Category: Compliance Programs

Sovereign Wealth Funds That Are Part of the IWG and Santiago Principles

The following sovereign wealth funds are part of the Internal Working Group of Soverign Wealth Funds and the Santiago Principles:

Australia
The Future Fund

Azerbaijan
State Oil Fund of the Republic of Azerbaijan

Botswana
Pula Fund

Canada
Alberta Heritage Savings Trust Fund

Chile
Economic and Social Stabilization Fund / Pension Reserve Fund

China
China Investment Corporation

Ireland
National Pensions Reserve Fund

Korea
Korea Investment Corporation

Kuwait
Kuwait Investment Authority

Libya
Libyan Investment Authority

New Zealand
New Zealand Superannuation Fund

Norway
Government Pension Fund-Global

Qatar
Qatar Investment Authority

Russia
Reserve Fund
National Wealth Fund

Singapore
Temasek Holdings Pte. Ltd.
Government of Singapore Investment Corporation Pte. Ltd.

Timor Leste
Petroleum Fund of Timor-Leste

Trinidad and Tobago
Heritage and Stabilization Fund

The United Arab Emirates
Abu Dhabi Investment Authority

The United States
Alaska Permanent Fund

[IWG Member Sites]

The Santiago Principles

The International Working Group of Sovereign Wealth Funds created a set of 24 best practices called the Generally Accepted Principles and Practices (GAPP) or the Santiago Principles:

  • GAPP 1. Principle
    The legal framework for the SWF should be sound and support its effective operation and the achievement of its stated objective(s).

    • GAPP 1.1 Subprinciple The legal framework for the SWF should ensure the legal soundness of the SWF and its transactions.
    • GAPP 1.2 Subprinciple The key features of the SWF’s legal basis and structure, as well as the legal relationship between the SWF and the other state bodies, should be publicly disclosed.
  • GAPP 2. Principle
    The policy purpose of the SWF should be clearly defined and publicly disclosed.
  • GAPP 3. Principle
    Where the SWF’s activities have significant direct domestic macroeconomic implications, those activities should be closely coordinated with the domestic fiscal and monetary authorities, so as to ensure consistency with the overall macroeconomic policies.
  • GAPP 4. Principle There should be clear and publicly disclosed policies, rules, procedures, or arrangements in relation to the SWF’s general approach to funding, withdrawal, and spending operations.
    • GAPP 4.1 Subprinciple The source of SWF funding should be publicly disclosed.
    • GAPP 4.2 Subprinciple The general approach to withdrawals from the SWF and spending on behalf of the government should be publicly disclosed.
  • GAPP 5. Principle
    The relevant statistical data pertaining to the SWF should be reported on a timely basis to the owner, or as otherwise required, for inclusion where appropriate in macroeconomic data sets.
  • GAPP 6. Principle
    The governance framework for the SWF should be sound and establish a clear and effective division of roles and responsibilities in order to facilitate accountability and operational independence in the management of the SWF to pursue its objectives.
  • GAPP 7. Principle
    The owner should set the objectives of the SWF, appoint the members of its governing body(ies) in accordance with clearly defined procedures, and exercise oversight over the SWF’s operations.
  • GAPP 8. Principle
    The governing body(ies) should act in the best interests of the SWF, and have a clear mandate and adequate authority and competency to carry out its functions.
  • GAPP 9. Principle
    The operational management of the SWF should implement the SWF’s strategies in an independent manner and in accordance with clearly defined responsibilities.
  • GAPP 10. Principle
    The accountability framework for the SWF’s operations should be clearly defined in the relevant legislation, charter, other constitutive documents, or management agreement.
  • GAPP 11. Principle
    An annual report and accompanying financial statements on the SWF’s operations and performance should be prepared in a timely fashion and in accordance with recognized international or national accounting standards in a consistent manner.
  • GAPP 12. Principle
    The SWF’s operations and financial statements should be audited annually in accordance with recognized international or national auditing standards in a consistent manner.
  • GAPP 13. Principle
    Professional and ethical standards should be clearly defined and made known to the members of the SWF’s governing body(ies), management, and staff.
  • GAPP 14. Principle
    Dealing with third parties for the purpose of the SWF’s operational management should be based on economic and financial grounds, and follow clear rules and procedures.
  • GAPP 15. Principle
    SWF operations and activities in host countries should be conducted in compliance with all applicable regulatory and disclosure requirements of the countries in which they operate.
  • GAPP 16. Principle
    The governance framework and objectives, as well as the manner in which the SWF’s management is operationally independent from the owner, should be publicly disclosed.
  • GAPP 17. Principle
    Relevant financial information regarding the SWF should be publicly disclosed to demonstrate its economic and financial orientation, so as to contribute to stability in international financial markets and enhance trust in recipient countries.
  • GAPP 18. Principle
    The SWF’s investment policy should be clear and consistent with its defined objectives, risk tolerance, and investment strategy, as set by the owner or the governing body(ies), and be based on sound portfolio management principles.

