In September, the European Banking Authority (EBA) published its Final Report on its Guidelines (GL) on internal governance, updating those issued in September 2011 (GL 44), to further harmonize internal governance mechanisms and arrangements, promote transparent structures and reinforce the risk management framework of European Union institutions.

The Guidelines supplement several provisions made for governance contained in the Directive 2013/36/EU, article 74 of which mandated the EBA with making recommendations designed to help institutions build solid internal governance systems; clear organizational structures and well-defined lines of reporting; processes that make it possible to identify, manage, monitor and report risks to which they are, or may be, exposed; appropriate internal monitoring mechanisms; together with remuneration procedures, policies and practices adapted to each institution’s risk profile.

The main recommendations in these Guidelines are:

The board and its committees

The governing body will be in charge of supervision and accountable for the implementation of good governance practices that promote effective and prudent management of the entity. Its functions must be clearly defined, and for this reason a distinction will be made between its more interventionist job, as when it takes business decisions, and the supervisory role, when it monitors and reviews the institution’s strategy.

• Chair of the board

The Guidelines pay particular attention to the role of the administrative body’s Chair, although there are no major changes. (S)he holds primary responsibility for the effectiveness of its operations (setting the agenda for meetings, defining priority strategic matters, ensuring that information is received with sufficient notice, etc.) and of encouraging the efficient flow of information between its members so that well-informed decisions can be taken.

The guidelines recommend that the Chair be a non-executive director. Nevertheless, if executive functions are also held, the entity should have measures in place to mitigate any adverse impact, for example by appointing an independent member of the governing body, or by having more non-executive members than executive ones. Specifically, article 88.1 of the EU Directive states that the Chair of this body should not carry out the functions of Chief Executive Officer (CEO) at the same time, unless there is good reason and the relevant body has authorized it.

• Committees

The Guidelines establish that entities considered significant because of their size, internal organization and nature, scope and complexity of their activities*, should have a risk committee, an appointments committee and a remunerations committee, to support the governing body in its supervisory function; non-systemic institutions are not required to comply with this provision.

With respect to the composition of the different committees:

• They should be chaired by a non-executive member of the governing body and have at least three members, and the occasional rotation of chairs and members should be considered, taking into account their specific experience, knowledge and skills
• The risk and appointments committees should be made up of non-executive directors
• Applicable to all institutions, systemic or not, the risk committee may not be chaired by the Chair of the governing body or of any other committee

There is a new recommendation: that committees should not share members, which means that institutions will have to have enough governing-body members to enable them to make up the numbers of the committees with delegates from that body on an exclusive basis.

Organizational framework and structure

The management body’s accountability is broadened to guarantee an organizational and structural framework that is adapted to the organization; this framework should be publicly known and transparent, with well-defined, consistent and properly documented lines of reporting and assignation of roles.

Furthermore, it should know and understand the legal, organizational and operational structure –know your structure-, and ensure that it is aligned with strategy and risk appetite as defined. Institutions must avoid setting up complex, opaque structures; it is the management body that must ensure that appropriate measures have been adopted to, if applicable, avoid or mitigate the risks arising from activities carried out in such structures.

Risk culture and business conduct

• Risk culture

A great deal of attention is paid to risk culture, to ensure that decision taking is based on full understanding of the risks being faced and how these are managed. The Guidelines understand a solid risk culture as one in which, at least:

• The management body is directly responsible for setting and communicating the institution’s core values at all levels of the organization;
• Relevant staff are aware of and understand the entity’s values and its risk appetite and capacity, being accountable for their actions
• There is an environment of open communication, that encourages a broad range of views in the decision-making process
• Incentives align the risk-taking behavior with the institution’s risk profile

• Corporate values

The Guidelines state that the management body should develop, adopt and promote high ethical and professional standards in the institution, bearing in mind its specific needs and characteristics, to reduce the risks to which it may be exposed and that could impact on its profitability or sustainability. To do this, it will have put in place policies to promote these standards, which in any event must:

• Remind staff that all activities must be conducted in compliance with legislation and the company’s values
• Promote risk awareness through a strong risk culture
• Define acceptable and unacceptable behaviors
• Clarify that staff must conduct themselves with honesty and integrity
• Ensure that staff are aware of internal and external disciplinary measures

• Conflict of interest policy

The Guidelines cover the policy for managing conflicts of interest, indicating that institutions must have a policy to identify, manage and mitigate potential and actual conflicts of interest; the management body is responsible for establishing, approving and supervising its implementation and maintenance.

