Regulatory Services & Risk Management

cutting through your questions
Helping clients navigate the complexities of operating in an evolving regulatory and global landscape.

DHG's Regulatory Solutions and Risk Management Practice assists financial services institutions in managing and implementing change driven by new regulations and strategic risk management objectives.  We deliver comprehensive compliance solutions to help ensure regulatory compliance, appropriate response to matters of non-compliance and integration into existing risk management frameworks. We work with Fortune 500 financial services institutions to evaluate risk management frameworks and processes and develop frameworks for new lines of business.

Regulatory Strategy & Response

Our Regulatory Solutions team is comprised of professionals with cross-functional experience that work with clients around the world to create solutions that align with unique business strategies, risk profiles and organizational cultures. We have deep market and industry knowledge that is enriched by our position as a trusted advisor to many global banks, insurers and asset managers.

Asset Management and Broker-Dealer

Conversion from Weekly Rule 15c3-3 Computations to Daily Computations

The reserve computation is performed weekly to identify customer related payables and receivables, when payables exceed receivables, the amount is reserved in a special bank account that is to be used exclusively for the benefit of customers. The weekly computation along with possession or control requirements is intended to protect customer assets. Due to the fluctuation of the markets and the variability of customer activity, performing a weekly computation could leave the broker dealer in the position of having to self-fund the reserve requirements in the seven day period between the computations. Due to this potential liquidity issue, many firms would like the ability to perform the computation on a more frequent basis so as to have the reserve deposits more closely represent the net customer payables. The process for computing the weekly reserve requirement is scaled based on client complexity, but typically involves several staff members gathering and analyzing data to explain variances and consolidating into a computation schedule. The process not only involves the regulatory reporting staff but various groups within brokerage operations. These computations are thoroughly examined by the regulators and under new SEC requirements, any shortfall in the amount reserved would be noted in the firm’s annual financial statement filings.

DHG can help firms convert from weekly to daily computations by:

  • Improving the efficiency of the computation process by adding optimal data management methods
  • Implementing controls to support accuracy in the computation
  • Radically reducing handling/cycle times for the tasks
  • Increasing employee engagement through education and heightened awareness of applicable regulatory requirements.
Consulting, Interim Staffing, Review of Net Capital, Review of Customer Reserve Computations, Merger & Acquisition Conversions and Staff Support

An efficient Regulatory Reporting Group can save your firm time and money. Staffing of open positions can take months and special projects often leave regulatory groups with interim staffing needs. By having knowledgeable interim resources available to your firm, you can feel assured that the regulatory requirements are being satisfied while your permanent staff are consumed working on firm initiatives.

DHG can help firms with performing regulatory functions by:

  • Providing knowledgeable “hands on” interim staffing to perform regulatory tasks
  • Training new and existing staff on performing tasks
  • Reviewing processes to provide guidance on regulatory compliance weaknesses and/or gaps and making recommendations for process improvements.
Rule 17a-5 Regulatory Controls

During 2013, the SEC released amendments to Rule 17a-5 which require a carrying broker dealer to file a compliance report with their annual financial statements. The compliance report states that the firm was in compliance with certain financial responsibility rules that deal with customer protection and adequate capitalization of the broker dealer. The firm’s independent auditor must examine certain statements in the compliance report to ensure accurate representation.

DHG can help firms comply with the new requirements by:

  • Using our experience in the Rules to help firms develop and implement controls to facilitate compliance with the requirements.
  • Implement processes to maintain the control structure and perform periodic testing to verify validity
  • Provide training to broker dealer staff on the requirements to aid compliance.
Process Implementation

In most change initiatives, organizations often create a team of subject matter experts that will define or re-define how work processes will be performed. The new/revised process will then be communicated to employees to “own” and bring about the results anticipated. While many organizations have the subject matter experience to perform the new functions, they may lack the ability to effectively manage the implementation of the new/revised process.

