number 10 (Page 22) Time to revisit the paper from the European Union Agency for Network and Information Security (ENISA).

Handbook on Security of Personal Data Processing

P a g e | 6


Number 1

FSB publicly consults on recommendations for compensation data reporting to address misconduct risk

The Financial Stability Board (FSB) published a public consultation on Recommendations for consistent national reporting of data on the use of compensation tools to address misconduct risk. Collecting and evaluating compensation data on a regular basis can provide both firms and supervisors with important insights into the effectiveness of compensation programmes and potential areas of weakness. Currently the gathering and analysis of compensation data varies significantly across jurisdictions and firms. The Recommendations seek to assist national supervisory authorities from all financial sectors by enhancing their capacity to consider and monitor the effectiveness of compensation tools and other mechanisms in promoting good conduct and addressing misconduct risk. The proposed data set included in the Recommendations is designed to help firms and supervisors answer a number of important questions, including whether governance and risk management processes surrounding compensation: - appropriately include conduct considerations in the design of their

compensation and incentive systems, including the setting of individual goals, ex ante performance measurement mechanisms and ex post compensation adjustments;

- support the effective use of compensation tools to help promote good

conduct or to remediate individual conduct that is not in line with the firm’s expectations, including holding individuals accountable for any misconduct that occurs;

- promote wider risk management goals, including for conduct issues,

consistent with the firm’s strategy and risk tolerance; and - support the effective identification of emerging misconduct risks and

where appropriate, review use of incentive systems and compensation

P a g e | 7


decisions in response to conduct incidents to ensure alignment of incentives, risk and reward.

The FSB welcomes comments and responses to the questions set out in the consultative document by Friday 6 July 2018. Responses will be published on the FSB website unless respondents expressly request otherwise. The FSB has also published today a summary note of an industry workshop organised last December as part of the FSB’s work to develop the Recommendations. The FSB also welcomes any feedback on topics discussed at the workshop that are included in the summary note, also by Friday 6 July 2018. To read more: http://www.fsb.org/wp-content/uploads/P070518-1.pdf

http://www.fsb.org/wp-content/uploads/P070518-1.pdf

P a g e | 8


Number 2

EBA updates list of O-SIIs in the EU

The European Banking Authority (EBA) updated the 2017 list of Other Systemically Important Institutions (O-SIIs) in the EU. O-SIIs – those institutions which, along with Global Systemically Important Institutions (G-SIIs) are deemed systemically important – have been identified by the relevant authorities across the Union according to harmonised criteria provided by the EBA Guidelines. This list also reflects the additional capital buffers that the relevant authorities have set for the identified O-SIIs. The EBA Guidelines on criteria to assess O-SIIs define the size, importance, complexity (or cross-border activities) and interconnectedness of such institutions. These Guidelines provide additional flexibility for relevant authorities to apply their supervisory judgment when deciding to include other institutions that might have not been automatically identified as O-SIIs.

P a g e | 9


This approach allows for the assessment of all financial institutions across the EU in a comparable way, whilst still not excluding those firms which may be deemed for one EU jurisdiction on the basis of certain specificities. The EBA acts as the single point of disclosure for the list of O-SIIs across the EU, while each relevant authority discloses information for its respective jurisdiction, along with further details on the underlying rationale and identification process. This additional information is key for understanding the specific features of each O-SII and get some insight in terms of supervisory judgment, optional indicators used, buffer decisions and phase-in implementation dates. The list of O-SIIs is disclosed on an annual basis, along with any Common Equity Tier 1 (CET1) capital buffer requirements, which may need to be set or reset. Higher capital requirements will become applicable at least one year after the publication of the O-SIIs list to give institutions enough time to adjust to the new buffer requirements. You can read the list at: http://www.eba.europa.eu/risk-analysis-and-data/other-systemically-important-institutions-o-siis-/2017 http://www.eba.europa.eu/risk-analysis-and-data/other-systemically-important-institutions-o-siis-

http://www.eba.europa.eu/risk-analysis-and-data/other-systemically-important-institutions-o-siis-/2017

http://www.eba.europa.eu/risk-analysis-and-data/other-systemically-important-institutions-o-siis-/2017

http://www.eba.europa.eu/risk-analysis-and-data/other-systemically-important-institutions-o-siis-

http://www.eba.europa.eu/risk-analysis-and-data/other-systemically-important-institutions-o-siis-

P a g e | 10


Number 3

Annual Report, Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht – BaFin)

The BaFin fintech project In December 2016, BaFin successfully completed the fintech project that it had launched at the end of 2015.