At institutional level, measures to manage or mitigate potential conflicts may consist of, among others: i) an appropriate segregation of duties; ii) information barriers, and iii) procedures for transactions between related parties.

Turning to the institution’s staff, these measures should bear in mind situations that might generate a conflict of interest, such as: i) economic interests, ii) personal or professional relationships, iii) political influence, iv) previous employment, etc.

The document expects institutions to have effective mechanisms in place for staff to report potential or actual breaches of regulatory or internal requirements, guaranteeing at all times the confidentiality both of the whistle-blower and of the natural person who is allegedly responsible for the breach. These mechanisms should i) be documented, ii) guarantee that the conflicts reported are assessed and escalated appropriately; iii) ensure appropriate record keeping.

Internal control

The Guidelines give ample space to the internal control policies, mechanisms and procedures that apply throughout the organization, which should be supervised and regularly updated by the governing body.

This body will also be in charge of ensuring that the internal control functions (risk management, internal audit and compliance) are separate from the business lines they monitor, that they have sufficient human and financial resources to operate effectively, and that they report directly to the governing body.

Proportionality and openness

The Guidelines specify that they should be applied with the principle of proportionality, that is, taking into account, the size, internal organization and nature and complexity of the institution’s activities, such that systemic institutions and larger groups should have more sophisticated governance systems.

Those companies so required by the competent authorities, pursuant to article 106.2 of the EU Directive, should publish an annual description of their legal, governance and organizational structure. This information should contain, at least:

• The institution’s internal organization and the group structure, including lines of reporting and responsibilities
• Any material change to this information since it was last published
• New legal, governance and organizational structures
• Responsibilities of the management body
• The structure, organization and members of the management body: number of members, classification, gender and duration of their term of service
• Support committee
• The policy on conflicts of interest
• The internal control system and the management of business continuity

Application

The Final Guidelines are designed for financial institutions and investment services firms and will come into effect on 30 June 2018, date on which the earlier ones (GL 44) will be repealed. These institutions will have to report to the European authority whether they comply with, or intend to comply with the Guidelines; if they are not compliant, they must explain the reasons for this.

On 10 November, the Council of Ministers passed the Data Protection Act, which replaces the current Organic Law 15/1999, 13 December, on personal data protection and adapts Spanish legislation to the provisions of EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data  (GDPR), which will enter into force on 25 May 2018.

In Progreso 12 we analyzed the main differences in the draft bill from the earlier personal data protection legislation. After completing the public hearings and consultation stage, the Bill has been published, keeping to a large extent the provisions in the previous draft, but including certain changes that are summarized here:

Processing based on the data subject’s consent

The enforcement of a contract may not be subject to the consent of the data subject for the processing of their personal data for purposes unrelated to the maintenance, development or control of the contractual relationship.

Rights of data subjects

With regard to the right of access, the taking on of risks and disproportionate costs on the part of the data subject is eliminated in those cases where a different means from that which was offered is chosen to exercise the right of access.

With respect to the right to portability, the restrictions on exercising this right are eliminated, under the terms of article 20 of the GDPR, with no further content added.

Specific types of processing

• Contact data of individual business people: processing the contact details of natural persons providing services to a legal person is still permitted, if certain requirements are met, but evidence to the contrary is admissible.
• The provisions on data processing manifestly put into the public domain by the data subject themselves, have been completely eliminated, inasmuch as this data is no longer protected by the presumption that their processing is permitted.
• Credit information systems: evidence to the contrary is equally admissible against the presumption of legitimacy of personal data processing relating to breaches of monetary, financial or lending obligations by shared credit information systems. Similarly, it is no longer necessary, as a prerequisite for the processing to be permissible, to warn the data subject that their data is being input into these systems
• Carrying out certain commercial transactions: in the same vein, in this case evidence to the contrary is admissible against the legitimacy of the data processing that might arise from any transaction that modifies the structure of companies or the contribution or transfer of the business or branch of business activity. In addition there is a further obligation upon the institution providing the data, to proceed immediately to erasing the same, should the transaction not be finalized, even though the obligation to block, provided for in the regulations, is not applicable.
• Video surveillance purposes: employers are required to inform their employees about the processing of their data obtained from video surveillance systems in the exercise of control functions. Nevertheless, in the event that the images captured reveal the flagrant commission of a criminal act, the absence of this communication will not render the images inadmissible as evidence.
• Systems for excluding advertising: preferences may be included, through which data subjects limit the reception of commercial communications from certain companies. The institutions in charge of the advertising exclusion systems must inform the Spanish Data Protection Agency (AEPD) that they have been created, explaining their overall or sector-specific nature and the way in which data subjects can join these systems.
• Statistics and public interest archive: data for public statistics purposes may only be collected with the express prior consent of the data subject. Thus, processing by public administrations of data for archives of public interest is considered legitimate.

