JPMorgan’s massive spending on controls underlines “aggressive” relations with regulators (Dodd Frank On Steriods )

JPMorgan’s massive spending on controls underlines “aggressive” relations with regulators

September 24, 2013 @ 9:08 pm

By Guest Contributor

By Henry Engler, Compliance Complete

NEW YORK, Sept. 24 (Thomson Reuters Accelus) – What was once a more consultative relationship between JPMorgan and its regulators has turned into an environment of aggressive demands to reshape the banking giant, say bankers.

With news the largest U.S. bank has settled one set of charges for $920 million and is bracing for more legal and regulatory scrutiny in the coming weeks and months, insiders say the most noticeable change has been the regulators’ use of “consent orders” to enforce wholesale changes across the institution’s risk management controls and systems.

“It is an increasingly aggressive environment with the regulators. All of the things they would like to see as a wish list are getting increasingly formalized legally,” said one senior banker. “It now becomes a must have, a must do.”

In an internal memo to employees this week [1], JPMorgan’s CEO Jamie Dimon noted that “we have dedicated more than $750 million to address several of our consent orders and assigned close to 5,000 people to ensure we meet or exceed all that is expected of us.” Among the consent orders the bank has to comply with, the “London Whale” $6.2 billion loss and deficiencies in its AML monitoring and systems are the most prominent.

The bank has said that, in total, it would spend $1.5 billion on managing risk and complying with regulations and plans to add $2.5 billion to its litigation reserves in the second half of the year in a push to fix its control problems.

On Thursday, the bank agreed to pay $920 million [2] in penalties in two countries to settle some of its potential liabilities from it “London Whale” losses last year, according to terms made public by regulators. The penalties include $300 million to the U.S. Office of the Comptroller of the Currency, $200 million to the Federal Reserve, $200 million to the U.S. Securities and Exchange Commission and 137.6 million pounds ($219.74 million) to the UK’s Financial Conduct Authority.

The Federal Reserve and other regulators, such as the Office of the Comptroller of the Currency (OCC), have typically issued MRAs (Matters Requiring Attention) in the supervisory process when bank practices deviate from sound risk management principles. For more urgent matters, regulators can resort to an MRIA – Matters Requiring Immediate Attention.

As a supervisory letter [3] from the Fed’s Board of Governors clarified earlier this year:

“MRIAs arising from an examination, inspection, or any other supervisory activity are matters of significant importance and urgency that the Federal Reserve requires banking organizations to address immediately and include: (1) matters that have the potential to pose significant risk to the safety and soundness of the banking organization; and (2) matters that represent significant noncompliance with applicable laws or regulations.”

Most recently, for large banks, MRAs have been centered in credit-risk-related issues (36 percent), operational risk (16 percent), BSA/AML (14 percent), consumer compliance (10 percent), and internal controls (8 percent), according to the 2013 Semiannual Risk Perspective survey [4] by the OCC.

But an increased use of consent orders signifies a shift that some say is prompted by repeated instances of cases where there is a breakdown of internal controls, particularly at some of the largest institutions. While regulators may have previously felt that the MRA approach would be sufficient, they now believe there is a need to take a tougher stance.

“In the past, when something was on the fence you could go either way; the definite trend now is to go formal,” said Julie Williams, managing director at Promontory Financial Group, and former chief counsel at the OCC. “I think that is the product of increasing instances of sensitive and concerning operational issues where regulators decide that it is necessary and appropriate to go with a formal response.”

Some industry observers also point to public criticism of regulators for not having been sufficiently tough with banks in the past, and that the rise of consent orders may be an effort to deflect those perceptions.

London Whale case opens the door

In JPMorgan’s case, bankers say that the loss within the Chief Investment Unit (CIO) has also given regulators the ammunition to call for sweeping changes across the organization, not only in the area of the bank where the controls broke down.

“If you have a point of vulnerability such as the London Whale it’s a point of entry to allow you to ask for a huge wish list,” said a banker familiar with the bank’s engagement with regulators.

The OCC’s consent order regarding the CIO included deficiencies in the unit’s oversight and governance of credit derivatives trading, risk management, valuation control processes, internal audit processes and model risk management practices. But in the OCC’s required actions, the consent order included language to specify that the bank must remediate the deficiencies and processes wherever such trading activities occur – not only in the CIO.

What regulators have often found is that a failure in one part of the institution was not specific to that unit or business, but systemic across businesses. As SEC Co-Director of Enforcement, George Canellos, said on Thursday [5], with regard to the $200 million penalty handed down to JPMorgan: “Today’s action makes clear that JPMorgan’s control breakdowns went far beyond the CIO trading book.”

Substance versus process

Whether regulatory demands to develop new, effective risk management systems and models will ultimately lead to better risk oversight remains an open question, argue some observers. While having better information and systems are important, risk management at the end of the day still relies heavily on human judgment. What you ultimately do with the information is what counts.

“The risk, of course, is that there is confusion between substance and process on the part of the regulators,” said another banker. “The irony to me is that if it was 2004 or 2003, and you had a handful of treasurers around and you asked who has the best risk reporting and metrics, I hate to say, it’s probably Lehman Brothers.”

(Please click on the links for: SEC order [6], Federal Reserve consent order [7]OCC consent order [8]Financial Conduct Authority Final Notice [9]Memo from Jamie Dimon[10] and JPMorgan news release [11].)

