Complying with the Patriot Act is a top concern for boards of financial services firms, according to a survey of 210 board members conducted by PricewaterhouseCoopers at its 2005 Financial Services Audit Committee Forum, held last week in New York.
Sixty-five percent of those surveyed were audit committee members or chairs, who serve a crucial governance role in corporate oversight of compliance in today’s post-Sarbanes-Oxley world.
The Patriot Act, passed after the 9/11 terrorist attacks, requires financial services companies to enhance customer identification capabilities, monitoring systems, and suspicious activity reporting (SAR). The expanded obligations required by the Act, increasing scrutiny by regulators, stiff penalties paid by many institutions for non-compliance, and the increase in Suspicious Activity Report (SAR) filings, has made audit committee members particularly concerned about how their organizations manage compliance with the law.
When asked to rank their four top areas of concern from a range of challenges faced by boards of financial services institutions, the Patriot Act ranked higher than (in order of importance):
The first is, the disclosure of financial measures other than those prescribed by Generally Accepted Accounting Principles (GAAP). The reporting of non-GAAP measures adds a level of detail increasingly desired by investors, but raises concern among regulators over lack of uniform standards and potential for misleading information.
Next came the impact of a major US housing bubble burst on their organizations and the economy.
Third were the risks associated with off-shoring critical functions. Such risks might include remote compliance with regulations, the protection of intellectual property and related reputational risks.
And, lastly, the confidentiality of customer information.
“We are not surprised to see the range of concerns expressed by audit committee members about regulatory compliance,” said Timothy F. Ryan, leader of the US Financial Services Industry Practice of PricewaterhouseCoopers. “Requests for compliance training have doubled in the past two years. Fraud hasn’t doubled, but regulatory concerns have. Financial institutions live and die by their reputation and the confidence of the capital markets, so even an inadvertent compliance error can be devastating.”