Data protection officer

The circumstances in which certain institutions are required to appoint a data protection officer are specified: in the case of entities that are operating networks and providing electronic communication services, “when they process large volumes of personal data on a regular and systematic basis”; and in the case of providers of information society services, “when they compose service user profiles on a large scale”.

With regard to the requirements for demonstrating the data protection officer’s qualification, the text states that this may be effected through voluntary certification mechanisms. The duty of the controller or processor to provide the officer with the material and personal means to perform their duties appropriately has been eliminated.

International data transfers

For international data transfers to countries or organizations which are not considered to have suitable protection guarantees, prior authorization is required from the AEPD or regional authorities. A new stipulation in the draft law is that the authorization procedure may not take longer than 1 year.

Procedure in the event of a data protection regulatory breach

The AEPD may refuse to accept complaints in cases where the controller or processor, having previously informed the Agency, has adopted corrective measures to put an end to a potential breach of the data protection legislation, provided it has not caused injury to the data subject and that their rights remain fully guaranteed by application of the same.

Likewise, the maximum timespan for dealing with procedures and notifying the parties of the corresponding resolutions has been reduced from 18 to 9 months.

Serious offenses

Serious offenses include the failure to adopt the technology and organizational measures suitable for guaranteeing an appropriate level of security, and the breakdown of the same, once implemented, from a lack of due diligence.

On 16 September the General Ibero-American Secretariat (SEGIB) presented its report “Being an entrepreneur in Ibero-America” as part of the Project “Strengthening regional integration, entrepreneurship and local governments”.

The research was conducted by SEGIB with the support of the Development Bank of Latin America (CAF) and identifies the key players and support instruments in what it terms “the entrepreneurial eco-system”.

One of the most significant issues addressed in the report is the regulatory dimension of entrepreneurship. The legal framework for entrepreneurial activity differs across Ibero-American countries. So, there are countries with specific regulations, such as Spain, Mexico, Paraguay, Colombia, Dominican Republic and Puerto Rico. Others have programs designed to encourage entrepreneurial activity and, lastly, countries such as Chile and Mexico that have no specific regulations, although they have done work on encouraging entrepreneurship.

The report maps the instruments supporting entrepreneurship in Ibero-America, that are available for those who intend to create a company or expand it. These tools include not only activities of an economic nature such as a credit facilities, awards or tenders; there are others, such as training, support and advice.

The report closes with a range of opinions and interviews with thought leaders. These experts share their views about entrepreneurship and describe the challenges facing the region, giving an added value to the paper.

The Code of conduct for the money and fixed income market was published in Mexico in November, put together by the country’s financial institutions and authorities (State Secretariat for Finance & Public Lending, Bank of Mexico and the National Banking & Securities Commission) for transactions with government securities and those conducted in the money and fixed income market (the “Market”).

The Code, which is voluntary, is a set of guidelines aimed at making the market strong, equitable and transparent. It lays down a series of procedures and good practices to encourage the application of its six guiding principles:

Ethics. In order to achieve an ethical market, participants must abide by the principles of competence, integrity, honesty, responsibility and transparency. Thus, it recommends:

• Adopting measures aimed at ensuring honest dealings with other participants, avoiding sharp practice
• Behaving in an impartial and non-discriminatory way to clients
• Behaving with integrity, respecting the standards in the Code
• Setting policies for managing situations with the potential for conflicts of interest
• Demanding that staff behave honestly and professionally
• Striving to keep staff continually trained and up-skilled
• Establishing limits in terms of receiving and requesting gifts or benefits

Corporate Governance. It recommends having a solid, effective governance framework so that market activities and their attendant liabilities can be supervised. To this end it advises:

• Informing their governing bodies of the activity they are pursuing in the market and driving forward the creation of appropriate supervisory and control mechanisms
• Establishing pay scales in line with international standards
• Separating operating areas from areas involved in checking and settling transactions

Information exchange. Communication should be clear and precise, particularly in the case of confidential information. The following advice is given:

• Use precise, objective language
• Provide general information, with additional references
• Keep a record of all communication
• Avoid spreading confidential or private information

