Black swans fading to grey and white

ISSUE 27

YOUR MAGAZINE FROM THE INTERNATIONAL COMPLIANCE ASSOCIATION

inCOMPLIANCE ®

Cultural exchange

Cronyism and corruption

The virtuous circle

p.16 p.23

£4.95 where sold separately

p.30

inCOMPLIANCE®19

THOUGHT LEADER

Black swans fading to grey and white

Vladimir Berezansky considers the game changing events of 2016, their impact for the coming year, and potential further

black swans on the horizon

inCOMPLIANCE®

20

THOUGHT LEADER

inCOMPLIANCE®21

I n late 2007, Nassim Nicholas Taleb, a relatively unknown Lebanese-American theoretical statistician, published “The Black Swan.” Its release was as if perfectly timed to

provide a tangible, accessible context for the financial crisis that quickly engulfed the world’s major banks and capital markets. Typical of many eureka moments in human history, Professor Taleb’s insight was blindingly simple.

According to Taleb’s paradigm, a “black swan” is a highly improbable event with three principal characteristics: (1) it is unpredictable; (2) it is an unequivocal game changer; and (3) following its occurrence, explanations are essentially reverse-engineered to provide artificial intellectual comfort (i.e. reasons why the black swan should have been anticipated but wasn’t).

2016: two “real” black swans Leaping ahead almost exactly a decade, we have recently been confronted with two jarring game-changers: Brexit and the election of Donald Trump. By way of confirming that each of these events was indeed a black swan, one need only survey the millions of words generated in earnest on the world’s television and radio broadcasts or in print, all intended to explain why we should have foreseen these eventualities long before their arrival. QED.

In one of his recent weekly broadcasts, CNN’s Fareed Zakaria reminded his viewers of a tongue-in-cheek adage about how journalists are taught to keep count of recurring (or highly similar) current events, namely: “One, two... trend.” This is actually a significant corollary to Prof. Taleb’s doctrine of the black swan. In the media’s haste to identify subsequent world events as confirmation of the brave new world of the Brexit-Trump black swans, the results of the subsequent – but by no means consequent – Italian referendum were press-ganged into service.

If anything, the Italian constitutional referendum held on 4 December 2016 only reinforced the distinct essence of the two genuine black swans of 2016 (i.e. as unpredictable game changers). The Italian plebiscite was highly specific and domestic, sharing few, if any, of the dynamics of populist rage that propelled Brexit and Donald Trump’s election.

Trump: deregulation and diverging standards?President-elect Trump has already made known his position that the US banking sector is over-regulated. Specifically, he has identified Dodd-Frank as an object of his disdain. For our purposes, it might be most useful to focus on Title VI, the Volcker Rule, and Title VII, containing provisions for subjecting OTC derivatives to mandatory clearing with regulated trading platforms. Other potential aspects of Dodd-Frank that might be rolled back include: the requirement that banks establish Board-level risk committees; fee disclosure requirements for retail cross-border transactions (Remittance Regulation 1073); and the prohibition of US-based sales or traders from dealing with counterparties that have not acceded to the rules of the International Swaps and Derivatives Association (ISDA).

Compliance professionals will need to monitor media coverage of specific Executive branch initiatives to weaken or repeal these or perhaps other aspects of the Dodd-Frank regulatory infrastructure. Additionally, US banks and non-US banks with American subsidiaries or branches might also seek to maintain open channels of communication with relevant US Government regulatory authorities and self-regulatory organisations (SROs). As soon as a short list of likely near-term targets for reduced or rescinded regulatory enforcement becomes known, it will be necessary to review in-house protocols and procedures in order to identify a prioritised action plan for making responsive adjustments. You should have no doubt that Front Office colleagues will be quick off the mark in demanding that corresponding reductions to Compliance’s internal controls be implemented.

Finally, compliance professionals working at multinational banks and other cross-border financial institutions should give thought to preparing for scenarios wherein one set of regulatory standards (such as Dodd-Frank) is stepped back, while a functionally equivalent regulatory regime (such as the European Market Infrastructure Regulation on derivatives, central counterparties and trade repositories; EMIR) is maintained or, perhaps, even ratcheted up.

