Najjar ... coping with regulatory updates is a top concern.
Mena businesses ‘lacking in cyber security policy’
ABU DHABI, January 26, 2016
Two thirds of businesses in Mena do not have a cyber security or technology policy in place, while only 14 per cent are confident that technology is appropriately applied, according to a new report.
Thomson Reuters, the world's leading source of intelligent information for businesses and professionals, today (January 26) released the 2nd Middle East and North Africa (Mena) Financial Crime Report in collaboration with Deloitte at 10th GCC Regulators Summit.
According to the findings, about 50 per cent of respondents have significantly increased their compliance spending over the last two years and 52 per cent expect a significant increase in compliance spending in the next two years. More than 39per cent prioritize business change and reorganization investment over technology and training. Only 7per cent have complete confidence in their compliance policies, while 44 per cent fear over-reliance on Technology.
In respect to sanctions policy, more than 40 per cent of respondents confirmed that they do not have a sanctions policy in place.
Nadim Najjar, managing director, Mena, Thomson Reuters, said: “From the responses, we identified five key themes including tone at the top of corporations, increasing investment in sophisticated technology solutions, reorganizing processes, decrease in confidence programs and stalled policies.”
“While it is encouraging to see Mena organizations moving forward in attempt to align themselves with international best practice, from the responses to the survey, it appears that a full understanding of the requirements of tone from the top is not yet realized, and more needs to be done to translate this concept into practice.
“It requires careful management of relationships with those in senior executive positions, as well as good communication throughout the organization. With the overwhelming amount of regulatory updates and the stepping up of global enforcement activity, gaining the support at every level of the organizational hierarchy will become crucially important for compliance success,” he added.
“If the speed and volume of regulatory change is causing some anxiety amongst respondents, it is understandable. In 2008, there were 8,704 regulatory alerts – in 2015, that figure has jumped dramatically to over 43,000 alerts, or one every 12 minutes. It is no surprise, therefore, that while last year the most pressing concern was maintaining training and awareness, followed by securing support from management and the increasing costs, this year’s top concern is coping with regulatory updates,” Najjar explained.
He pointed out that the report confirms that there is an emphasis on investing in new processes rather than training or communication between leadership and employees, both essential factors in creating a proper tone at the top. There is a real need to increase communication between management and staff in order to raise awareness is seen as the highest priority over the next two years.
“We expect to see a difference in approach to governance in the near future. We know that with the increased focus on personal liability for senior officers there is likely to be a shift in the emphasis of good governance and executive accountability,” Najjar added.
Humphry Hatton, CEO, Deloitte Corporate Finance Limited, (regulated by the Dubai Financial Services Authority), said: “This year’s follow up to the benchmark study on financial crime in the region lays bare the major gap that currently exists between the current state of financial crime compliance and where it needs to be. There is clearly no cause for complacency when only 7per cent of respondents say they have complete confidence in their compliance policies and only 14per cent are confident that their technology is appropriately applied.”
“Equally concerning is that two-thirds of respondents say they do not have a cyber security or technology policy, given the growing risks in this area. This report therefore supports the view that significant further investment in financial crime compliance is required in the region in areas such as technology, training and skills,” he added.
Osman Sultan, chief executive officer, Du, said: “The world has never stopped changing and now we are moving to the digital and the fourth revolution phase. New business players are creating new business models and digital disruption is forcing players to reinvent their business models. Users are becoming the creators of the content. New ecosystems mean new conversations and new regulations. Today, regulators should have the right balance between intellectual copy right and the digital advancement.”
Phil Cotter, managing director, Risk, Thomson Reuters, said: “In our special report The State of Regulatory Reform 2016, we highlighted that the focus for the coming year for regulators globally would be on strengthening Anti Money Laundering & Know Your Customer regulations, personal responsibility for senior managers, cybercrime, and the rise of FinTech.”
“These are just some of the challenges that both regulators and financial services organizations will face over the coming 12 months. This coupled with the continuing extra –territorial scope of regulations such as the new EU Data Protection Directive will place an increasing burden on regulators and financial organizations to keep pace with the rate of change and to ensure that their systems, processes and people are up to the task of remaining compliant,” he added.
Cotter pointed out that developing markets and international trading centers present a further challenge as they attempt to balance the demands of global & local regulations with the need to grow their local economies. – TradeArabia News Service