Executing transactions. In an effort to improve the market’s efficiency, stability and integrity at all times, the recommendations are:

• To inform the client of the function being performed when executing orders and transactions, making sure that risk-related issues are explained
• To function always in a professional, clear and transparent manner
• To have procedures in place monitoring the proper functioning of those operating systems enabled by new technologies
• To set prices and interest rates at comparable market rates
• To put mechanisms in place to record transactions

Confirmation and settlement. The Code defines processes that are effective in mitigating the risk involved in confirming and settling market transactions. In order to make these post-deal processes transparent, participants must:

•  Specify all the terms of the transaction when it is being agreed
•  Inform clearly of the risk associated with the transaction
•  Report any modification to or cancellation of the transaction
•  Set up policies to ensure transactions are properly confirmed and subsequently reviewed by a department that is independent of operations.

Managing risk and regulatory compliance. Participants must foster an environment of monitoring and regulatory compliance in order to identify risks associated with their market participation, so the following suggestions are made:

• Holding to a risk-identification strategy
• Ensuring separation and independence between the operating divisions, on the one hand, and risk management and regulatory compliance on the other, and also from processing, accounting and settlement of transactions
• Having contingency plans in place and a framework of regulatory compliance

The Council of Ministers has passed Royal Decree 19/2017 on basic payment accounts, payment account switching and comparability of fees. This regulation is a transposition* of the European Parliament and the Council’s Directive 2014/92/EU of 23 July 2014, on the comparability of fees related to payment accounts, payment account switching and access to payment accounts with basic features.

EU Directive 2014/92 has a triple purpose: in the first place to make access to banking services easier; secondly, to improve the transparency and comparability of fees set on payment accounts; and finally, to make it easier to switch payment accounts.

The explanatory introduction to the Royal Decree outlines its scope to include basic payment accounts, defined**as accounts opened in the name of one or several consumers that are used to execute payment transactions and that are set up as a standard financial product.

Basic payment accounts are in euros and the basic banking services they can handle are: use and closure of the account, paying in funds, cash withdrawal -both in the institution’s own branches and in ATMs located in the EU-, direct debits, using debit cards and making transfers.

The purpose of these financial products is to increase financial inclusion. For these effects, additional services do not have to be purchased; this right to access is recognized for EU residents, asylum seekers or those who, despite not having a residency permit, cannot be expelled. To enforce this right, credit institutions may only refuse access in the following circumstances: when the client does not provide the information required under the Anti-Money Laundering and Financing of Terrorism Act (AMLFT); when opening an account would breach national security or public order; or when the client already has an account that enables them to access the same services as those provided by payment accounts.

Furthermore, the regulation transposing the Directive ensures that payment accounts are switched*** efficiently and swiftly–including to other countries – in a maximum of 13 days – and sets a maximum of 24 hours for closing them unless the client has another financial product that necessitates a payment account to be maintained with the supplier.

Another area covered for the first time by the law is the regulation of the fees connected with payment accounts. These fees are freely agreed between institutions and clients, although the maximum amounts that payment service providers can charge will be set by the Ministry for the Economy, Industry & Competitiveness. In addition, the regulations make it possible to create more favorable conditions for clients in situations of vulnerability or at risk of financial exclusion.

Consistent with the purpose of regulating the transparency and comparability of fees charged to payment account clients, the Royal Decree establishes a series of information requirements. Payment service providers must provide their clients, in good time, with a document explaining the fees, as well as a list of all the fees they have incurred for the services linked to a payment account. With the same aim in mind, the Decree makes provision for a Bank of Spain website comparing the fees applied by payment service providers.

In terms of to whom the law will apply, the Royal Decree affects natural persons acting in a non-commercial, business or professional capacity, excluding those capacities. With respect to the service suppliers, the scope of application depends on the matter under regulation. In the case of comparability of payment account services and fees or switching payment accounts, the payment service suppliers are regulated, whereas in the provision of basic payment account services, the scope of application narrows down to credit institutions only.

Finally, the Royal Decree not only amends Act 16/2009, 13 September, on payment services, but removes the Instituto de Crédito Oficial (ICO) from the scope of the regulation’s application and provides for a transition period so that the Bank of Spain can develop the supporting legislation on fee comparability.

September saw the publication of Global Entrepreneurship Monitor’s (GEM) 2016/2017 report on women’s entrepreneurship, compiled by Babson College, Universidad del Desarrollo, Smith College, Korea Entrepreneurship Foundation (KEF), Universiti Tun Abdul Razak (UNIRAZAK) and Tecnológico de Monterrey.