One objective of the project was to ensure that BaFin handles fintech companies and their supervisory concerns appropriately. Another aim was to provide the companies – which often feature a certain start-up culture – with guidance in order for them to better understand BaFin’s supervisory viewpoint.

P a g e | 11


Depending on their business models, fintech companies also require authorisation from BaFin and must meet the relevant supervisory requirements. The principle of “same business, same risk, same rules” applies, in combination with the principle of proportionality. To read the report: https://www.bafin.de/EN/PublikationenDaten/Jahresbericht/jahresbericht_node_en.html

https://www.bafin.de/EN/PublikationenDaten/Jahresbericht/jahresbericht_node_en.html

https://www.bafin.de/EN/PublikationenDaten/Jahresbericht/jahresbericht_node_en.html

P a g e | 12


Number 4

BIS Quarterly Review, June 2018 International banking and financial market developments

The credit default swap market: what a difference a decade makes

Over the last decade, the size and structure of the global credit default swap (CDS) market have changed markedly. With the help of the BIS derivatives statistics, we document how outstanding amounts have fallen, central clearing has risen and the composition of underlying credit risk exposures has evolved. Netting of CDS contracts has increased, due to the combination of a higher share of standardised index products and the clearing of such contracts via central counterparties. In turn, this has led to a further reduction in counterparty risk. Underlying credit risks have shifted towards sovereigns and portfolios of reference securities with better credit ratings. The distribution of credit risks across counterparty categories has remained broadly unchanged. To read it: https://www.bis.org/publ/qtrpdf/r_qt1806.pdf

https://www.bis.org/publ/qtrpdf/r_qt1806.pdf

P a g e | 13


Number 5

Are you Cyber-Savvy?

You may visit: https://www.sec.gov/spotlight/cybersecurity

https://www.sec.gov/spotlight/cybersecurity

P a g e | 14


Number 6

Four EU cybersecurity organisations enhance cooperation The European Union Agency for Network and Information Security (ENISA), the European Defence Agency (EDA), the European Cybercrime Centre (EC3) and the Computer Emergency Response Team for the EU Institutions, Agencies and Bodies (CERT-EU) today signed a Memorandum of Understanding (MoU) to establish a cooperation framework between their organisations.

The Memorandum of Understanding was signed by Udo Helmbrecht, ENISA's Executive Director, Jorge Domecq, Chief Executive of the EDA, Steven Wilson, Head of EC3 and Ken Ducatel, CERT-EU's Acting Head. The MoU aims at leveraging synergies between the four organisations, promoting cooperation on cyber security and cyber defence and is a testament to the trusted partnership that exists between these EU agencies. More specifically, it focuses on five areas of cooperation, namely Exchange of information; Education & Training; Cyber exercises; Technical cooperation; and Strategic and administrative matters. It also allows for cooperation in other areas identified as mutually important by the four organisations. This collaboration will ensure the best possible use of existing resources by avoiding duplicative efforts and building on the complementarity of ENISA, EDA, EC3 and CERT-EU. This framework brings added value to the expertise, support and services that these parties provide to the European Union organisations, Member States and all stakeholders concerned. High Representative/Vice-President and Head of the European Defence Agency, Federica Mogherini said: “Cyberspace threats do not know of national borders. Cooperation among Member States but also at European level is therefore essential. Europe is stronger when it tackles threats together, in a common and coordinated approach. And this is exactly where this Memorandum of Understanding is key and where the added value of the European Union lies: working together, joining forces, putting the experiences and the knowledge of all at the service of our citizens' security.” Vice-President for Digital Single Market Andrus Ansip said: “We can face cyber threats successfully if we have in place a functioning exchange of