DHG can help firms implement new/revised processes by:

  • Providing thorough project management structure which establishes a viable and executable plan and status reports. The project plan identifies project objectives, results, known challenges, dependencies, tasks, milestones, ownership and target completion dates.
  • Documenting processes and controls through detailed process flows, procedures, job-aids and/or other reference material
  • Training staff on the requirements of the new/revised process.
Policies and Procedures

A policy documents a guiding principle for an organization such as an Enterprise Risk Management Policy which would describe the overall enterprise framework and risk strategy. A procedure is a “how to” document which explains the necessary steps that should be followed to complete a task. A procedure answers the questions of what is the process and how the process is completed. Written documentation allows for consistent treatment across the organization and also helps to create an internal control framework. The internal controls, along with periodic control effectiveness testing, provide management with assurance that the firm’s objectives are being met.

DHG can help firms develop policies and procedures by:

  • Creating a policy and procedure framework (i.e., consistent format that is used throughout the organization, policy and procedure inventory, establishing a review cycle, review and approval authorities, etc.)
  • Reviewing and providing recommendations for policy/procedure improvements (regulatory gaps, control gaps, escalation process, handling policy/process exceptions, etc.)
Training and Education

In the brokerage industry, formal training and education programs exist for stock brokers. Outside of the formal registered representative training programs, many firms have a need to train employees on regulations and brokerage processes that are critical to the firm.

DHG can help firms train and educate employees by:

  • Developing specific learning objectives that foster employees understanding of the regulations.
  • Customizing training to each firm including using the brokerage systems to comply with requirements.
  • Creating documentation that can be used outside of the formal class room sessions
  • Providing a consistent methodology of training for the entire organization.

Basel Regulatory Framework

Clients rely on DHG’s Regulatory Services practice for team-approached expertise in the implementation of the Basel Regulatory Framework. Our vast experience within the regulatory field, as well as in finance process and transformation, helps our clients confront the inevitable application of complex regulations into institutional technology infrastructure.

DHG guides clients through the implementation of amendments and clarifications from regulators creating achievable strategies. Core services in the Basel Regulatory Framework space include:

  • Business Requirements Development
  • Governance
  • Model Documentation
  • Process Implementation/Remediation
  • Subject Matter Expertise Experience at Fortune 50 Banks

Serving a diverse group of financial services institutions, DHG’s familiarity with key stakeholders of the Basel Regulatory Framework within banking organizations of all sizes enables our team to offer a comprehensive cross-functional solutions tailored to each of our clients.

BSA / AML and OFAC Compliance

DHG’s Bank Secrecy Act (BSA)/Anti-Money Laundering (AML) and Economic Sanctions advisory services can help companies within the financial services industry comply with regulatory expectations, identify money laundering risks within their organizations and ensure they have an effective and robust AML and Office of Foreign Assets Control (OFAC) program in place to combat money laundering and terrorist financing. DHG’s BSA/AML and OFAC advisory services team can assist your organization with:

  • Compliance Program Assessments
    DHG offers independent risk assessments designed to help identify gaps in areas that need improvement to be compliant with the FFIEC BSA AML Exam Manual. We can also assist in implementing changes to remediate the identified gaps. Our experienced consultants can conduct the assessment and provide resources for implementing recommended actions.
  • Policies and Procedures
    Policies and procedures must meet two goals: (1) remain current with changing regulations and industry best practices; and, (2) be accessible to and used by employees in all lines of defense. DHG can help you assess the current state of your policies and procedures and design the enhancements you need for this critical component of your BSA/AML and OFAC compliance programs.
  • Money Laundering Investigations
    DHG can help your company conduct historical transaction reviews in response to inquiries from your respective regulator, perform extensive reviews of transactions, identify recommendations related to suspicious activity, and assist in Suspicious Activity Report (SAR) preparation.
  • Independent Testing
    DHG can help you meet your obligation to conduct annual independent testing of your BSA/AML and OFAC programs. We have consultants with experience in tailoring an effective testing program, testing in a constructive way and documenting the results in a manner that promotes program improvement.
  • Training
    DHG can provide customized training materials, and deliver the training to senior executives, senior management and employees on topics ranging from compliance with regulatory requirements, emerging risks, and trends within the industry.