The report indicates that Total Entrepreneurial Activity (TEA) among women has increased by 10% since 2015, narrowing the gender gap by 5%. So, in the last year, 163 million women started a business in one of 74 markets throughout the world, while 111 million women were already managing their own company.

According to the data in the report:

• There is an inverse relationship between entrepreneurship, income level and educational attainment: the higher the income level, the lower women’s rate of entrepreneurship. It is the same with educational attainment so, in most Latin American economies, less than a third of women entrepreneurs have secondary education or higher; the proportion is much lower in Guatemala and Brazil; where only 4% and 6%, respectively, have secondary education or higher.
• Latin America is the region with the lowest growth forecasts, and where the gender gap is widest, with estimated growth of women’s entrepreneurship at 17%, compared to an estimated 60% for men’s entrepreneurship.
• The ages with the greatest rate of entrepreneurship are between 25 and 34 years old, followed by the 35 to 44 age segment.
• There is a generalized reluctance to create jobs. Hiring estimates for the next 5 years are very low, representing a loss of opportunities and potential improvement in the work/life balance.

Finally, the report states that despite the upward trend in women’s entrepreneurship, there are still challenges ahead. Among them, the motivation factor, and business continuity. Currently, need prevails over opportunity when taking the decision to create a company and the survival rate of women’s businesses is lower than those of men.

As a conclusion to these results the GEM 2016/2017 report proposes that there should be specialized women’s entrepreneurship programs, that should include factors to encourage a good work/life balance, training programs and measures to enable access to capital and education.

The 2017 edition of its “Women in the Workplace” report, published by McKinsey & Company since 2015 in association with LeanIn.Org, gives organizations the information they need to promote women in leadership positions and promote gender equality, based on research it has conducted in 222 companies in North America.

The 2017 study not only points to the challenges facing women as a consequence of gender inequality, but also looks in depth at the challenges linked to ethnic and racial differences.

To promote equality, the study draws a route map that companies should follow, with a series of initiatives linked to training in diversity and the work-life balance.

Finally, it concludes that it will become increasingly important in the future for workplaces to become inclusive, which will give them a clear competitive advantage over other companies.

For more than 10 years, PwC has been carrying out surveys analyzing the perspectives of company board directors in the United States. On this occasion, 886 directors in over a dozen industries have been interviewed, 75% of whom represent businesses with annual revenues of over US1 billion.

The purpose of the research is to examine those areas in which both company directors and investors are aligned and work together, as well as those others in which these parties’ key objectives are not aligned.

The document highlights in its results that 55% of the company directors interviewed recognized that their boards lacked gender diversity.

It also flags up the difference of opinion between those board directors who have served for less than five years, who acknowledge that gender diversity is an issue that takes hold slowly, and those who have served for over ten years, who believe that the change is happening swiftly.

Along these lines, the research reveals some insights into fields in which Boards should be working harder to achieve consensus among their members, principally regarding decision taking and gender diversity.

Pilar López Álvarez

Pilar López Álvarez has been the President of Microsoft Spain since July 2015. She has a degree in Business Administration, majoring in Finance, from ICADE, and has spent most of her professional career in Telefónica, which she joined in 1999. Prior to that, she held management posts in J.P. Morgan in Madrid, London and New York.

During her time in Telefónica, she worked in finance and business strategy departments in Europe and Latin America, as Financial Controller in Telefónica Móviles, Strategy Director in Telefónica Spain, Chief Financial Officer of O2 in London and Chief Financial Officer of Telefónica Europe in Madrid.

She is currently a non-executive director of Ferguson Plc. During her time in Telefónica, she was a board member of Telefónica Czech Republic AS, Deputy Chair of the board at Telefónica Deutschland Holding AG, and a board member of Tuenti Technologies.

1. What, in your view, are the main steps a company should take to achieve a successful digital transition? Are there any sectors that are not dependent, to a lesser or greater degree, on the digital economy?

Companies are organizing how they implement digital transformation projects around four centers of gravity: transforming relationships with their customers; tapping into their employees’ talent; optimizing their operations and, finally, generating new products and digital services. This is a transformation process that affects all functions in an organization (marketing, finance, operations, sales…) but it is only possible thanks to the use of innovative technologies such as cloud computing and the increasing use of artificial intelligence.