    • GAPP 18.1 Subprinciple The investment policy should guide the SWF’s financial risk exposures and the possible use of leverage.
    • GAPP 18.2 Subprinciple The investment policy should address the extent to which internal and/or external investment managers are used, the range of their activities and authority, and the process by which they are selected and their performance monitored.
    • GAPP 18.3 Subprinciple A description of the investment policy of the SWF should be publicly disclosed.
  • GAPP 19. Principle
    The SWF’s investment decisions should aim to maximize risk-adjusted financial returns in a manner consistent with its investment policy, and based on economic and financial grounds.

    • GAPP 19.1 Subprinciple If investment decisions are subject to other than economic and financial considerations, these should be clearly set out in the investment policy and be publicly disclosed.
    • GAPP 19.2 Subprinciple The management of an SWF’s assets should be consistent with what is generally accepted as sound asset management principles.
  • GAPP 20. Principle
    The SWF should not seek or take advantage of privileged information or inappropriate influence by the broader government in competing with private entities.
  • GAPP 21. Principle
    SWFs view shareholder ownership rights as a fundamental element of their equity investments’ value. If an SWF chooses to exercise its ownership rights, it should do so in a manner that is consistent with its investment policy and protects the financial value of its investments. The SWF should publicly disclose its general approach to voting securities of listed entities, including the key factors guiding its exercise of ownership rights.
  • GAPP 22. Principle
    The SWF should have a framework that identifies, assesses, and manages the risks of its operations.

    • GAPP 22.1 Subprinciple The risk management framework should include reliable information and timely reporting systems, which should enable the adequate monitoring and management of relevant risks within acceptable parameters and levels, control and incentive mechanisms, codes of conduct, business continuity planning, and an independent audit function.
    • GAPP 22.2 Subprinciple The general approach to the SWF’s risk management framework should be publicly disclosed.
  • GAPP 23. Principle
    The assets and investment performance (absolute and relative to benchmarks, if any) of the SWF should be measured and reported to the owner according to clearly defined principles or standards.
  • GAPP 24. Principle
    A process of regular review of the implementation of the GAPP should be engaged in by or on behalf of the SWF.

There is also a Full Report on the Santiago Principles (.pdf).

Policy Lifecycles

Sumner Blount of CA puts together his thoughts on the lifecycles of policies:Policy Lifecycles: The Foundation for a Unified GRC Approach.

As you can easily see, it’s a constant feedback loop, where policies are devised, controls are created and tested, and risks adjusted based on the success of those controls.

Politically Exposed Person

Politically Exposed Person “PEP” is a person who may be or recently acted in the political arena of a country or has held a position in the recent past. These individuals must be tracked by financial institutions as they pose potential risk.

PEP-specific compliance legislation underlines the link between corrupt politicians, money laundering and the financing of terrorism. More than 100 countries have changed their laws related to financial services regulation, with the fight against political corruption playing a foundational role.