Liquidity Standards

In the aftermath of the global financial crisis, liquidity regulation and risk management has become a key area of focus for financial institutions. Under Basel III, new liquidity requirements include the Liquidity Coverage Ratio and Net Stable Funding Ratio, as well as specific metrics for monitoring and reporting. In addition, the Federal Reserve’s Comprehensive Liquidity Analysis & Review (“CLAR”) has become part of prudential regulation which includes a detailed liquidity stress test and analysis.

DHG can help clients navigate through the increased complexity and additional regulatory requirements to meet Liquidity regulatory requirements. Core services in the liquidity area includes:

  • Corporate Governance
  • Gap Analysis and Recommendations
  • Internal Controls
  • MRA / MRIA Remediation
  • Policies and Procedures Development
  • Process Implementation

Serving a diverse group of financial institutions, DHG’s familiarity with key stakeholders in Treasury, ALM and liquidity risk management within banking organizations of all sizes enables our team to offer comprehensive cross-functional solutions tailored to each of our clients.

MRA / MRIA Response and Remediation

When a regulatory examination Supervisory Letter is issued to a financial institution a response is required generally within 30 business days. Through prudent regulatory examination management any regulator identified issues should be known, analyzed and interim mitigating action identified well before the receipt of the Supervisory Letter. DHG Risk Advisory services can clients with Matters Requiring Attention (“MRA”) and/or Matters Requiring Immediate Attention (“MRIA”) by:

  • Regulatory Response Process Development
  • Issues Analysis, Severity and Action Plan Development
  • Response Letter Process Development
  • Training

Own Risk and Solvency Assessment (ORSA)

Our team is made up of seasoned risk management professionals that have hands-on experience implementing the various ERM processes needed for ORSA compliance. We combine risk management, actuarial and insurance know-how to deliver tailored risk management solutions to our clients. We offer the following services to assist in ORSA preparations, ERM implementation reports and ORSA Summary Report development:

  • Capital Modeling Framework
  • ERM Implementation Support
  • ORSA Readiness Assessment
  • ORSA Summary Report Drafting and Review
  • Regulatory Feedback Response
  • Risk Appetite Statement Development
  • Risk Culture and Governance Development
  • Risk Identification and Assessment
  • Risk Policy Development
  • Stress Testing and Scenario Analysis

Vinn Diagram of orsa communication strategy

Recovery and Resolution Planning

Recovery and resolution planning has become a critical component in the macro and micro-prudential regulation of large banking organizations and Non-Bank SIFIs. The recovery and resolution plans (RRPs) developed by these companies provides regulators, and other stakeholders, information related to how a company would persevere through a severe stress or be unwound in an orderly way, if recovery was not achievable. The RRP process is highly complex and includes collecting and analyzing data points related to the company’s business, organizational structure and operations across the organization, analyzing their interconnectivity and creating a plan that addresses the challenges to recovery or resolution that these interconnections create.

DHG has hands-on experience assisting clients in designing, implementing and assessing RRP frameworks. DHG assists organizations with the following services (non-exhaustive):

  • Data collection
  • Firm-wide communication planning
  • Gap analysis & remediation
  • Governance process
  • Internal audit outsource / co-source
  • Legal entity analysis and restructuring
  • MRA / MRIA response
  • Project management Recovery and resolution plan drafting
  • Resolution plan scoping and planning
  • RRP remediation activities
  • SLA review

Prudential Regulation Infographic

Regulatory Readiness Reviews and Exam Prep

Financial Regulators are charged with conducting examination (and on-going monitoring) of financial institutions to assess safety and soundness, risk program effectiveness, compliance with applicable laws and regulations and adequacy of corrective actions. DHG can help clients manage regulatory exams through the completion of readiness reviews and exam prep, specifically:

  • Design institution/line of business specific Readiness Assessments
  • Establish a Regulatory Exam Management Process

Regulatory Reporting

The Regulatory Reporting requirements for financial institutions have increased in this post-2008 financial crisis environment, and have become a more heightened area of focus. The Dodd-Frank Act initiated more stringent and granular reporting requirements.