P a g e | 15


information, we have strong technical capabilities and we work on basic cyber hygiene. Better cooperation between these EU agencies will lead to this result.” Commissioner for Migration, Home Affairs and Citizenship Dimitris Avramopoulos said: “The threats against both our physical and virtual worlds are becoming increasingly connected. This is why increasing cyber security is one of the priorities of the European Union. But we can only do this effectively through stronger cooperation and joint actions, where our operational agencies, like Europol, can play a critical role with the expertise they bring to the table in support of our Member States.” Commissioner for the Security Union Julian King said: “The cross-border nature of the cyber threat means that cooperation has never been more important. This improved collaboration between ENISA, EDA, EC3 and CERT-EU will help us to strengthen our cyber resilience, build effective deterrence and help deliver credible cyber defence and international cooperation.” Commissioner for Digital Economy and Society, Mariya Gabriel said: “Trust and security are key components of the digital economy and society. The EU agencies should lead by example. Only by working closely together will we have a chance to mitigate the cybersecurity risks.” Prof. Dr. Udo Helmbrecht, Executive Director of ENISA said: “ENISA welcomes the opportunity to work closely with our partner organisations. Cybersecurity is a shared responsibility, and it is only by cooperating closely with all relevant stakeholders that the EU has a chance to address cybersecurity challenges.” Jorge Domecq, Chief Executive of the EDA: “EDA supports Member States in the development of their defence capabilities. As such, we also act as the military interface to EU policies. Today’s Memorandum of Understanding is an important step towards increased civil-military cooperation and synergies in the area of cyber security and cyber defence.” Steven Wilson, Head of Europol’s European Cybercrime Centre (EC3): “This MoU illustrates how a safe and open cyberspace can only be achieved through enhanced cooperation and commitment. Through their participation, all parties involved demonstrate that they are willing to join forces and recognise that together we can provide the necessary response to cyber related threats. From EC3, we welcome the opportunity to enter a new era of working together with our MoU partners and are delighted to share our expertise and experience.”

P a g e | 16


Ken Ducatel, Acting Head of CERT-EU, said: “The EU institutions, bodies and agencies rely on the specialised skills and tools in threat intelligence and incident response of CERT-EU. But, we don’t maintain these capacities by acting alone. That is why acting together with our peers and partners in the other signatories to this Memorandum is so important.” The 2014 Cyber Defence Policy Framework called for the promotion of civil-military cooperation and synergies with wider EU cyber policies, relevant EU institutions and agencies as well as with the private sector. ENISA, EDA, EC3 and CERT-EU began initial discussions in 2016 which eventually led to this milestone signature. The principles behind this Memorandum of Understanding are fully in line with the implementation of the Joint Communication on Cyber issued by the High Representative and the European Commission in September 2017.

P a g e | 17


Number 7

From the Secretary General Jonathan Dixon, Secretary General

This month, work on the development of the IAIS 2020-24 Strategic Plan and Financial Outlook took a significant step forward. The Strategic Plan and Financial Outlook Task Force met to review inputs provided by the IAIS membership, stakeholders and Secretariat and to discuss future High Level Goals and Strategies. While work will continue over the coming months, an early message is that the IAIS will increasingly pivot to a greater emphasis on enhancing supervisory practices. As we complete our current commitments on ComFrame and a holistic framework for mitigating systemic risk, our focus will necessarily shift to providing guidance to supervisors on how to implement effective supervisory practices, particularly on how to respond in proactive and robust ways to emerging trends and risks such as cyber security, FinTech and climate change. The coming years are also likely to see a heightened conversation about the role of insurance – and in turn of insurance supervision – in sustaining long-term, inclusive economic development by closing the protection gap and through long-term investment. The role of insurance as a “risk signaller” will be particularly crucial in areas such as cyber security and climate change. As a global community of supervisors we will likely need to consider how to support the critical socioeconomic role of insurance in line with our ultimate goal of policyholder protection. More progress will be shared with Members and stakeholders at the Global Seminar in July. You may visit: https://www.iaisweb.org/page/news/newsletter/file/74724/iais-newsletter-may-2018

