One of our strategic goals is to embed risk-focused choices in our work and, during 2019, we increased our focus in this area.
In the Governance section of this annual report, we set out the governance changes the Board made during the year. In addition and as a precursor to risk-based supervision, we developed and launched a new risk model, which will help us assess where we should focus our supervisory resources. We will use information from the National Risk Assessment and other supervisory data to drive our risk model.
Developing our risk-based approach
In order to deliver on our key purpose and aims, we have developed an enterprise risk management framework, which covers the key risks around the macro-environment in which we operate, the businesses we regulate and our operations. This risk framework helps us allocate our finite resources to the highest areas of risk, balancing protecting the public and the reputation of Jersey as a financial centre with the creation of a regulatory framework that facilitates the economic well-being of the Island.
Our risk-based approach informs how we allocate resources to:
› develop and maintain a regulatory framework for financial services activity
› supervise regulated businesses to assess compliance with the regulatory framework
› take appropriate enforcement action where our requirements have been breached
› operate the Registry.
Re-evaluating our own risk
As risk is a considerable component of our overall strategy, it was a natural step for us to establish a Risk Committee in 2019, chaired initially by Mark Hoban and now by Tracy Garrad. This committee has oversight of the JFSC’s enterprise risk management framework and, during the course of the year, played a key governance role for the launch of our risk model and the general enhancements we made to our internal risk reporting.
The Committee also undertook a full risk stocktake, simplified our enterprise risk management framework with revised risk taxonomy, reporting format and engagement cycle, and reviewed macro-environmental and emerging risks to produce a consolidated list of risks that include operational and regulatory risks.
Our risk-based approach informs how we allocate our finite resources
Developing our risk model
In 2019 we developed and launched the new risk model; a tool to help us prioritise where to deploy our limited supervisory resources and demonstrate a risk-based approach to supervising the financial services industry in Jersey.
When developing the model, we took into account the current thinking on international standards, particularly those relevant to the fight against financial crime. This is paramount if Jersey is to maintain its reputation as a well-regulated international finance centre.
By using the risk model to ensure that we deploy our resources to the areas of greatest risk, we can regulate in a proportionate way. This will allow good businesses to flourish while we can better identify those firms with poor compliance at an earlier stage. This demonstrates effective remediation to improve standards overall.
With the risk model now a tool for supervisors to use on a daily basis, we can put individual events into the context of everything else we know about a business and consistently assess them against our risk appetite.
Using data to drive our work
The National Risk Assessment and our own supervisory risk data collection exercises have been substantive undertakings for both the regulated community and ourselves. The data we have and continue to collect is vital for informing our approach to risk-based supervision and our financial crime examination process. We will use it to feed our risk model, which will allow us to build a better understanding of the Industry we regulate.
Police National Computer
A significant and successful piece of work was securing access to the Police National Computer in November 2019. This allows us to carry out background checks to identify and prevent individuals, with certain criminal convictions, from entering or continuing to work in Jersey’s finance industry.
Having direct access to this database will allow us to speed up our processing of principal and key person applications and conduct additional checks.
This is a real achievement for the JFSC as it demonstrates our commitment to meeting international standards and good practices such as those set by the Financial Action Task Force and the Group of International Finance Centre Supervisors.
Sharing risk insights
High-profile cyber security breaches occur seemingly daily with corporations' reputations being seriously harmed and customers becoming increasingly untrusting. We are all on the front line and Jersey is no exception.
We do what we can to raise awareness among our regulated community about cyber and information security. In November, we hosted our second cyber security masterclass, in partnership with the Security Awareness Special Interest Group (SASIG), to brief local business leaders about the real nature of cyber threat. International experts from the National Cyber Security Centre (NCSC), the National Police Chiefs' Council (NPCC), and the International Airlines Group were among the guest speakers at the event.