2.  How is technology the driver for financial and social development in emerging economies?

We are on the brink of another technology revolution that is likely to transform the way in which we live, work, communicate with one another and learn, at a rate and on a scale that is without precedent in the history of humankind. This is clearly not the first time that disruptive technology innovation has been the catalyst for profound changes in how people live and work. Before reaching this Fourth Revolution, humankind has gone through three major industrial ones. In the first, between 1750 and 1850, world GDP per capita rose fourfold. Later, the discovery of electricity and assembly-line production led per capita GDP to triple in just under one hundred years. And of course, in the third industrial revolution, based on the microprocessor and internet, we have seen a period of accelerated economic growth and a far-reaching transformation of people’s productivity, creativity and connectivity. In Microsoft we believe that the driver of the fourth industrial revolution is the development of artificial intelligence. And we believe that this Fourth Revolution will bring about a new phase of prosperity that will have a positive impact on society as a whole.

3. How can technology help to reduce financial exclusion and correct economic and social imbalances?

There are two billion people in the world who cannot take an active part in the global economy because they cannot access basic financial services, such as opening a bank account and getting an affordable loan to set up a new business, for example.  With technology we can change this situation; anyone with a mobile phone can open an account and make financial transactions securely. What is more, the capacity to store and interpret massive volumes of data is opening the door to new ways of determining the capacity to pay of people who have been living outside the traditional financial system. Data and information on how and when each person pays their bills can be used to generate a credit rating that enables people with no banking history to apply for loans. These are just two examples of how technology can help reduce financial exclusion.

4. Digital literacy can play a fundamental role in encouraging social and economic inclusion, and in opening up opportunities. What measures do you think are particularly important to make digital literacy a core part of education at all levels?

In the 21st century inclusion must necessarily entail the elimination of the technology gap between those who have access to technology and the possibilities of internet, and those who are unable to join the Knowledge Society. To reduce this gap, it is important to set up public-private initiatives that promote training in digital skills, as well as the supply of richer, personalized, training environments. It is also important to educate good digital citizens and to develop a sense of responsibility about taking ethical decisions online. At Microsoft we develop training programs throughout the world to make it easier for people to acquire digital skills.

5. Limited access to internet is a barrier to development in emerging countries.  What would be the perfect partnership between governments and private enterprise for widening the net to areas in the shadows?

The availability of online services in remote communities can be decisive in expanding quality and accessibility of education, training and civic participation, as well as in driving entrepreneurship. Proof of technology’s disruptive ability is that 10% of people with mobile phones in Africa use them to access educational services. An example of how public-private partnership can have a positive impact on society is a joint program between Microsoft and the government of Colombia to bring internet connectivity to rural parts of the countries with connective technologies that make use of gaps in the television broadcasting spectrum.

6. In just a few words, what does Microsoft’s commitment to create a reliable, responsible and inclusive cloud consist of?

At Microsoft we are essentially optimistic about the future. What is needed is a balanced set of policies and technology solutions that foster a positive change and ensure that the benefits of cloud computing are widely shared. We believe that to achieve this change, we must work together to create a cloud that is reliable, responsible and inclusive.

7. The transformation potential of cloud-based technologies is particularly important in the financial industry. What advantages do using cloud services have for financial institutions?

Technology is utterly transforming the financial industry. The only thing that is changing more quickly than banking are the expectations of its clients, who want swift, seamless, immersive digital experiences that satisfy and even anticipate their needs. Clients expect their banks to become intelligent banks. All institutions are working to improve their clients’ experience and to bring them digital channels that give them better interaction. They are also working to provide access to mobile financial services, as well as in applying artificial intelligence technologies that provide value-added information so that entities can take business decisions.

8. Regulations on data security and privacy are national, which can give rise to a lack of coordination and contradictions for services such as cloud computing, which are supranational. What should the regulatory framework defining public powers look like if it is to materialize the benefits of the cloud and manage the challenges it presents?

It is a question of finding a suitable balance between conflicting interests, that is: public safety and the right to privacy; how to acknowledge national sovereignty without restricting the effective flow of information across borders; and how to give innovators the freedom to create while at the same time ensuring that the benefits of the change are shared widely and fairly.   We need to define a regulatory framework that respects fundamental rights and values, protects public safety, encourages innovation and the free exchange of ideas, and is also compatible with universal access technology.

9. One of Microsoft’s initiatives in Spain is #MakeWhatsNext, that aims to support young people interested in science and technology to develop their professional careers. Why is it, do you think, that women are under-represented in the technology sector? How do you feel their presence could be increased?