DHG can help clients navigate through the increased complexity of Regulatory Reporting requirements that align with Best Practices set forth by the Federal Reserve. Core services in the Regulatory Reporting line of service include:

  • Data Quality and Accountability
  • Examination Preparation
  • Governance
  • Internal and External Audit Preparation
  • Internal Controls
  • MRA / MRIA Remediation
  • Policies and Procedures Development
  • Process Implementation/Automation
  • Quality Assurance Program
  • Regulatory Reporting Software Implementation
  • Report Preparation
  • Training

Serving a diverse group of financial institutions, DHG’s familiarity with key stakeholders of Regulatory Reporting organizations within a variety of banks enables our team to offer comprehensive cross-functional solutions tailored to each of our clients.

Risk and Control Assessments

An effective and robust risk and control assessment process (“RCA”) is crucial to the sustainability of any line of business within a financial institution. DHG has experience in the design and execution of risk and control assessments and works with clients to embed RCA into firm’s governance, risk and compliance framework.

DHG RCA services include:

  • RCA process development
  • RCA integration with GRC framework
  • RCA reporting

Stress Tests and Capital Planning (CCAR/DFAST)

DHG provides a comprehensive suite of stress testing and capital planning services to our financial services clients. We have direct experience in assisting large, global organizations in developing strategic and tactical solutions to address the multi-faceted requirements stemming from the Federal Reserve Comprehensive Capital Analysis & Review (CCAR) and Dodd-Frank Act Stress Test (DFAST) regulations. Our team members have executed engagements across all components of the capital management and stress testing processes and have deep experience in understanding the requirements and expectations for CCAR and DFAST.

DHG Stress testing and capital planning service offerings include (non-exhaustive):

  • Business requirement drafting
  • Capital plan drafting
  • Financial forecasting development framework
  • Gap analysis & remediation
  • Governance framework development / Review and challenge process
  • Internal audit
  • Model documentation
  • Model validation
  • MRA / MRIA response & remediation
  • Policy development
  • Program / project management
  • Risk management framework development
  • Stress testing process and procedural documents

Risk Management

Every entity faces challenges and unknown factors that may negatively impact value to their stakeholders. A comprehensive Risk Management Program is one discipline that enables management to effectively handle the uncertainty and opportunities that arise during the course of meeting entity objectives. Generally, Risk Management is an iterative strategic process which occurs across an entity for identifying, assessing, prioritizing, remediating and managing different types of risks. DHG Risk Advisory services provides industry specific experience in the following components of Risk Management.

Analytics and Reporting

Companies are increasingly looking to tap the potential of data and advanced analytics to drive innovation, identify opportunities, develop strategy, and manage risks. One of the key requirements to enable the use of comprehensive business analytics is to present it in a way that is understandable and actionable. This is often done through detailed reporting dashboards that provide information in a structured way. Selecting the appropriate information and the most impactful way of portraying that information is critical in optimizing data and advanced analytics. DHG can assist your organization in the following analytics and reporting areas:

  • Identification and definition of Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs)
  • Reporting dashboard development
  • Detailed reporting and analytic packages
  • Board and committee reporting assistance
  • Analytics and metric interpretation and strategy

Want to learn more? See our publication on Using Analytics and Reporting to Strategically Manage Cost

Model Risk Management

Supervisory expectations have evolved with an enhanced view of what constitutes strong model risk management practices. Regulators and other external stakeholders have a keen interest in understanding the methods companies have used to assess their models’ performance, particularity as it relates to accuracy and controls. DHG provides comprehensive model risk management services to clients including:

  • Model governance & program design
  • Model risk management policies & procedures
  • Model validation services

Model validation is not a one-size-fits-all type methodology

Model validation must comply with regulations established by the Federal Reserve (SR 11-7) and the Office of the Comptroller of the Currency (OCC 11-12). A good model risk management program starts with a sound model validation plan that is compliant with regulations but specific to your company. Our professionals take a tailored approach when addressing your needs, encouraging client feedback and communication in order to develop a customized validation program, which includes:

  • Identify model risks
  • Design validation test plan
  • Perform validation activities
  • Document and recommend remediation actions
  • Issue report and guidance

Whether a model relates to stress testing, allowance for loan and lease losses, credit scoring, tax provision, anti-money laundering (AML), and the list goes on, the importance of a sound model risk management and validation program is essential in today’s environment. DHG’s model validation team is comprised of highly credentialed consultants with extensive knowledge of both the financial services industry as well as the regulatory framework and environment. Read More

