Compliance Risk in the Evolution of the Investment Services - Characteristics, Control Tools and Organizational Issues

150 Pages Posted: 13 Aug 2009

See all articles by Paola Musile Tanzi

Paola Musile Tanzi

SDA Bocconi; Università degli Studi di Perugia

Giampaolo Gabbi

SDA Bocconi School of Management

Daniele Previati

Bocconi University

Paola Schwizer

University of Parma

Date Written: January 1, 2008


This research has looked at the present state and the progressive scenario of how banks and investment companies have put compliance into practice. It is the first time that in an empirical investigation, the subject of compliance risk focuses on the advancement of investment services, as defined by the Directive 2004/39/CE: 1) reception and transmission of order in relation of one or more financial instruments; 2) execution of orders on behalf of clients; 3) dealing on own account; 4) portfolio management; 5) investment advice; 6) underwriting of financial instruments and or placing of financial instruments on a firm commitment basis; 7) placing of financial instruments without a firm commitment basis; 8) operation of Multilateral Trading Facilities. Thirty-five financial firms took part in this investigation which was carried out in banks and investment companies. Due to the large number and variety of the sample, it was possible to differentiate the results using a double set of criteria: 1) Financial intermediaries (FI) frequently working either internationally or domestically; 2) Intermediary typology, this is to say banks or other financial intermediaries (asset management companies and investment companies). The significance of the available data makes it possible to foresee a continuity to the research in the future so that operators can have an instrument of periodic observation into the matter. The collection of data occurred via a questionnaire designed and elaborated by a group of researchers of the Research Division of SDA Bocconi School of Management. Data collection stopped in July 2007 and started in November 2006. The questionnaire was created based on observations which arose from a pilot phase of the research, carried out from January to February 2007. The research activity has been carried out with the support of HP and SIA-SSB. With reference to the contents, the research is split up into four survey areas: 1) Positioning of the Compli-ance function in the organizational structure; 2) Roles attributed to the Compliance function; 3) Methodolo-gies for measuring, transferring and mitigating Compliance risk in investment services; 4) Mode of interaction between the Compliance function inside and outside the structure. To complete the report, a fifth section has been added that deals with the methodology of the research. The research is introduced by three paragraphs, namely: I) the main evolutionary steps of the Compliance function within financial intermediaries; II) how the MiFID compliant “rules of the game” came into being within the investment services; III) the aim, the survey sample and the research methodology. A synthesis of the results follows with a reference to the parts of the report to which they refer:

1) “Compliance starts at the top”, in the majority of situations, the compliance role is given to someone within the Board of Directors or this person reports directly to the Board, without formal filters from the General Manager;

2). The decentralised model is more common than the totally centralized one. The morphology is diverse from one case study to the next, in terms of existing presidium and levels of effective autonomy. The centralized solution is typical of national situations, while in international settings, one tends to go for more articulated solutions based on the specificity of the different operational realities of the group;

3) The effective link that exists between the position of compliance and other support units (Organization, Personnel, Information Systems, and Risk Management) seems limited, though there is large diversity from one situation to the next. In particular, the absence of a link to Personnel Management could jeopardize the effectiveness of compliance;

4) The Compliance function does not generally have an independent budget. This is very much so for domestic and non-banking intermediaries.

5) The activity of compliance requires diverse skills, partly complementary, necessary if one is to sustain a commitment which is foreseen to grow in the next three years. This seems necessary to be able to face the known challenges presented by the laws and the growing competition arising in the area of savings investment services internationally;

6) The function of compliance, in terms of experience gained, assignments carried out and areas of involvement, seems at present more developed in firms working internationally. The greater attention given to training by these is a clear signal of the importance of establishing a culture on compliance, based not only on knowing the rules, but also on a strong and widespread sense of moral duty;

7) The role of compliance requires that, because of the diversified tasks and contents, there be adequate staff in terms of both quality and quantity. Personnel management must make use of its entire means, and the best possible ways, to ensure that know-how, competence and skills in compliance rise, in particular for domestic firms and those working in large and medium-sized holding banks;

8) Also the use of dedicated IT applications appears scarce. The investments channelled to IT resources do not seem adequate for the challenges awaiting the Compliance function in the near future. It would seem that most of the representatives of this function, who answered, were not able on their own to provide an estimate on the size and the type of IT investments necessary;

9) The majority of firms have used not used articulated model, neither qualitative nor quantitative, to measure risk compliance. This is exactly the opposite when looking at the other part of the sample, namely the international firms compared to the domestic ones;

10) The domestic firms who have mapped out the conformity risks are still a minority when compared to their international counterpart. The discrepancy between the international and the domestic sample increases with reference to the degree of exposure, the probability of it occurring and the impact or severity;

11) As company complexity rises (international network and presence of different activities within the bank), so does the awareness of the importance of training, capable of transmitting the culture of compliance, from a less “exclusive” standpoint compared to other means of internal communication;

12) The dialogue between compliance and the other company functions not only supports the spread of the conformity culture, but can also generate an opportunity for innovation. On comparing the different viewpoints of the companies, it is possible for new solutions to arise which facilitate the efficiency of playing by the rules. The majority of the companies that were object of this study fall within this category;

13) The low estimated importance of their role in the prevailing domestic setting is transversal to all MiFID implementation processes. This is particularly true for the “level of awareness” which can be seen between in the involvement of the Compliance function of international intermediaries and that of domestic ones when creating an appropriateness and suitability test. This is also the case for the two subgroups, namely banks and financial intermediaries, but in the former the Compliance function shows a greater degree of involvement.

14) Respect for the rules of the compliance game is part of the crucial ethics of financial intermediaries. They are qualified to act on behalf of the money savers who contribute with their accumulation process and resulting investment choices to the development of the economic system and because financial firms are prone to regulations, compliance to these rules must be part of their genetic make-up. This statement leads to two distinct points. The first is that when the function of compliance is coupled to the company’s value system it gains visibility. The second is that when in a company the effective mechanisms or processes that link the principle of conformity to the internal and external conventions to the system of incentives, it gains concreteness. The “virtuous” situation of a connection between the value system and that of incentives was seen in only the minority of the probed sample.

Keywords: compliance, financial regulation, investment services

JEL Classification: G20, G21, G24, G28

Suggested Citation

Musile Tanzi, Paola and Gabbi, Giampaolo and Previati, Daniele and Schwizer, Paola, Compliance Risk in the Evolution of the Investment Services - Characteristics, Control Tools and Organizational Issues (January 1, 2008). Available at SSRN: or

Paola Musile Tanzi (Contact Author)

SDA Bocconi ( email )

Via Bocconi 8
Milan, Milan 20136

Università degli Studi di Perugia ( email )

Via Pascoli, 20
Perugia, 60123

Giampaolo Gabbi

SDA Bocconi School of Management ( email )

Via Bocconi 8
Milan, Milan 20136

Daniele Previati

Bocconi University ( email )

Via Sarfatti, 25
Milan, MI 20136

Paola Schwizer

University of Parma ( email )

Via J.F. Kennedy 6
Parma, 43100

Here is the Coronavirus
related research on SSRN

Paper statistics

Abstract Views
PlumX Metrics