SanctionsNext, news media have consistently reported that Mr Trump and several of his advisors are keen to turn relations with Russia back onto a more productive track. To these ends, it is possible that, as President, Mr Trump might rescind the Executive Orders that constitute the US legal authorisation for the Russian sanctions regime. A proactive compliance contingency plan for 2017 should include detailed procedural guidance for phasing out and/or rapidly lifting the relevant US sectoral sanctions (keeping in mind that there are other, unrelated US sanctions restrictions also in place, such as the “Magnitsky List”), but anticipating an indefinite period during which such US sanctions may be summarily removed (by a deft stroke of Mr Trump’s pen) while EU sanctions, which are based on properly-enacted EU legislation, remain at least temporarily in force.

At the time of writing, it is not yet clear whether the US Congress might attempt to pass “veto-proof” legislation imposing additional sanctions on Russia in response

Compliance professionalsworking at multinational banks and other cross-border financial institutions should give thought to preparing for scenarios wherein one set of regulatory standards is stepped back, whilea functionally equivalent regulatory regime is maintainedor, perhaps, even ratcheted up

inCOMPLIANCE®21

THOUGHT LEADER

to recent allegations that Russian government-backed hackers interfered with the US presidential electoral process. The outlook for potentially even drastic changes to the US sanctions regime as it applies to Russia therefore could change on a daily basis leading up to and immediately following Mr Trump’s inauguration. Sanctions compliance professionals should closely monitor changes to the Office of Foreign Assets Control (OFAC) Sanctions Lists and other official US Government information sources.

Further to sanctions lists, forward-looking compliance professionals would do well to give thought to how specific sanctions regimes might be stepped down gradually – and possibly in their entirety, depending on relevant geopolitical developments – in the cases of (at least) the following countries: Cuba, Myanmar (Burma), Iran and Colombia. As a recent example of how national political agendas often drive sanctions regimes, many were caught off guard by how quickly OFAC acted to remove certain specific US currency controls from the Cuba sanctions regime in anticipation of President Obama’s historic visit to Havana in March 2016. “Business friendly” compliance professionals will have contingency plans already in place in anticipation of similarly rapid changes to other country and/or sector-specific sanctions regimes.

The Brexit swan With regard to the other “real” black swan of 2016, it appears – for now, at least – that compliance-relevant events will be unfolding at a relatively more moderate pace. Nonetheless, compliance professionals should continue to monitor news reporting on UK-EU negotiations – once they commence in earnest – on key issues such as passporting and the continued applicability of EU banking regulations to UK banks.

Another important, although perhaps “softer” category of current developments that merits monitoring is the extent to which global and/or EMEA headquarters for multi-national

banks begin to migrate from London to other EU cities. There are already media reports that Dublin, Paris, Amsterdam and Frankfurt – and perhaps other contenders – have prepared and launched publicity and bank-specific marketing campaigns aimed at attracting at least the EU silos if not the entire global headquarters of major multinational banks away from London.

Future swans These measures could be considered logical and even obvious preparations that compliance professionals should be considering in anticipation of the grey and white swans that are likely to be seen in the coming months, given the two black swans of 2016. As indicated earlier, however, the far more daunting task facing compliance professionals is to prepare, to the extent possible, for the next truly black swans that will occur sooner or later. Meeting this challenge will require creativity and ingenuity.

Looking forward into 2017, what is the significance for compliance of these two clear-cut black swan events? I submit that they constitute a wake-up call that challenges us to review our basic principles and to rethink and re-engineer our approach to the array of risks that we are charged with mitigating.

Berezansky: Black swans provide a wake-up call

The daunting task facing compliance professionals is to prepare, to the extent possible, for the next truly black swans that will occur sooner or later. Meeting this challenge will require creativity and ingenuity

inCOMPLIANCE®

22

Without undue dramatisation, let’s be clear about what we are facing: As we bid farewell to 2016, we now know that black swans are not just a useful statistical tool for placing a specific variety of abnormal historical events into a broader perspective. Black swans occur and will continue to occur; we must therefore devise the intellectual and practical tools necessary to react adequately to such inevitable future occurrences.

To adjust our focus properly it is necessary to step back and identify trends that are likely to raise significant future implications for the compliance function. Which major developments and significant tendencies are likely to raise complex issues that will most likely challenge our fundamental assumptions and working premises?

