By David Liu, managing director, head of Asia Pacific - compliance and Hong Kong office head, Kroll
Private banks and financial institutions in Asia are heading into uncharted waters as they start grappling in earnest with the practical implications of implementing the OECD’s Common Reporting Standard (CRS).
Complying with the CRS will undoubtedly bring challenges and associated costs, especially for banks that stay in a more reactive mode. However, those banks that take a more strategic, proactive approach may find this a prime opportunity to put in place more effective processes and resources that will improve compliance over the long term and keep costs down.
Complexities driving costs
One of the greatest complexities of implementing the CRS is the way in which the participating nations are signing agreements between themselves. These bilateral agreements can take any number of configurations, with different nation-specific obligations and exceptions.
The multinational scope of the CRS also highlights why financial institutions and banks should think twice if they believe they can just build on the processes they currently use for compliance with the US Foreign Account Tax Compliance Act (Fatca).
As of October 2017, 102 jurisdictions worldwide have committed to the CRS, whereas Fatca compliance only requires the identification of US persons and entities. The CRS massively expands the potential reporting requirements.
This multi-jurisdictional framework is further complicated by the growing number and ever- increasing scope of data privacy and protection laws.
This means that customers themselves may well have greater expectations when it comes to how organisations should safeguard their personal information. As such, financial institutions will need to tread carefully when capturing, storing and handling all the information necessary for CRS compliance.
From the ground up
While understandable for many reasons, taking a reactive approach to CRS compliance can lead to disjointed, short-term efforts that can ultimately waste resources, drive up costs, and worse yet, produce gaps that increase the organisation’s risk exposure. Instead, organisations may wish to start at square one and think strategically about CRS compliance challenges in a cohesive, comprehensive way.
Given the vast geographic area covered by the CRS, organizations might consider building more robust processes and procedures to manage the volume of data they will need to capture, store and handle – both now and in the future.
Planning for future needs is generally always more cost-effective than having to scramble later to find and add resources that integrate with legacy systems. This kind of exercise also has the added benefit of ‘cleaning house’, and exposing any potentially dysfunctional processes, gaps and vulnerabilities.
New technologies, including innovative tools that employ artificial intelligence, will also be key for delivering quality results and cost efficiencies.
That said, organisations should carefully assess the ‘human intelligence’ that drives the machine learning behind most of these platforms.
In a similar fashion, organisations will find that although they might need fewer employees for the compliance function in future, those they do rely on will be more experienced, with more sophisticated skills.
Last but not least, risk-ranking customers will help organisations optimise both their resources and their overall compliance success.
Risk profiles based on generally accepted best practices can be implemented immediately when bringing new clients on board, and can also serve as a clear road map for any remediation efforts.
In short, it’s worth remembering that investing time, attention and resources today may lead to more effective and more cost-efficient compliance outcomes in the future.
This article appeared in the November issue of the Citywire Private Wealth magazine.