A study conducted by Microsoft among European adolescents reveals that, when they are eleven years old, girls’ interest in science and technology is comparable to boys’, but that this interest falls away significantly from 15 years old onwards. We can’t wait until the final stages of their education to awaken girls’ interest in science and technology; we need to act at primary and secondary school ages too. We are working with other technology companies, with associations and non-profit organizations, professional women’s networks and, naturally, with teachers and professors and educational centers themselves, to show girls that a STEM degree can be creative, interesting and exciting. We still need to create awareness about successful scientific women and broadcast their achievements, as well as working in the classroom and the home environment to present girls with role models.

10. The number of women in senior management roles is no longer rising. What do you think would be the most effective measures in driving women’s professional careers? Which would be orchestrated through public policies and which through the private sector?

We live in a diverse world, and this should also be reflected in the workplace. Although it is true that in Spain women account for only 18% of the professionals in technology, Microsoft is well above average in this indicator, with 37% of the company’s staff being women. On the board of directors, this percentage rises to 42%. I am proud to have a diverse team, in which women and men can develop to their full potential. Microsoft supports the inclusion of the best talent and diversity, as a way of improving our understanding of clients and society as a whole. What differentiates Microsoft is that we work with a triple perspective, in diversity terms: in our recruitment, in our flexible working environment and in our professional development.

11. What initiatives is Microsoft running to support non-profit institutions and training in high school and college for children and young people?

Microsoft’s Corporate Responsibility program focuses on two main areas. The first has to do with training in technology and programming. We believe that it is fundamental for children and young people to be able to access training in digital skills and programming, because learning programming techniques helps their cognitive development and their ability to organize their ideas. We work with a large number of educational institutions on training activities, using games like Minecraft, which enables us to introduce children from a very young age to the task of programming in a simple, entertaining way. The second area provides non-profit institutions with the technology capacities that enable them to be more effective and increase their impact. Worldwide we donate over USD 1 billion in cloud-services to NGOs and foundations so that they have the latest technology to support their work.

12. The BBVAMF promotes good corporate governance as an essential factor in its institutions’ sustainability. What would you highlight about Microsoft’s governance model system?

The key differential of our commitment to good corporate governance is that this principle should spring from and be shared by everyone who makes up Microsoft. It is not a matter of regulations established by senior management and good governance committees. In our case, it represents a fundamental, and shared, part of our culture as an organization that defines our behavior internally, as well as our relationships with clients, partners and all our other stakeholders.

13. Tell us something about the corporate values that set Microsoft apart.

The most important part of our culture is what we call Growth Mindset. The conviction that everyone can grow, develop and change their way of thinking. This entails making a commitment to learning and a permanently curious state of mind, as well as the capacity to take on risk and learn from one’s mistakes. And, of course, a commitment on the part of the organization’s leaders to help their teams develop their full potential. To the extent that, as part of our cultural transformation, we have adapted our assessment systems to measure not only individual performance, but also each employee’s contribution to others’ success, and their capacity to build on contributions made by other members of their team.

The Mexican Fintech draft decree addresses the regulation of financial services provided by financial technology institutions and those financial services subject to special regulation that are marketed by or carried out by “innovative” means. The regulation includes several temporary provisions adding to, amending and repealing certain articles in laws affected by the new regulation. These include: the Credit Institutions Law, the Securities Market Law, the General Law on Credit Organizations and Ancillary Activities, the Law for the Transparency and Ordering of Financial Services, the Law regulating Credit Information Companies, the Law for the Protection and Defense of Financial Services Users, the Law regulating Financial Groups, the National Banking Commission Law and the Federal Law for the Prevention and Identification of Transactions involving illegally-sourced funds.

The draft decree refers in the first place to the principles underpinning the regulation, among them financial inclusion and innovation, encouraging competition, consumer protection, conservation of financial stability and the prevention of illegal transactions.

The most important figures and definitions developed throughout the document are these:

• Virtual assets. The so-called crypto-currencies. They represent the value of a transaction recorded electronically and are determined by the Bank of Mexico. They can be used as a form of payment for all sorts of legal acts and may only be transferred electronically. The regulation makes clear that they do not represent legal tender and are not underwritten either by the Federal Government or by the Bank of Mexico.

• Fintech institutions (FTI). These are legal persons requiring the relevant authorization from the National Banking & Securities Commission (CNBV) to operate in the market and whose representing securities are freely subscribed. FTIs will have to adopt measures to prevent the dissemination of false or misleading information, provide their clients with information that enables them to identify transactional risks, as well as publicizing widely the fact that they are authorized, regulated and supervised by the relevant Financial Authorities.

