Regulatory Risk

The three key regulatory risks to a business and the measures Compliance
Department should have in place to mitigate them

HSBC Technology and Services

 HSBC TECHNOLOGY AND SERVICES

 CONTENTS

 Introduction
 Regulatory Risk
 Consequences of Non-adherence
 Key Risks : Reputational Risk, Financial Risk &
Litigation Risk
 ?
 Other Risks : Money Laundering Risk
 Measures to Manage Regulatory Risks

2 Contents Restricted for company use only

 HSBC TECHNOLOGY AND SERVICES

 Introduction

Restricted for company use only

 HSBC TECHNOLOGY AND SERVICES

 Regulatory Risk
 A Regulatory risk is the risk to the legal position, earnings, capital and reputation
associated with failure to comply with regulatory requirements and expectations set by the
operating BA Regulatory Authority.

 Examples of Regulatory Authorities in GSCC ;

 The three key regulatory risks for a business or an outsourcing company would be
Reputational Risk, Financial Risk & Litigation Risk.

4 Your presentation title goes here Restricted for company use only
 HSBC TECHNOLOGY AND SERVICES

Key Regulatory Risks


 Reputational Risk
 Reputation risk and can be defined as an Organizations potential loss of
revenue or market value due to the negative opinion or stakeholders and
the public.
 Non adherence to Regulations would increase the reputational risks in the
business as mentioned below;
 Regulatory authorities penalizing the organization could create a negative
impression on the organization among the public, regulators and the
stakeholders.
 Repeat findings by the regulatory authorities could create a negative
image of the management, therefore it would dissuade corporate clients
and potential stakeholders to have or bring business to the organization.
 Damaged reputation among regulators would put the company in a
position of undue scrutiny.
 Since HSBC is a financial organization the reputational risk, would also
lead way to financial loss as well as possible litigation by the regulatory
authorities

5 Your presentation title goes here Restricted for company use only
 HSBC TECHNOLOGY AND SERVICES

  Financial Risk
 Financial risk is risk associated with the possibility of incurring a Financial loss due to the
non-adherence of regulations.
 Non adherence to Regulations would increase the Financial risks in the business as
mentioned below;
 Regulatory authorities penalizing the organization could demand increased capital due to
the increase in the overall business regulatory risks.
 Financial losses incurred during a penalty or fine by the regulators.
 Reputational loss due to non adherence could lead to financial losses.
 During the correctional period of a regulatory breach, the Management time and
resources spent implementing regulator's requirements could lead to Financial losses.
If an organization regulatory breach is public and or if the breach leads to a litigation,
significant losses via shares could be experienced

6 Your presentation title goes here Restricted for company use only
 HSBC TECHNOLOGY AND SERVICES

  Litigation Risk

 A litigation is a contest authorized by law, in a court of justice, for

the purpose of enforcing a right. A litigation risk is associated with
regulatory breaches pertaining the right (s) of a party dealing with
the organization.
 Non adherence to Regulations would increase potential Litigation
risks in the business as mentioned below;
 A breach ( or non-adherence) of a right specified to a customer,
client or corporate entity, could lead to litigation where the
organization ( or staff involved) would be penalized in a court of
justice.

7 Your presentation title goes here Restricted for company use only
 HSBC TECHNOLOGY AND SERVICES

Other Regulatory Risks

  Money Laundering Risk

8 Your presentation title goes here Restricted for company use only
 HSBC TECHNOLOGY AND SERVICES

Consequences of Non-adherence to regulations


Business Level

 Increased capital requirements

 Warning Letters
 Civil Penalties
 Criminal Penalties
 License suspension
 Operating License revocation.

Operation Level

 Possible fines or even prosecution

 Damaged reputation, lower new business
 Damaged relationship with the regulator
 Management time and resources spent implementing regulator's
requirements
 Intervention by regulator in the business
 Many possible (negative) impacts, on operations, depending on
regulators instructions

9 Your presentation title goes here Restricted for company use only
 HSBC TECHNOLOGY AND SERVICES

 Measures to Manage Regulatory Risks

• All processing staff who have direct contact with customers (either telephone or written) must be
aware of DSARs / Requests for Personal Information .

• Staff must, on first instance, be able to understand the nature of request and escalate immediately
as appropriate.

• If a verbal request is received, the customer needs to be asked to put this in writing or guided to
complete the DSAR / Requests for Personal Information request form available via the intranet.
http://letsconnect.systems.uk.hsbc/INT/repository.nsf/vw_title/E7675180293EDCFD80256E8A0055
7C79/$file/ProvInfo.pdf

• It is mandatory that all AMOs and above, be aware of this right and notice of a DSAR be escalated
to the LCO immediately.

• Where information is held on a system at a GSC site that is not accessible by the BP, staff must be
aware that they must search these systems when a request for information is made by the customer to
ensure all details are provided.

10 Your presentation title goes here Restricted for company use only