Control Systems for Banks in Global Markets

A few authors underlie the necessity to promote a new ‘capitalistic ethic’ and to face the governance and control systems of organizations and institutions that work within the capital markets. Internal control systems are considered the product of deep reflection of governance: it represents the bases of a wide evaluation for the single operative instruments and for the general culture of the risk control. This contribution intends to bring out the role of the central institutions in the creation of the flexibility and the necessary environment to develop control instruments oriented towards the prevention and management of risk.


Global Markets and Advanced Control Systems
The worst financial crisis since the Great Depression is characterizing the roles and the boundaries between the institutions and the markets towards a new balance between regulation coming from the market place and virtuous mechanisms promoted autonomously by organizations.
As some authors have noted, in the economic history of the last three centuries, there have been cyclic moments which because of the panic due to the unexpected crisis, the communities that gained wealth thanks to free trade are motivated in finding the cause of the crisis within the system that generated the wealth itself (Butler, 2007).
In fact, in recent years, the evolution of the economic and financial systems has faced the influence of a variety of factors: deregulation of the financial activity, technological innovation, and growing mobility of capital at the international level.Certainly, the local peculiarities in terms of norms, cultural aspects and shared practices are relevant, although the increasing interdependences on a global scale have created, and still affect, a domino process of non-controllable effects.
Within the main world financial markets, for example, the emerging, innovative capacity in terms of new products and services have not been followed by the consequent review of the regulation for the financial organizations and the functioning mechanisms of the market.A few authors, at this proposal, underlie the necessity to promote a new 'capitalistic ethic' and to face the anarchy of speculation  : strong expressions that show the attention dedicated, especially in this historical moment, to governance and control systems of organizations and institutions that work within the capital markets  .
With regard to the object of this paper and with special reference to the banking sector, it is possible to develop two levels of analysis.The first is dedicated to the policy and the functioning of the central banks, in Europe and within the rest of the world.At this stage, the Bank for International Settlements (BIS) emerges as the main responsible for the international equilibrium and the coordinator for the reform activity of the Basel Committee.
The second level of analysis concerns each bank that, independently from the central formal regulation, can implement virtuous practice and adopt internal instruments to better manage system of risks.
From this point of view, the ability of the organization emerges to understand control systems as critical success factors for the organizations that intend to achieve high visibility and competitive advantage within the international financial markets based on transparency and safety of the economic activity, both in the management of investments than in the organization of the internal processes.
This contribution intends to bring out, in particular, the role of the central institutions in the creation of the flexibility and the necessary environment to develop control instruments oriented towards the prevention and management of risk, without analyzing in details all the operating risks that can emerge.
At this point, it is possible to define a wide framework that allows each organization to plan and adopt the practices that are considered best suited within the general process of value creation.
The affirmation of control systems as a success factor for management of the organization should promote, especially within banks, the application and the external communication of sophisticated managerial instruments able to achieve the most balanced conditions of functioning and accountability, especially in the distribution of tasks and roles.

The Banking Authorities and the Origin of Internal Control
The European banking sector is notoriously characterized by a system of formal supervision settled with specific standards for each area and level of risk.The main authorities in the control field are the European Central Bank and the central banks of the member States with specific reference to the emission and the organization of the sector regulation.
In the last decade, in particular, the Basel Committees role emerged: an international work group working to develop and the supervision processes within the banking sector coordinate on a global scale.The activity of this Committee is linked to the wider action of the Bank for International Settlements (BIRS), the oldest financial organization still active in the world for the creation of monetary and financial stability.The BIRS constitutes a coordination role for the policies of the central banks, and it represents the bank of reference for the lattest as well for other international organizations in different countries worldwide.
In the Italian case, the influence of the European Institutions emerged especially at the time of the acknowledgment of the European Directive 2001/97/CE into the legislative decree 231/2001: an important norm, periodically revised, that constituted the first attempt to the attribution of administrative responsibility in case of crime for the legal person (companies and other organizations active within financial markets).
This was a challenging decree for the Italian legal system, that contributed to introducing specific crime categories that are related, in particular, to relationships of the company with the public administration, financial crimes, offences against the individual as physical person, and transnational crimes.
Besides the European policies, the same process of defining and evaluating the control system has been promoted within the United States through the activity of the SEC (Security and Exchange Commission).The first interventions of the SEC took place within the decade 1978-1988 and, afterword, in a more intensive way following the great financial scandals of 2001 (Section 404 of the Sarbanes-Oxley Act).
This contribution is dedicated, in particular, to the discussion of the content, also contained in the session of the Sarbanes Act above mentioned, that is best represented in Italy by the attempt to uniform the Italian banks practices with the control standards of their international competitors.
The Italian case represents, from this perspective, an interesting example for the analysis of the internal control system, as well for the dynamics of a complex competitive system that evolves towards the constitution of remarkable banking groups.It is sufficient to reflect over the dynamics that characterized the banking sector within the last years that became one of the most significant examples of the Italian organization still competitive at a global level.
More specifically, thinking about the complexity and the wide boundaries of the bank economic activity it is now clear that the internal control systems have a strategic role for the effective functioning of the governance systems.This is particularly significant considering the extreme complexity and variety of the operational processes and of the competitive arena of banks.

