Patriot Act Poses Risk for U.S. Financial Institutions
October 11 2005
Complying with the Patriot Act is a top concern for boards of financial services firms, according to a survey of 210 board members conducted by PricewaterhouseCoopers at its 2005 Financial Services Audit Committee Forum, held last week in New York. Sixty-five percent of those surveyed were audit committee members or chairs, who serve a crucial governance role in corporate oversight of compliance in today's post-Sarbanes-Oxley world.
The Patriot Act, passed after the 9/11 terrorist attacks, requires financial services companies to enhance customer identification capabilities, monitoring systems, and suspicious activity reporting (SAR). The expanded obligations required by the Act, increasing scrutiny by regulators, stiff penalties paid by many institutions for non-compliance, and the increase in Suspicious Activity Report (SAR) filings, has made audit committee members particularly concerned about how their organizations manage compliance with the law.
When asked to rank their four top areas of concern from a range of challenges faced by boards of financial services institutions, the Patriot Act ranked higher than (in order of importance):
• The disclosure of financial measures other than those prescribed by Generally Accepted Accounting Principles (GAAP). The reporting of non- GAAP measures adds a level of detail increasingly desired by investors, but raises concern among regulators over lack of uniform standards and potential for misleading information.
• The impact of a major US housing bubble burst on their organizations and the economy.
• Risks associated with off-shoring critical functions. Such risks might include remote compliance with regulations, the protection of intellectual property and related reputational risks.
• Confidentiality of customer information.
"We are not surprised to see the range of concerns expressed by audit committee members about regulatory compliance," said Timothy F. Ryan, Leader of the US Financial Services Industry Practice of PricewaterhouseCoopers. "Requests for compliance training have doubled in the past two years. Fraud hasn't doubled, but regulatory concerns have. Financial institutions live and die by their reputation and the confidence of the capital markets, so even an inadvertent compliance error can be devastating."
Other findings of PricewaterhouseCoopers survey include:
• Board members said they continue to experience difficulty monitoring and assessing problem areas. The top four areas of concern in order of importance are: shareholder disclosure, sales practices, service provider oversight and revenue sharing.
• Almost half of board members surveyed said their compensation was not adequate given today's environment of increased regulatory scrutiny, with 29 percent saying their compensation does not adequately address the increased responsibilities they face as a board member. Eighteen percent said their compensation does not adequately address the time they spend on board-related matters. Sixteen percent said their compensation does not adequately address their increased risks and responsibilities. Only 35 percent of those surveyed said their compensation was sufficient
• When asked about the adequacy of their organization's insurance for company directors, one-quarter of those surveyed said they were examining their company's coverage if it were to face a major shareholder lawsuit. One-half feel their organizations have enough insurance in place, but 17 percent said they don't think their policies are sufficient to cover a large shareholder lawsuit. Nine percent said they are concerned about not having enough insurance in place to protect board members from being personally liable.
• Nearly two-thirds (65 percent) of board members indicated that they are spending less time on strategic business issues because of increased compliance demands required in the first year of Sarbanes-Oxley implementation. However, they also indicated they believe the Sarbanes- Oxley provisions have improved the effectiveness of the audit committee, giving them appropriate authority that once may have been resisted by management. Fully 83 percent of board members surveyed said they were now asking more questions of management during board meetings post- Sarbanes-Oxley.
• Board members said that both the direct costs of Sarbanes-Oxley compliance and associated lost opportunity costs to their organizations were significant in the first year. When surveyed about direct costs in year two compared to year one, nearly 37 percent expect costs to remain about the same, plus or minus 10 percent. Thirty-one percent expect a decrease in costs by 10 to 25 percent and 17 percent of board members expect a decrease of more than 25 percent. Fifteen percent of those surveyed expect an increase in costs of greater than 10 percent.
• When asked about benefit of new compliance rules to shareholders, only one out of 10 board members said the costs are justified. But, as one board member in attendance put it, "The cost of implementation was relatively cheap compared to the potential loss of confidence in our capital markets system, which ultimately is the biggest risk we all face and potentially the greatest cost of all."
Forum participants characterized the past two years as an intensive period of bringing their organizations into compliance with increased regulations, particularly Section 404 of Sarbanes-Oxley. While much of the work was done in year one, the real challenge, they said, will be sustaining a compliance culture and embedding Section 404 compliance into every layer of their organizations.
"The past few years have been challenging for boards, management and auditors alike, and in the financial services space, those challenges are even more significant because of the tremendous role the industry plays in the capital markets system," said Mr. Ryan. "PricewaterhouseCoopers is committed to working through these challenging times and helping the financial services industry continue to be leaders in corporate governance."
The annual PricewaterhouseCoopers Financial Services Audit Committee Forum, which this year drew record attendance by 350 executives and directors, is a two-day forum of discussion about the future of the financial services industry, best practices emerging from audit committee members and the major opportunities and challenges they face. The board members surveyed represent a cross-section of the financial services companies in the banking, capital markets, investment management, alternative investments, real estate and insurance sectors.