One such development is the gradual realisation in the banking and financial services sectors that the practice of occupying substantial office premises – whether it be a far-reaching network of small branch offices or an imposing urban skyscraper – has become obsolete. The obvious corollary to this tendency is the drastic downsizing of banking staffs, a process that is already well underway. The overwhelming trend is clearly toward remote, online, and virtual banking in all aspects and respects.

A related development is the question of how proper onboarding “know your customer” (KYC) checks could be performed if the prospective client completes its application by speaking to a chatbot. In this new paradigm, what kind of documentation should and must be compiled for the completion of adequate and reliable due diligence? Will a bank or other licensed financial institution need to maintain digital KYC files on its premises? Moreover, in this radically disrupted context, what might constitute “premises”?

Is it sufficient for the Compliance Function to have secured the services of a reliable (licensed?) third-party vendor of outsourced KYC processing? In this scenario, which entity bears legal (including potentially criminal) liability before the regulator: the bank, or the vendor to which it has outsourced the KYC on-boarding function? If the latter, then what will compliance’s indispensable role be?

Can a bank or its properly accredited third-party vendor maintain KYC files in the Cloud? Would regulators be comfortable with this type of architecture? Would this configuration pass muster with the restrictions imposed by personal data privacy legislation in many countries?

Future challenges This has been just a brief overview of the questions that compliance professionals need to be considering now to

ensure the Compliance Function’s adaptability and viability in light of inevitable changes to the broader structural banking paradigm. Peering at the horizon line’s furthest crest, financial regulatory compliance professionals will need to adapt quickly to the following – and perhaps other, as yet unforeseen – game changers:• Cyber security – This is no longer the exclusive preserve of

IT and/or Security. Compliance needs to become intensely involved in establishing, maintaining and managing metrics for cyber security protocols, procedures, and interface with relevant governmental authorities and SROs. In early December 2016, the Federal Deposit Insurance Corporation (FDIC), Office of Comptroller of the Currency (OCC), and the Fed announced the opening of a notice and comment period for proposed cyber security requirements as part of their collective efforts to help protect financial markets and customers from cyber attacks. Later the same month, the New York (state-level) financial regulator proposed revisions to the nation’s first prototype for cyber security regulations for banks and insurers, including heretofore unprecedented requirements for financial firms to protect their networks and customer data from hackers.

• Crypto-currencies – This is no longer a hybrid, countercultural, elitist hobby, but rather a viable and readily accessible alternative to sovereign (“fiat”) currencies. In early December 2016, Bloomberg reported: “In Denmark, the [Central Bank is] now looking into producing a virtual currency, which they predict will make crime harder and oversight easier. The Danes aren’t alone. Britain and Sweden are blazing a trail in Europe. Singapore and Canada have already tested blockchain-based currency systems for internet payments.”

• FinTech – The competition to establish global leadership in this developmental vector has become quite aggressive. The UK, Switzerland and Singapore have implemented regulatory holidays for government-supported incubators; and Singapore is providing government grant funds to attract fintech expertise to their national incubator.

Finally, if readers were perhaps expecting to see the Panama Papers treated – whether or not in the guise of a black swan – in such a year-end summary of recent (past) and (future) anticipated compliance highlights, they should take note that this will be covered in my next article for inCOMPLIANCE (which will be published in March 2017). Peering ahead into 2017, it appears that there are, if anything, even more complex compliance challenges awaiting us than those encountered in 2016.

Vladimir Berezansky was one of the first foreign professionals to bring Western (US, UK, EU) regulatory compliance leadership to the Russian/CIS/CEE financial services market. He has more than 15 years of work experience in Russia/CIS and Eastern Europe, as well as Cyprus, Switzerland and in London’s financial markets. Among his specialisations, Vladimir is a recognised expert in structured offshore Russian wealth, including how and why these specific strata of global offshore wealth were created, their legitimate uses, and indicia of suspicious and/or potentially illegal uses.

Black swans occur and willcontinue to occur; we must therefore devise the intellectual and practical tools necessary to react adequately to such inevitablefuture occurrences

THOUGHT LEADER

inCOMPLIANCE®23