Internal Control Systems within Banks
Within the legal system oriented towards the establishment and the regulation of the internal control systems, the legislative decree 231/2001 represents the necessary tool for the lecture and the comprehension of the guidelines coming from the central authorities of supervision.
The regulation introduces the general principal of administrative responsibility of the legal persons for the crimes committed in their own interest through the action of either the people in apical positions within the structure of the organization, or the supervisors of the lattest.
More precisely, art.6 point 1 states that if the crime is committed by people in an apical position, the organization is not considered responsible if the manager has adopted, and effectively implemented, organizational and managerial models to prevent crimes of the species that manifested.Moreover, it is necessary that the supervision over the functioning of the model has been entrusted to a body of the organization that can act autonomously.
The decree states (art.6, point 3) that the regulation does not explicit the details of the managerial and organizational models; the norm refers only to the specific principles and the behavioral codes issued by the representative associations of the different kind of organizations approved by the Ministry of Justice.In the specific case of the banks, the representative association that is in charge of the guidelines is the Italian Banking Association (ABI).
With specific reference to the internal control system, the guidelines issued by ABI in 2004 state explicitly the fundamental principle of separation between the operational and the control functions, with the aim of avoiding turbulent situations in the distribution of competences.
Within the guidelines it is stated that the control system should be planned in order to identify, measure, and adequately monitor all the risks related to the different operational areas; establish control processes and activities at each operational level; insure a reliable information system that is able to refer instantly to anomalies emerging during the control process; allow the registration of each managerial fact with adequate details level.Moreover, each bank organizes a monitoring process finalized in the prevention of risks connected to crimes and infidelities of the employees and executes a check about the activities that can determine loss risks coming from mistakes and inadequacies of internal processes, of human resources, and other major external events.
The solutions suggested by ABI are significant for the diverse configuration and the different roles that control bodies can have within the bank.First, the guidelines state a direct involvement of the board of auditors towards the supervisor activities as the legislative decree 231.ABI fears an excessive involvement of this board that is already appointed by the Civil Code to other functions.ABI specifies that, in order to organize the internal control system, it is not possible to use internal structures that cannot exercise autonomous powers of initiative and control.This is in order to guarantee an effective independence of the organization toward possible constraints created by a hierarchy.The alternative consists in creating a dedicated organizational function, characterized by professional skills within the bank (legal experts, accountants, and human resources managers) and from the external market (consultants, and auditors) with the supervision of non executive administrators that provide warranties of effectiveness toward such controls.
Moreover, ABI states that the functions requested by the legislative decree 231/2001 can be executed also by the body dedicated to the internal auditing that, eventually integrated in terms of powers and composition, can be qualified as adequate for the role assigned by the law to the control organ.
According with the perspective of ABI, the variables useful for the definition of appropriate control systems should be selected on the basis of characteristics and resources managed by the organization.Respecting the balance between costs and benefits, the governance system should evaluate the opportunities to create a dedicated function; either they could decide to use a body or function already existing, avoiding overlapping of skills, and respecting the autonomy and the independence of the selected responsible for that activity.
Moreover, the guidelines issued by ABI do not disregard the coordination role attributed to the head of the group of economic entities.It is understood the opportunity that each company evaluates autonomously the initiatives to run, but that it is the company at the top of the group that has to inform the controlled companies about the guidelines to be adopted in relation to the prevention of crimes and the uniformity of operational activities within this sector.One more purpose is to control costs and ameliorate the efficiency and the effectiveness of the organizational and control models adopted by the group of economic entities.
The risk that can take place, especially in the case of a merger between two preexisting groups is that the control systems are not aligned, especially in terms of structural organizations and information systems adopted.The management of this critical aspect concerns two different aspects: from one side, tensions can generate by the difference in terms of operational procedures; from the other side, there is the risk of organizational conflicts due to a different way of distributing roles and responsibilities.
This emerges in a more evident way when within the organizational structure of the bank is established the separation between the compliance function, dedicated to the more general management of the banking risks and the governance, and the control of operational risks referred to specific organs such as the Risk Management Central Direction.

