A couple of weeks ago I was in Dubai delivering the first workshop of the International Diploma in Governance, Risk and Compliance. I always enjoy my experiences in Dubai, and it is rewarding for me to meet many compliance professionals with very different experiences from the UK.
The GRC course has a changed emphasis from the previous Compliance Diploma as it focuses more on the inter-relationships between governance, risk and compliance and we had interesting debates and discussions on the relevance and importance of ethics, integrity and values with a more localised view. It is fair to say there was a consensus that there is a lesser level of focus on the cultural / behavioural aspects of regulatory compliance when compared to that we are seeing in the UK currently.
It is significant to note, then, that the Dubai Financial Services Authority recently fined Deutsche Bank $8.4m for serious contravention of its regulations, including misleading the regulator, and for failures in its internal governance. This is a departure for the DFSA as historically any fines it has issued were related to market abuse, rather than for failures in regulatory procedures.
The Chief Executive of the DFSA, Ian Johnston, made it clear that it “expects firms to have governance systems and controls in place which encourage compliance with our rules and promptly identify and remedy any regulatory failings.”
This points to a move away from solely ensuring strict adherence to its rules and regulations and one towards considering the approach to GRC responsibilities. Does the company have governance arrangements in place? Do these governance arrangements enable the firm to identify the risks it faces? Is it possible to identify the solutions to the risks that it faces, and can strategic decisions be taken on how to manage these risks? Can the compliance function therefore assess the effectiveness of the solutions?
So, in summary, is the firm managed and controlled in an effective way so that risks of non-compliance are identified and dealt with appropriately? And this therefore is the emergence of the importance of taking a holistic view of GRC with the necessary emphasis being placed on cultural values, ethics, integrity and values.
You can find out more about the ICA International Diploma in Governance Risk and Compliance here.