Jul 24, 2014
From the Advisory Institute
Since the financial crisis, regulatory agencies have been directing financial institutions to strengthen their risk management and corporate governance systems.
In the case of large entities, regulators have set a high bar – that is, these institutions are expected to develop compliance risk management (CRM) systems that are distinguished by a culture of compliance and promoted by strong board of director oversight, an enterprise-wide framework, and clear management and oversight processes.
CRM-related regulatory guidance has generally set principles-based rather than prescriptive expectations, encouraging financial entities to tailor their CRM programs to the scope and complexity of their organizations and specific risk profiles. The regulators have cautioned, however, that deficiencies may render a financial institution unable to detect its own violations and may leave it vulnerable to regulatory action and reputation risks.
Against this backdrop, KPMG conducted the Compliance Risk Management Survey (CRM Survey) to give respondents insights into the current state of development and integration of the CRM programs in place among their peers and the broader financial services industry. The CRM Survey was also intended to provide a gauge by which respondents could assess their positioning against evolving industry CRM practices.
The Compliance Risk Management Survey: A Point of View highlights key results from the survey, including:
- Responses grouped by "retail banks" (including domestic and foreign institutions representative of the top 25 bank holding companies)
- Responses grouped by "other banks" (including investment banks, insurance companies and other financial services firms)
- KPMG analysis of areas of strength and areas for further enhancement