The Compliance Function within Banks and the Contribution to the Value Creation
With reference to the recent legal reform mentioned above, the reputational factor and trust are among the main values of the bank.In fact, the organization is the main entity responsible for credibility towards the customers and the market, the attraction of qualified human resources, and the process of economic learning in the long term.This is the beginning of a virtuous cycle: the solidity of the banking system increases because of the effect of the major control ability toward the credit and market risks, that on their behalf generate the amelioration of the profitability, thanks to the growth of assets and revenues.
The compliance system foresees the interaction between internal and external control instruments and independent organizational roles that are in a position to verify the functioning of the managerial processes and the pursuing of planned objectives.
For the bank to hold the committees and the internal control processes is not a sufficient condition to guarantee virtuous operations and behaviors.The sample method applied to the operational activities and carried out by independent auditors increase these functionalities.Between the main advantages there are: the integrity and the effectiveness of the control systems; the control of samples of transaction to verify the respect of external rules and internal policies; the supervision of the skills and the knowledge of the employees in the field of regulations and procedures; the control of adequacy and accuracy of their training; the analysis of the effective reporting system, especially to evaluate the capacity to monitor potentially risky activities.
The coordination of the legal control activities and of each operational risk remains at a central level through the coordination of group central structures like the Chief Risk Office (CRO).The CRO verify the coherence among the strategies, the managerial objectives and the policies to prevent risks according to he difference perspectives above mentioned.
In synthesis, the compliance system of the banks contribute in managing in a more effective way to the increasing risks of the processes on different levels: risks related with the increasing commitment of the banks towards the offer of multiple financial instruments; risks connected with the quality of the relationship with the customers and products offered on the market, even if coming from third parties.risks linked to the qualification of the personnel and to the diffusion of an adequate organizational culture in terms of transparency and respect of the internal and external legislation; risks referred to the increasing managerial complexity, especially with reference to the necessity of adopting effective governance and control systems; risks coming from the growing internationalization of the banking activity and from this presence, especially within the group, of rules that are not aligned with the common culture.
The presence within the bank of an effective compliance system should represent: aid for the governance in case of internal and external changes, especially thank to the possibility to personalize the bodies and the control instruments; major awareness of the organization about the existing and potential risk of the economic activity; minor volatility of income coming from the factors of uncertainties and mistrust of the market; positive incidence on the evaluation of the rating for the organization and on institutional investors; more effective evaluation of the brand and reputation.
Of course, besides the necessary presence of structural elements, the functioning of the compliance systems is strictly linked to the organizational culture and the willingness of the human resources to support the monitoring processes and to implement them within the economic operations.In this way, the control process is evaluated as an essential process of code of ethics and behaviors.The compliance systems involve all the relationships that take place with reference to the economic activity, especially regarding the aspect such as ethic, integrity, accountability, and managerial and leadership styles.
At the same time, another factor that the banks must consider in evaluating the compliance system is the relationship between costs and benefits of the control system.Besides the positive aspects that we mentioned before, also aspects of the analysis related to the costs of the control processes represent an important perspective in evaluating the legal costs, the variability of the stock price, and image damage coming from the mass media  .

Conclusion
The brief analysis here proposed has the objective to attract the attention towards the multi-perspective utility of the regulation within the banking system.This phenomenon takes place for different reasons.First, the presence of formal rules within the bank, especially considering the complexity of the financial sector, contributes to the perception of the importance of informative instruments for the continuous monitoring of the financial and economical balance f the organization.
At the same time, the authorities role emerges to promote the autonomous and creative spirit when applying the rules.This happens especially considering the necessity of adapting the prevention of risks with the special characters of the organization and its economic activity.
The rules system is, in fact, fundamental for the social order; however, this balance can be achieved in a different combination of internal and external authorities, a self ruling, promoted by the competitive processes of the functioning market place.
It is from this perspective that internal control systems are considered the product of deep reflection of governance: it represents the bases of a wide evaluation for the single operative instruments and for the general culture of the risk control.The principal figures responsible for the internal control systems know the consequences that could manifest in case the critical aspects associated with risks happen.
The selection of the bank on the bases of the internal control systems emerges as a common behavior of the customer or the business partner.They are aware of the value to attribute to the control culture in the wide meaning of institutional and managerial virtues.From this solid starting point develops conditions for compliance and managerial best practices as integral institutional guidelines and leading competitive factors.