(This article was produced by the Compliance Complete service of Thomson Reuters Accelus [12]. Compliance Complete provides a single source [13] for regulatory news, analysis, rules and developments, with global coverage of more than 400 regulators and exchanges. Follow Accelus compliance news on Twitter: @GRC_Accelus [14])

[1] internal memo to employees this week:http://www.complinet.com/global/news/news/article.html?ref=166724

[2] $920 million: http://www.complinet.com/editor/article/preview.html?ref=166859

[3] letter: http://www.kc.frb.org/publicat/banking/membership/smb/13-06-25-SR13-13-Supervisory-Considerations.pdf

[4] survey: http://www.occ.gov/publications/publications-by-type/other-publications-reports/semiannual-risk-perspective/semiannual-risk-perspective-spring-2013.pdf

[5] Thursday:http://www.sec.gov/News/PublicStmt/Detail/PublicStmt/1370539820148#.UjsEw9KyCAg

[6] SEC order: http://www.sec.gov/litigation/admin/2013/34-70458.pdf

[7] consent order:http://www.federalreserve.gov/newsevents/press/enforcement/enf20130919a.pdf

[8] OCC consent order: http://www.occ.gov/static/enforcement-actions/ea2013-140.pdf

[9] Financial Conduct Authority Final Notice: http://www.fca.org.uk/your-fca/documents/final-notices/2013/jpmorgan-chase-bank-na

[10] Memo from Jamie Dimon:http://www.complinet.com/net_file_store/new_editorial/j/p/JPM_memo.pdf

[11] JPMorgan news release:http://investor.shareholder.com/jpmorganchase/releasedetail.cfm?ReleaseID=791729

[12] Thomson Reuters Accelus: http://accelus.thomsonreuters.com/

[13] provides a single source:http://accelus.thomsonreuters.com/solutions/regulatory-intelligence/compliance-complete/

[14] @GRC_Accelus: https://twitter.com/GRC_Accelus

© Thomson Reuters 2011. All rights reserved. Users may download and print extracts of content from this website for their own personal and non-commercial use only. Republication or redistribution of Thomson Reuters content, including by framing or similar means, is expressly prohibited without the prior written consent of Thomson Reuters. Thomson Reuters and its logo are registered trademarks or trademarks of the Thomson Reuters group of companies around the world.

Thomson Reuters journalists are subject to an Editorial Handbook which requires fair presentation and disclosure of relevant interests.

Dimon: JPM ‘Simplifying’ Its Business, Improving Compliance

 

Dimon: JPM ‘Simplifying’ Its Business, Improving Compliance

SEP 17, 2013 10:42am ET
 

WASHINGTON — JPMorgan Chase (JPM) is focusing on simplifying its businesses and improving compliance with regulatory requirements, Jamie Dimon said in an e-mail to employees on Tuesday.

The bank’s chairman and chief executive said that its recent exit from the student lending business and elimination of its physical commodities sales and trading businesses was an attempt to “refocus our priorities.”

“We have been asking our senior people to eliminate products and services that are not essential to serving our customers and are not core to our business,” Dimon wrote.

In the lengthy e-mail, Dimon said the bank is also working to confront the regulatory challenges facing it, including reviewing its foreign correspondent banking business, improving oversight of outside vendors, and adding regulatory compliance staff.

The e-mail comes as JPMorgan Chase nears a $750 million to $800 million settlement with regulators related to last year’s “London Whale” trading scandal. An announcement could come as early as this week.

It also is yet another sign of a newly resurgent Dimon who, after the criticism he took over the Whale incident, successfully fought off an attempt by shareholders to strip him of his chairman title earlier this summer. Since then, he has become more outspoken about the issues facing the industry and his institution.

The regulatory settlement is expected to include an admission of wrongdoing by the bank. Although Dimon did not reference it directly, he said in his e-mail that if “you don’t acknowledge mistakes, you can’t fix them and learn from them.”

“So now, as in the past, we are recognizing our problems, rolling up our sleeves and fixing them,” Dimon wrote.

That includes a renewed focus on the bank’s foreign correspondent banking business, an area that has gotten several large banks, including HSBC and Standard Chartered, into trouble recently with U.S. regulators.

JPMorgan Chase was slapped with a consent order from the Office of the Comptroller of the Currency in January over “critical deficiencies” with respect to its anti-money laundering practices. Many observers expect regulators to impose a monetary penalty on the bank soon over those failures.

Dimon said JPMorgan Chase is strengthening its internal controls “particularly around ‘Know Your Customer’ and transaction monitoring.”

He also said the bank is stepping up supervision of outside vendors, yet another area that has tripped up the bank.

“If a vendor or partner engages with our customers, we need to be as vigilant about their practices as we are about our own, particularly if they interact directly with customers,” Dimon wrote. “We are also proactively trying to decrease the number of vendors we have, which reduces complexity in our business and creates more jobs internally.”

Earlier this summer, JPMorgan Chase halted most sales to third-party collectors of credit card debts amid regulatory concerns over how it pursues payments from customers who are delinquent.

Dimon said that the bank has significantly boosted compliance resources, adding roughly 3,000 employees this year that are dedicated to risk, compliance and control efforts. The bank has also provided 750,000 hours of regulatory and control-related training related to topics like anti-money laundering and Dodd-Frank implementation, he said.

Dimon added that he has also tried to build a “more open and transparent relationship with our regulators.” He held town halls for examiners with the Office of the Comptroller of the Currency, Federal Reserve Board, and Federal Deposit Insurance Corp. in May and June. He also held a corporate town hall with bank employees who “regularly interact with regulators.”

“We discussed our culture of transparency, stressing the necessity of fully and accurately reporting material issues to our regulators in a timely manner and responding promptly to their requests,” Dimon said.

Dimon concluded by pledging to create a “best-in-class operating system” for the bank.

“Never before have we focused so much time, effort, brainpower, technological power and money on a single, enterprise-wide objective,” Dimon wrote. “Make no mistake — we are going to get this right.”