https://www.iaisweb.org/page/news/newsletter/file/74724/iais-newsletter-may-2018

https://www.iaisweb.org/page/news/newsletter/file/74724/iais-newsletter-may-2018

P a g e | 18


Number 8

Cybersecurity Enforcement Actions

You may visit: https://www.sec.gov/spotlight/cybersecurity-enforcement-actions

https://www.sec.gov/spotlight/cybersecurity-enforcement-actions

P a g e | 19


Number 9

Guidance, Contingencies and Brexit Speech given by Mark Carney, Governor of the Bank of England, Society of Professional Economists

This evening I would like to discuss potential paths for monetary policy during the next, critical phase of the Brexit process. Note the conditionality of the phrase “potential paths.” The actual path for policy will depend on the outlook for the economy which in turn will depend very much on how the Brexit negotiations evolve. Monetary policy is always contingent on the economic outlook. This is broader than it being data dependent. In order to achieve the inflation target, monetary policy needs to adjust not only to news about current conditions but also to any changes in likely future circumstances. While it may be the MPC that sets interest rates, it is ultimately the economy that determines them. Monetary policy will be most effective if agents can anticipate how policymakers will react to changing conditions. But the predictability of monetary policy can break down when there are large structural changes in: - Supply capacity; - Equilibrium interest rates; or - Trading relationships. In such circumstances, forward guidance can help anchor expectations and improve the effectiveness of monetary policy.

P a g e | 20


This generally wasn’t necessary during the Great Moderation, when the economy was largely subject to a series of demand shocks. The inflation target could be achieved without causing undesirable volatility in output and employment (so-called “divine coincidence”). Despite the crisis, divine coincidence has continued to reign in the euro area and the US. Large output gaps and below-target inflation have pointed monetary policy in the same direction. That, unfortunately, has not been the case in the UK economy, which has been subject to a series of major supply shocks over the past five years, creating tensions between short-term output and inflation stabilisation. Brexit is the latest and potentially largest example. Brexit is a regime shift that has markedly increased the range of possible outcomes for the UK economy and therefore the potential paths of monetary policy. The major Brexit contingencies include: - The form of the new economic partnership between the EU and UK; - Whether the transition to that end state will be smooth or cliff-edged; and - How agents in the economy (households, businesses and financial markets) react to these prospects, particularly the extent to which they are affected by the uncertainty during the negotiations and the degree to which they anticipate the outcome and pull forward adjustment. As the Brexit process continues and the answers to these questions become clearer, the MPC will adapt its specific guidance and monetary policy more broadly in order to meet the inflation target. My message this evening is straightforward. From a monetary policy perspective, the Bank of England is ready for Brexit whatever form it takes.

The role of guidance and the UK experience Before turning to Brexit, I would like to review briefly the MPC’s experience with forward guidance. The objective of forward guidance is to give insights into the MPC’s reaction function – in other words, how the Committee will adjust policy when the outlook for growth and inflation changes.

P a g e | 21


In a perfect world, guidance would be redundant. People would know how the MPC intends to set rates over the future and how those intentions would adjust to economic developments in all eventualities – the so-called reaction function. But the world is complex and people don’t have endless time to devote to understanding monetary policy. In practice, therefore, guidance can be useful in providing people with information about how the MPC sets policy and, over time, in improving understanding of how monetary policy will adjust to news. Guidance thus helps people to think along with the Committee so that their expectations about the path of policy adapt with ours as economic circumstances change. This can make monetary policy more effective by reducing unwarranted volatility in interest rate expectations and the extent to which the MPC has to move Bank Rate to meet the inflation target. The more those expectations are aligned with the policy path necessary to achieve the inflation target, the higher the probability that policy objective will be achieved. Guidance is not a promise of the future path of policy. And its use will not mean that all observers will agree on the likely path of policy for the simple reason that not everyone will agree on the likely path for the economy. However, with guidance, someone who has a different outlook can better anticipate how the MPC will adjust once the scales fall from the Committee’s eyes. Again it is the combination of the economy and the primacy of the inflation target, not the MPC, that ultimately determines that path of policy. To read more: https://www.bankofengland.co.uk/-/media/boe/files/speech/2018/guidance-contingencies-and-brexit-speech-by-mark-carney.pdf?la=en&hash=AB4FDD511C5594498916614748D3867298EA8163

https://www.bankofengland.co.uk/-/media/boe/files/speech/2018/guidance-contingencies-and-brexit-speech-by-mark-carney.pdf?la=en&hash=AB4FDD511C5594498916614748D3867298EA8163



