Managing risk and regulatory compliance
by Jack and Wolfi Large
Regulatory compliance and risk management are the two problem areas most likely to keep corporate treasurers awake at night. If they mess up on either they could lose their jobs. Some believe the regulatory compliance problems have been overcome.
The treasurer of a major manufacturing company recently said: “We solved our regulatory compliance and hedge accounting problems last year. We’re now back to solving real treasury problems.” But regulatory compliance is not going to fade into the background. Fulfilling the demand for extra data to prove compliance is part of the corporate treasurer’s life from now on. The issue is how to collect and process the necessary data.
Developments in regulations
Last summer, the International Accounting Standards Board (IASB) published IFRS 7, Financial instruments: Disclosures. This is the crystallization of the IAS39 requirements for the qualification of hedge accounting, and it defines the types of guidance to follow and the compulsory format of the information to be published: procedures, policies, reports, management strategies, objectives pursued, risks incurred, measurements of potential and other aspects. There are also concerns about the impact of IAS32 on notional cash pooling.
Corporate treasurers must be sure that the supplier systems they use are compliant with the SAS 70 type II standards, which specify that documentation of controls, and processes and systems, must be checked for compliance by an independent third party, such as Deloitte Touche Tohmatsu. This standard is widely recognized, because it represents that a service organization has been through an in-depth audit of their control activities, which generally include controls over information technology and related processes.
In today's global economy, service organizations or service providers must demonstrate that they have adequate controls and safeguards when they host or process data belonging to their customers. Also the requirements of Section 404 of the Sarbanes-Oxley Act of 2002 make SAS 70 audit reports even more important to the process of reporting on effective internal controls at service organizations.
Given the growing need for the full documentation of every deal and action in corporate treasury – and the fact that corporate treasurers are being asked to take on new responsibilities – it is no wonder that the use of corporate treasury management and other specialist systems is increasing.
There is some good news for corporate treasurers, though. In 2005 the IASB and the US Financial Accounting Standards Board (FASB) launched a convergence project to align national and international accounting and financial reporting standards. The aim of the project, which is encouraged by the European Commission, is to improve financial reporting overall, rather than remove every difference between the standards.
A development roadmap has been submitted to Brussels and is awaiting approval. The key impact of this joint development is that neither party will initiate new standards independently from now on. Unfortunately, any convergence they achieve will not cut the workload of corporate treasury departments; it will only eliminate unnecessary duplication in the future. At present, the work involved in complying with regulatory and accounting standards continues to grow.
Managing compliance and risk
Regulatory compliance is a culture that needs to be ingrained in every process in the corporate treasury department. Key criteria for judging a corporate treasury management system on compliance are whether or not it will:
cut complexity while increasing transparency;
find a solution that will not have adverse effects on the company’s business;
record and archive all data to provide evidence that the corporate treasury department is conducting its business to the letter of the law;
provide benchmark and peer comparison where necessary.
Corporate treasury departments are increasingly being asked to manage companies’ commodity exposure, for example to the price of oil, energy or raw materials such as wheat. The management of commodities is unlike other types of risk, such as in the foreign exchange market, primarily because there is relatively little market data on prices.
Craig Pirrong, energy markets director of the Global Energy Management Institute in America, says: “Using intuition and models taken off the shelf from other financial markets to understand and manage energy risks is like playing Russian roulette with an automatic.”
So it is not surprising that new specialist commodity management systems, such as Reval and Kiodex, have recently emerged. Kiodex a specialist systems provider claims its key differentiator is the in-house dedicated databases on the commodities market it provides. Several suppliers of general corporate treasury management systems are also developing commodity management modules to meet this demand.
The range of risks that corporate treasurers are being asked to manage is expanding with the addition of enterprise-wide risk and increasing focus on economic exposure. Risk management and compliance is probably the core function of the corporate treasury department today.
On the horizon
Suppliers and corporate treasurers all agree that the work involved in regulatory compliance is unlikely to decrease – it has become a permanent feature of corporate treasury.
They also agree that the importance of risk management will continue to grow. So what new demands and opportunities are on the horizon? Euromoney asked leading systems suppliers and consultants what they believe will be the key regulatory and risk management developments over the next one to two years. Their responses are given in the table below.