Risk Appetite Statement, Identification and Prioritization

Risk appetite statements guide organizations in the amount of risk they want to take in order to achieve their business goals and is a key element of a comprehensive risk management program. Comprehensive risk appetite statements provide direction to risk takers as to the level of risk company stakeholders are willing to accept and often implement this direction through clear limits and tolerances for risk. Due to the complexity of setting such a framework and the linkage between risk appetite and corporate strategy, organizations have focused on the development of robust and transparent risk appetite frameworks and are deliberate when setting such risk boundaries. DHG provides a comprehensive suite of risk appetite statement services to support financial institutions efforts in developing strong risk management practices. Our team has hands on experience in assisting companies specifically in risk appetite statement development and can assist your organization in the following ways:

  • Risk appetite statement drafting
  • Development of limits and tolerances (quantitative and qualitative)
  • Establishment of process for setting risk appetite statement
  • Identifying and clarifying linkages between risk appetite and strategy setting or other key business processes

Risk Governance and Organization

As the economic and regulatory environments continue to evolve, it has become increasingly important for institutions to clearly articulate, to both regulators and investors, their risk governance and organizational frameworks. Specifically, institutions need to be able to articulate and demonstrate the accountability and clarity around roles and responsibilities for the company’s key processes. DHG recognizes the need for adequate governance principles and is prepared to help design and implement valuable governance tools throughout the organization. With our comprehensive understanding of what our clients need, and years of deep industry experience, DHG can help you:

  • Develop enterprise-wide risk governance frameworks that set the risk strategy and culture across the organization
  • Outline detailed roles and responsibilities for key elements of the governance framework including committees and key employees
  • Designing and detailing committee governance frameworks and roles and responsibilities for key processes
  • Draft committee charters
  • Understand and document responsible, accountable, informed and other roles for key business and risk processes

Risk Policy Development and Implementation

A successful risk management program is well planned and well documented. As the second line of defense, risk management must provide a strong roadmap of policies and procedures to enable day-to-day risk managers to comply with the risk guidelines and practices set by the company. DHG works closely with our clients to evaluate the sufficiency of internally developed policies and procedures for completeness and accuracy of the following:

  • Scope of policy coverage
  • Definitions and purposes
  • Practical guidance and actionable requirements
  • Alignment with corporate policy methodology
  • Development of procedures consistent with developed policies and company operations

Vendor Management

Vendor management is a multi-functional process involving elements of the IT, legal, compliance, risk management departments and the service line leader.

Risks from vendors and suppliers pose a significant challenge to businesses today and effective vendor management is key to an organization’s success. This is especially true for highly regulated industries such as financial services and healthcare.

DHG’s Vendor Management Services offers full turnkey third-party program development, including standardization and documentation of processes, policies and controls. Our services address business needs and regulatory compliance, helping to maximize opportunities leveraging third parties and minimize the significant and costly risks that are part of vendor management.

Risk Assessment
  • Develop or review vendor identification and classification system
  • Evaluate risk rating criteria (financial impact, operational reliance, reputation risk, regulatory exposure, access to sensitive data, etc.)
  • Identification of critical vendors
Vendor Selection Process
  • Due diligence (security, privacy, performance, and financial condition)
  • Assessment of potential vendors through development of framework utilizing ROI, IRR, NPV and payback periods
  • Vendor negotiations and strategic sourcing processes
  • Supplier Diversity programs
Contract Management
  • Contract structuring and review
  • Contract tracking processes
  • Centralization of documents
  • Assistance with technology selections
Governance and Relationship Monitoring
  • Organizational design
  • KPI development of key metrics
  • Reporting dashboard development to drive change in vendor pricing, employee behavior and KPI movement
  • Management of cost reduction, pricing analysis, benefits validation and spend analysis
  • Gap analysis on the procurement process and vendor management process to identify operational efficiencies and financial controls
Audit Assistance
  • Vendor Management audit program development
  • Contract Management analysis
  • SOC 1 and SOC 2 reporting
  • Policy and procedures compliance reporting
  • Site visits to third party vendors

Knowledge Share

Webinar Recordings