P a g e | 22


Number 10 Time to revisit the paper from the European Union Agency for Network and Information Security (ENISA).

Handbook on Security of Personal Data Processing

The General Data Protection Regulation (EU) 679/2016 (‘GDPR’) is the main data protection legal framework in EU, directly applicable to all Member States, repealing the current Data Protection Directive 95/46/EC. One of the core obligations for all businesses, including SMEs, acting either as data controllers or data processors, in GDPR is that of the security of personal data. In particular, according to GDPR security equally covers confidentiality, integrity and availability and should be considered following a risk-based approach: the higher the risk, the more rigorous the measures that the controller or the processor needs to take (in order to manage the risk). Even if this risk-based approach is not a new concept, only a few specific privacy risk assessment frameworks have been presented, focusing principally on the evaluation of risks to personal data and adoption of relevant security measures. On this basis and as part of its continuous support on EU policy implementation, ENISA published in 2016 a set of guidelines for SMEs, acting as data controllers or processors, which aim at helping them assess

P a g e | 23


security risks and accordingly adopt security measures for the protection of personal data. Those guidelines can also be of use in all cases where risk assessment is envisaged under the Regulation (e.g. Data Protection Impact Assessment, personal data breach notification, etc). Within 2017 the Agency continued its activities in the area and focused on providing further guidance on the application of the aforementioned guidelines through specific uses cases. In close collaboration with experts from national Data Protection Authorities, each use case corresponds to a specific personal data processing operation and makes specific assumptions on the data processing environment and overall context of processing. The provided examples however focus only on security measures and do not aim at providing any legal analysis or assessment of compliance with GDPR for the specific data processing operations. While performing the analysis, a number of conclusions and relevant recommendations, targeted at different stakeholders, were drawn and are presented below. - Competent EU bodies, EU policy makers and regulators (e.g. Data

Protection Authorities) should develop practical and scalable guidelines that will be able to support and assist different types of data controllers and address specific stakeholders’ communities.

- Competent EU bodies, EU policy makers and regulators (e.g. Data

Protection Authorities) should promulgate a set of baseline professional skills and requirements that Data Protection Officers’ should meet.

- EU policy makers and regulators (e.g. Data Protection Authorities)

should define and promote scalable data protection certification schemes, that meet the needs of SMEs and empower them to achieve and demonstrate compliance.

- The research community and competent EU bodies, in close

collaboration with regulators (e.g. Data Protection Authorities), should propose and put forward methodologies that combine security risk management and risk management of personal data.

- SME communities and associations, in close collaboration with

competent EU bodies and regulators (e.g. Data Protection Authorities),

P a g e | 24


should communicate and encourage data controllers to undertake actions towards security and privacy compliance as a competitive advantage alongside the underlying legal obligations.

To read the paper: https://www.enisa.europa.eu/publications/handbook-on-security-of-personal-data-processing

https://www.enisa.europa.eu/publications/handbook-on-security-of-personal-data-processing

https://www.enisa.europa.eu/publications/handbook-on-security-of-personal-data-processing

