IOMFSA issue ‘Dear CEO’ letter
On 13 March 2020 the Isle of Man Financial Services Authority issued its first Dear CEO letter in relation to items identified by the Authority through its inspection programme and general supervision of the Trust and Corporate Service providers in the Island.
Whilst this letter is issued to Class 4 and Class 5 CEOs the matters raised should be examined in detail by all compliance teams, senior management and boards throughout financial services as this letter clearly sets out the expectations of the Authority. We recommend that companies critically review their current compliance and risk management processes, procedures and controls in the light of the matters raised and report formally to the board the result of those findings. The report should highlight areas of strength as well as those areas which may require attention together with recommendations for improvement, where necessary.
Effective risk management is at the core of all governance systems of control and is central to ensuring that decisions are not made that result in the company operating outside the strategic corporate appetite of the board.
It is our experience that members of core senior management and the executive board often have a clear individual understanding of the risks the company faces and the boundaries of what is acceptable and what is not. It is not always clear though that as a collective, senior management and the board have the same views. This can lead to, at best, disjointed decisions, silo mentality and a lack of clarity for staff who are implementing the companies policies on a day to day basis. At worst the company is exposed to significant financial or reputational loss and a straining of the relationship with the regulator.
Risk taking is a fact of everyday life in business. Lucrative opportunities can bring enhanced profitability, and longer term sustainability as businesses successfully diversify operations. Without proper understanding of the significant exposures together with the implementation of the appropriate controls to manage or mitigate them, volatile profits can result in undermining the financial strength of the company, poor decisions can inadvertently involve the company in financial crime and reputations, years in the making, can be destroyed.
It is the consideration, assessment and agreement by the board of the extent to which it is willing to expose its operations to risk and the effective monitoring and control of that exposure that ensure that opportunities are pursued in a controlled, managed and acceptable manner resulting in a sustainable business.
Communication of this common understanding aligned to the longer term strategy of the company provides clarity for staff, investors, and regulators.
the IOMFSA concludes its letter with its strongest warning yet:
“The supervisory teams will follow-up in 2021 with a sample of licenceholders as to the board’sconsideration of the matters outlined in this letter. “Where there is non-compliance with the relevant requirements, the Authority will have regard to the consideration given by licenceholders to this correspondence, when exercising its regulatory and enforcement powers”.
Rowany AML Solutions Limited can help companies to evaluate their current risk management frameworks, providing an independent perspective of an experienced Head of Supervision. Meet us for a chat over coffee (or tea), to see how we might be able to help you.