Hi guys and welcome to our FinTech Friday features hosted by DX Compliance Solutions I'm Caren and I'm sitting here with Simon and today we'd like to discuss the JP Morgan got fined by the Irish banks Yeah, definitely. So The media in Ireland here have been quite, quite, clear about the fact that the central bank has fined JP Morgan for certain breaches in controls the part of their compliance regime Specifically right into the house source relationship so that all sorts think that they were doing okay I mean, yeah, I guess that's kind of confusing for a lot of people a lot of people are under the impression that They can outsource their activities which is true, but What you can't outsource? Is the liability and the responsibility to ensure that you're compliant? Okay, so why would you outsource your compliance? Yes, a lot of people outsource because one of the good well, one of the main reasons is cost you know and effort if you're a small company or if you have a very complicated business or if you want just to reduce, my pilot require then he all sorts to to try and keep things signal for yourself Okay and how ? like they need to control it somehow how they keep (?) that. Yeah well The you have two aspects so from the state side and the Rickey there is a clear expectation in a lot of regulate and a lot of Jurisdictions that you focus on asking for permissions, so you have to ask for permission prior to outsourcing or you have to at least inform the state in some jurisdictions That you are going to be outsourcing to give them at least the opportunity to make questions And what they are looking at as an authority is how you control it So what processes do you have in place? Do you do audits over than an outsourced party? Have you Really (?ted) this outsource, outsource, in (?) before you can check for the documentations of you Just you know, have you checked quality of their work? are they comply (?), they are what their staff so it's really a question of governance and structure and process Okay, umm , how would like the JP Morgan ask for permission on how do they (?) is there anything about that? Yeah so, as far as aware they did't ask for permisson. Prior to doing this which is not uncommon a lot of companies, especially From overseas aren't aware that they needed to do that especially if they have many of situates within Europe and even actually some, some, regulators do also expect that you even show And ask for permission where you are outsourcing to one of your own subsidiaries so there is quite a lot of- Quite a lot of issues around that sort of stay because many companies would assume that a subsidiary of theirs comes automatically You know, automatically within the internal, umm, definition. How come that such a huge, like such a huge company like JP Morgan is not aware of that It could be to be honest. It could be simply that it was, it was somehow overseen It could be that it was obviously in during a period of change to regulations that whether the regulations came in they weren't aware of the significance of what seemed maybe developed the time such a small flaws And it could simply be they assumed that it would, it would be okay so average has a slightly different different risk appetites towards this sort of approach, but I would I would assume that it somehow umm, will underestimated by. Would you would you recommend a company to outsource a compliance or which you say, know, but you keep it in your own company It's a good question and I think for some business models outsourcing certain aspects of the processes can be very very beneficial, For example? I guess (?) it's the typical part of the process would be the digital onboarding of your customers of the KYC aspect But I have also seen companies and work with companies, of course to outsource their transaction management process or even their entire Even their entire melero process to the person who's really accountable at the end of the day but It's with how to say whether I recommend it. It's very business about the business model specific and one thing is for sure that if you would had to grow and really grow as a company You will need a lot of this knowledge inside and if you completely outsource it those people are not always really invested in your business model where they are invest their own business model so you should always consider how you want to grow and how much knowledge we'll need To to really bring a full product offering tomorrow. Yeah Wouldn't a process take longer for example, if you have Transaction monitoring and the outsourcing company might raise a transaction until they get back to you until your their transaction That might be suspicious and you've done locked the account and stoped the transaction or how, how does not work To be honest, it all depends on the process that you have set in place. So in some processes you will have an instant thing which is the same as, is the same as that being in the same room as You are the same as that being the part of an internal department, but in other cases, of course Especially if the cost is an issue. You may not even get workers in different time zones workers in different countries and which Does come with its own form of risk? That's however, I would say it slightly more operational and risk as opposed to direct an (?) compliance twist It also of course has huge benefits. So if you if you do either source or even have a Subsidiary that's directly directly looking for you umm in Another country another time. So and then of course when it comes to certain aspects of your operations You'll have people making first decisions or second decisions Well, the other party is asleep. Essentially they wake up and you have and everything else is finished, you know, Yeah, there are different classes. Thinking about outsourcing compliance what would you like safe done like look at those facts before you decide? What is fear how would you make a decision about that? Definitely and some… It is a (?) questions. I think anyone who is working with banks closely umm As I deciding to banks or anyone who's in their sort of procurement department of a bank and it's closely in contact with their compliance department it's usually aware of a very strict process that these things going to go through and Is aware of the various control measures in place, and I think that's really where it comes down to it It's not don't focus so much about what they are doing for you Of course You need to make sure that all of those processes are as good if not better as the way you would do them in-house but what you need to think about is how do you ensure that so you need to you need to then become the Auditor of those processes make sure that you have full access make sure that you can turn up and do an on-site audit Whatever you need to make sure that they have appropriate controls in place to make sure that outside is kind of into the building Make sure that they trade that star property that they vector stuff properly, you know, there's no important there's no point in the outsource to the transaction monitoring process to somebody who doesn't, umm, Screen their new employees for a criminal activity or for potential criminal records. So you really need to think about these things, basically Ensure that you understand the risk of that relationship so those four risk analysis of that relationship and make sure you mitigate each of those risks and Have controls in place for each of those things. Okay, okay, thank you. Anything else? From your side on that topic? Yeah, I think just People it's quite often early in the early stages of business. Especially, you know we have a lot of child if I was coming to the market and We still see a lot of different FinTech models approaching So it's really important to start thinking about these things early It costs a lot less resource and an understanding to put in a strong governance structure a strong internal structure early on Then it does to start playing catch-up when you get twelve months only nine and that's that's thing we see a lot so you come in and you have to basically Unravel 24 months of mess, I mean, It cost a lot more, it cost a lot more. (??) Okay, perfect thank you Yeah, thank you guys for listening and watching We'll see you next week on Friday. Have a great weekend.