FOTIC: Establishing Three Lines of Fortification for Comprehensive Risk Management

A series of recently issued regulatory documents have made prevention and control of financial risks became the main mission of the trust industry. While the Central Economic Working Conference has proposed “putting prevention and control of financial risks onto a more important position”, the government working reports of the NPC and the CPPCC stressed that “resolving and handling prominent risk points in an orderly manner”. All in all, the financial regulators have recently made several intensive declarations. All these point to the fact that financial risks are looming large.

As the micro bearers of financial risks, financing firms are obligated to strengthen internal supervision, perfect risk management system and governance, improve their risk management level and enhance their capital constraint and internal control compliance management.

Trust companies have become the second largest financial entity in China’s financial field. Moreover, the trust business covers three major investment fields, namely currency, capital and industry, thus highlighting the complexity and diversity of trust risk management. Therefore, the importance of risk management has become particularly significant.

A few days ago, a responsible person of the Risk Management Department of FOTIC expressed at a media interview, “Risk management is a permanent theme and challenge for a financing firm. A financing firm’s ability in the area of risk management makes up the core competitiveness of that firm. In response, FOTIC has been adhering to the concept of compliance preference, active compliance, staff compliance and full-range compliance, with zero tolerance in compliance risks.”

“In addition to the Risk Management Department, other departments should also coordinate closely in terms of risk control.”

“The Risk Management Department and other departments should coordinate closely in terms of risk control. In trust companies, risk management is usually in the charge of Risk Review Department, Legal and Compliance Department and Post-Investment Operation Management Department. However, FOTIC is different from many other companies in promoting innovation in risk control systems. We not only ask various operating departments to actively participate in risk control, but also strive to push the risk management forward,” said the FOTIC official.

In the process of promoting risk control, FOTIC has sorted nine risk points, namely credit risk, market risk, operation risk, liquidity risk, legal risk, cross-financial product risk, IT risk, reputation risk and social financial risk. In addition, FOTIC has developed a comprehensive risk management system before, during and after the event, thus establishing three lines of fortification for comprehensive risk management.

The Business Department functions as the first line of fortification because such a department is the first department to make contact with the customer and the market. Moreover, business department is most sensitive to the market and risks. As for FOTIC’s risk control system, it is the Business Department that formulates risk control standards, implements risk control measures and nips the risk in the bud, thereby forming the first line of defense of risk management.

Meanwhile, the Middle Office functions as the second line of fortification. Such a department should participate in due-diligence investigation and transaction structure design prior to an event, besides reviewing and controlling project risks, ensuring compliance and verifying relevant legal papers and documents.

Furthermore, the Audit Department functions as the third line of fortification. Such a department should be responsible for monitoring project operations, implementing risk control measures and executing contracts.

“Through three lines of fortification and inter-departmental coordination, FOTIC has achieved integrated operation, specialized division of labor, multilevel coordination and multi-dimensional prevention and control in terms of risk management.”

“A system without operational mechanism is just an empty visionary scheme.”

“We need a scientific management system and a perfect operational mechanism for completing risk control. A system without operational mechanism is just an empty visionary scheme. To ensure the implementation of risk control, we emphasize the system preference and achieve full-range and all-dimensional risk control relying on quality management and internal control mechanism,” a responsible person of the Risk Management Department of FOTIC expressed.

For major risks in the operation control and business process, FOTIC has developed a quality management and internal control system that is strategy-oriented and customer-centered, with the goals of “streamlining business” and “standardizing process”.

Specifically, FOTIC has established four levels of operational mechanism, including Management Guide at the first level, Rules and Regulations at the second level, Operation Specification at the third level, and Internal Control Specification at the fourth level. From awareness cultivation and implementation, the risk management is practiced in all departments, thereby forming the organizational structure and internal restraint mechanism with clear duties, rational division of labor and mutual restrain.

“Through the implementation of the management system at these four level, FOTIC can enhance the risk control quality management and internal control awareness, besides improving the system’s comprehensiveness and effectiveness.”

“We should cultivate staff’s risk awareness and risk control ability through continuous publicizing and implementation.”

In 2017, the trust industry saw profound changes in policies, such as unified regulatory framework and train of thought, classification rules for eight major businesses in the trust industry, trust registration system, and real estate control, thereby putting forward higher compliance requirements for trust companies to do business.

Meanwhile, CBRC organized 10 trust companies and 10 local banking regulatory bureaus to accept training. For the classification of eight major businesses, CBRC made regulatory deployment for pilot companies, including FOTIC. In view of the ever-changing external situation and increasingly strict government regulations, a responsible person of the Risk Management Department of FOTIC expressed, “To improve staff’s risk management ability, create customer-centered product capacity and lay a solid foundation for the construction of a corporate risk management system, FOTIC has recently carried out a series of trainings on risk management. Various training classes have been opened for FOTIC members, from the risk awareness training class for the new staff to the senior risk management training class for key staff and administrative staff of all departments. This move aims to strengthen staff’s ability of grasping the real risk and awareness of sticking to the bottom line. We should cultivate staff’s risk awareness and risk control ability through continuous publicizing and implementation.”

Risk management is systematic for any financing firm and cannot be done in one go. FOTIC puts top priority on risk management, covering risk awareness cultivation, risk control system innovation, mechanism guarantee and operation, and scheme implementation. All FOTIC members should work steadily to ensure pragmatic practice and operational compliance.