In recent years, the regulatory and governance framework in
financial services organisations has become increasingly complex. A
key area of focus has been in the area of remuneration structures,
policies and processes, where there has been a significant amount
of regulatory development.
Banking and Asset Management (including Private Equity and
Take a look at the banking sector for example. A few years ago,
the remit of an internal audit of remuneration was limited to
payroll and checking that monthly debits on the master payroll tied
up with amounts paid to staff and changes to the master payroll
were initialled by the financial controller. Fast forward to now
and the banking sector is faced with a myriad of remuneration
regulatory requirements, which place obligations not only on the
reward function, but also the internal audit function.
A number of remuneration regulations include a requirement for
an independent review of remuneration policies, procedures and
implementation. For Banking and Asset Management, a review of the
implementation of remuneration policy and procedures is required
under CRD IV, AIFMD and now UCITS V.
These Remuneration Codes require that "a firm must ensure
that the implementation of the remuneration policy is, at least
annually, subject to central and independent internal review for
compliance with policies and procedures for remuneration adopted by
the governing body in its supervisory function".
What about insurance?
Under Solvency II, the EIOPA Guidelines on system of governance
make it clear that firms should ensure:
an overall consistency of the group's remuneration policies
by ensuring that they comply with the legal requirements and by
verifying their correct application;
that all firms within the group comply with the remuneration
that material risks at group level linked to remuneration
issues in the group entities are managed.
So what does this mean?
It is important that firms undertake a central and independent
annual review of remuneration policies and procedures. Internal
audit should plan to provide assurance over the rigour and
robustness of this annual review where it is being performed by
another function in the organisation. In practice, the actual
annual review is commonly being undertaken by internal audit. All
firms are subject to this requirement as it is not subject to
proportionality. It is likely that ensuring compliance in
this area will become an increased area of focus for the
There are three key areas for any internal audit review of
Design – Review of the current
remuneration policies to ascertain if they comply with the
regulatory framework. This includes all remuneration policies such
as new hires, terminations, Material Risk Taker identification,
malus and clawback and variable pay, as well as governance and
Implementation – review of the
implementation of remuneration policies across the group to ensure
that the processes and procedures underpinning the remuneration
policy are effective and robust
Future – review of the firm's
readiness for future regulatory changes
To meet the requirements, it is important to develop a robust
methodology for all the key areas for review.
There is a requirement on Banks and Asset Managers to undertake
a central and independent review of their remuneration policies and
procedures and the implementation of these annually. There are
similar, but not identical, requirements for Insurance firms too.
Some of the key areas for review include the remuneration policy,
the Remuneration Committee and Governance framework, and
disclosure. For some time, these requirements are not new and it is
likely that compliance with them will become a growing area of
focus for the regulator. To avoid falling short of their
obligations, it is important that firms consider this as part of
their internal audit work plan for 2017 and annually
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
On March 7, 2017, it will be one year since the U.K. Financial Conduct Authority's senior managers and certification regime came into force, heralding a new era of personal accountability in the financial sector.
On January 31, 2017, the FCA published a final notice issued to Deutsche Bank AG and fined the bank Ł163 million for failing to maintain an adequate AML control framework between January 1, 2012 and...
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).