The Financial Action Task Force (FATF) definition of a Politically Exposed Person:

  • current or former senior official in the executive, legislative, administrative, military, or judicial branch of a foreign government (elected or not)
  • a senior official of a major foreign political party
  • a senior executive of a foreign government owned commercial enterprise, being a corporation, business or other entity formed by or for the benefit of any such individual
  • an immediate family member of such individual; meaning spouse, parents, siblings, children, and spouse’s parents or siblings
  • any individual publicly known (or actually known by the relevant financial institution) to be a close personal or professional associate.

A Unified Approach to GRC

A participated in a webinar by Carole Stern Switzer of OCEG and Sumner Blount of CA, Inc. on Unified Governance, Risk and Compliance.

Governance – the culture, policies, processes, laws and institutions the define the structure by which companies are directed and managed.

Risk – the effect of uncertainty on business objectives.

Compliance – The act of adhering to and demonstrating adherence to the external regulations and standards as well as corporate policies.

GRC is the coordination of these three areas to increase efficiency and produce more complete information for better decisions-making.

After all, bad information leads to bad decision-making.

The evolution to GRC came from one-off controls and testing as each new regulation came into place. The start was generally because of Sarbanes-Oxley. In the early days the internal audit and the general counsel operated separately from the operations group. The operations are run through the internal IT systems. As more compliance groups grew, they sent more and more audit and information requests to the operation groups. The goal is to unify and simplify the risk and compliance.

The siloed information makes it hard to determine the status of compliance and difficult to map controls to regulations. Sumner proposes a global repository of audits, risks, test and test results, cross referenced to unite the silos of information. A single source of truth for compliance, risk and governance.

The unified approach should result in giving you visibility into the state of operations and risks. This could allow you to remediate problems before they become critical.

The policy lifecycle starts with (1) identifying the requirements, (2) setting polices to meet requirements, (3) creating controls to enforce policies and then (4) monitoring and remediating the controls. This lifecycle should have feedback loops so that policies and controls stay up date and functional.

Sumner sees five management tools: regulatory content, risk management, policy management, controls management and project management.

For policy management you need support for the creation, review, self-assessment and update of policy documents. You need a workflow to track approvals. You need track people having attested that they have read, comply and will comply with the policy.

With regulatory content is difficult to develop the expertise, keep the information up-to date and translated into the control objectives.  It is also great to harmonize the controls across regulations. That way you are not created redundant or even conflicting controls.

For controls management you want a centralized repository of controls mapped to the associated policies, regulations, risks and resources. You also want to store test results and assignment of actions to be done.

For project management, you want to track project status, support for an audit trail and support for reporting.

The key is to reduce costs, reduce disruptions, improve risk management, use it to drive operational improvement to gain competitive advantage.

Ethics as a Business Process

Adam Turteltaub wrote Ethics as a Business Process for the fall 2005 edition of GRC 360.

Forward-looking companies are seeking to evolve business from soft art to hard science as a means to win in the marketplace, improve competitive advantage, achieve higher market valuations, ensure employee retention, foster fruitful partnerships and strengthen customer satisfaction.

. . .

There are three key areas to consider when examining the creation of business processes around ethics:

People: An organization must examine and manage the extent which ethical conduct is embedded into the fabric of business thinking and fully understand the ethical risks employees face.
Process: An organization must set forth an effective business framework that integrates all ethics and compliance-related activities within the enterprise.
Technology: An organization must leverage tools that automate the process to achieve greater efficiency and provide management with the data it needs to assess the health of the effort and respond quickly to problems.

Compliance at The Nature Conservancy

Back in 2004, The Nature Conservancy created the job of Chief Compliance Officer and formalized is compliance and governance policies.

There is an interview with Karen Berky, Chief Compliance Officer in The Nature Conservancy’s 2004 Annual Report: Conservation That Works.

Ms. Berky talks about the Conflict of Interest Policy and the Conflict of Interest Standard Operating Procedure.

The Nature Conservancy also has a Whistleblower Policy, for reporting suspected violations of law or policy.