P a g e | 25


Disclaimer The Association tries to enhance public access to information about risk and compliance management. Our goal is to keep this information timely and accurate. If errors are brought to our attention, we will try to correct them. This information: - is of a general nature only and is not intended to address the specific circumstances of any individual or entity; - should not be relied on in the context of enforcement or similar regulatory action; - is not necessarily comprehensive, complete, or up to date; - is sometimes linked to external sites over which the Association has no control and for which the Association assumes no responsibility; - is not professional or legal advice (if you need specific advice, you should always consult a suitably qualified professional); - is in no way constitutive of an interpretative document; - does not prejudge the position that the relevant authorities might decide to take on the same matters if developments, including Court rulings, were to lead it to revise some of the views expressed here; - does not prejudge the interpretation that the Courts might place on the matters at issue. Please note that it cannot be guaranteed that these information and documents exactly reproduce officially adopted texts. It is our goal to minimize disruption caused by technical errors. However, some data or information may have been created or structured in files or formats that are not error-free and we cannot guarantee that our service will not be interrupted or otherwise affected by such problems. The Association accepts no responsibility regarding such problems incurred because of using this site or any linked external sites.

P a g e | 26


International Association of Risk and Compliance Professionals

You can explore what we offer to our members: 1. Membership – Become a standard, premium or lifetime member. You may visit: www.risk-compliance-association.com/How_to_become_member.htm Become a lifetime member of the association, and to continue your journey without interruption and without renewal worries. You will get a lifetime of benefits as well. You can check the benefits at: www.risk-compliance-association.com/Lifetime_Membership.htm 2. Weekly Updates - Subscribe to receive every Monday, the Top 10 risk and compliance management related news stories and world events that (for better or for worse) shaped the week's agenda, and what is next: http://forms.aweber.com/form/02/1254213302.htm 3. Training and Certification - The Certified Risk and Compliance Management Professional (CRCMP) training and certification program has become one of the most recognized programs in risk management and compliance. There are CRCMPs in 32 countries around the world. Companies and organizations like Accenture, American Express, USAA etc. consider the CRCMP a preferred certificate. You can find more about the demand for CRCMPs at: www.risk-compliance-association.com/CRCMP_Jobs_Careers.pdf For the distance learning programs, you may visit: www.risk-compliance-association.com/Distance_Learning_and_Certification.htm For instructor-led training, you may contact us. We can tailor all programs to meet specific requirements. We tailor presentations, awareness and training programs for supervisors, boards of directors, service providers and consultants.

http://www.risk-compliance-association.com/How_to_become_member.htm

http://www.risk-compliance-association.com/Lifetime_Membership.htm

http://forms.aweber.com/form/02/1254213302.htm

http://www.risk-compliance-association.com/CRCMP_Jobs_Careers.pdf

http://www.risk-compliance-association.com/Distance_Learning_and_Certification.htm

http://www.risk-compliance-association.com/Distance_Learning_and_Certification.htm

P a g e | 27


Some CRCMP jobs:

4. IARCP Authorized Certified Trainer (IARCP-ACT) Program - Become a Certified Risk and Compliance Management Professional Trainer (CRCMPT) or Certified Information Systems Risk and Compliance Professional Trainer (CISRCPT). This is an additional advantage on your resume, serving as a third-party endorsement to your knowledge and experience. Certificates are important when being considered for a promotion or other career opportunities. You give the necessary assurance that you have the knowledge and skills to accept more responsibility. To learn more, you may visit:

http://www.risk-compliance-association.com/IARCP_ACT.html

P a g e | 28


www.risk-compliance-association.com/IARCP_ACT.html 5. Approved Training and Certification Centers (IARCP-ATCCs) - In response to the increasing demand for CRCMP training, the International Association of Risk and Compliance Professionals is developing a world-wide network of Approved Training and Certification Centers (IARCP-ATCCs). This will give the opportunity to risk and compliance managers, officers, and consultants to have access to instructor-led CRCMP and CISRCP training at convenient locations that meet international standards. ATCCs use IARCP approved course materials and have access to IARCP Authorized Certified Trainers (IARCP-ACTs). To learn more: www.risk-compliance-association.com/Approved_Centers.html

http://www.risk-compliance-association.com/IARCP_ACT.html

http://www.risk-compliance-association.com/Approved_Centers.html

http://www.risk-compliance-association.com/Approved_Centers.html

misconduct risk prefer...Speech given by Mark Carney, Governor of the Bank of England, Society of...

Documents

Transcript of misconduct risk prefer...Speech given by Mark Carney, Governor of the Bank of England, Society of...