The law distinguishes between two types of Financial Technology Institution: Crowdfunding platforms and electronic fund payment entities.

Crowdfunding entities connect people so that between them they get financing through collective financing transactions, or crowdfunding. These transactions can be carried out in the local currency, foreign currency or through virtual assets, which have three forms: debt, capital and co-ownership or royalties.

Crowdfunding entities must publish the investment applications they receive, together with the projects of those applying for funds, and provide investors with information about these projects. They will have to report on the criteria for selecting applicants and projects to receive funding, disclose the risk associated with the project to be funded, and are required to obtain confirmation, in electronic format, from potential investors that they are aware of these risks.

These FTIs can act as their clients’ trustees or commission agents and will be liable for the damages suffered by clients in the event they not meet their legal obligations.

Electronic funds payment institutions, as with crowdfunding platforms, must be authorized by the CNBV to issue, administer and transfer payments of funds using any electronic or digital media. The regulation states they are to be booked in an electronic record of transactional accounts with a monetary value equivalent to a specific sum of money in local or foreign currency, or to a particular number of units of a virtual asset determined by the Bank of Mexico corresponding to a debenture charged to the issuer.

These FTIs are responsible for opening and managing clients’ electronic fund payment accounts -transferring local and foreign currency or virtual assets- and for putting third parties in contact to facilitate the purchase or sale of these kinds of assets.

• Innovative model. The draft decree defines the “innovative model” as one that uses technology instruments or methods that are different from others on the market at the time of being granted the temporary authorization to provide financial services. The law uses this “innovative model” figure to create provisions for companies that do not fit in either the virtual currency or crowdfunding models to develop in the future.

In addition, the draft decree regulates matters relating to obtaining, suspending and limiting the authorizations given by the CNBV. It allows FTIs to form trade associations and permits the creation of the Financial Innovation Group, as a forum for consultation, advice and coordination. The draft decree also specifies penalties for non-compliance with its stipulations or deriving from the regulations.

KPMG has published the 10th edition of its Survey of Corporate Responsibility Reporting. This report is the most extensive since these reports were first compiled, and analyzes the annual financial statements and corporate responsibility reports of 4,900 companies in 49 countries around the world*.

The research starts by analyzing** what it views as the global trends in corporate responsibility reporting, areas that enable it to provide an overview of the state of affairs today, of which we would highlight the following:

The corporate responsibility report is now standard practice for large firms around the world. 75% of the large firms around the world included in our N100 sample report their corporate responsibility policies, a 63% increase over the first edition of the KPMG report, back in 1993. Of the companies included in our G250 sample, the reporting ratio reaches 93%.

Most major companies integrate financial and non-financial data in their annual financial reports, suggesting that they believe that corporate responsibility information is important for investors; looked at by sector, for the first time since the beginning of the nineties, every sector has a corporate responsibility reporting rate of 60% or more.

“Integrated Reporting”, embedding data integration to give a 360º perspective of companies, has taken off in countries such as Japan, Brazil, Mexico and Spain; the separate corporate responsibility report is generally found in Latin America.

What is more, assurance of corporate responsibility data, understood as the reliability, accuracy and credibility of the information supplied in this type of report, has doubled over the last 12 years, up by 37% to reach 67%.

However, the non-financial information model in Europe has still not been standardized, although this situation is expected to change once the Royal Decree transposing EU Directive 2014/95/UE on reporting non-financial and diversity information comes into force.

The final global trend is the existence of 9 countries that have corporate responsibility reporting ratios of over 90%. In other words, 90 of the 100 biggest companies in each of these countries provide information about the impact of their activity on society and the environment. These countries include the United Kingdom, France, Denmark, USA and Mexico.

In addition, the survey focuses on four issues it classifies as emerging trends in the contents of corporate responsibility reports:

28% of the world’s major companies already acknowledge the financial risk associated with climate change in their annual financial reports; of these, 76% provide an impact statement. The countries that report most on these issues are: Taiwan, France, South Africa, USA and Canada. Finally, by sector, healthcare and transport & leisure are the least likely to acknowledge these issues, whereas the chemicals and forestry & paper industries top the list in terms of acknowledging them.

39% of the companies analyzed link their corporate responsibility activity to the SDGs, an encouraging finding that shows the importance and resonance that the 17 global goals set by the United Nations in 2015 have for these companies. The top countries for connecting their corporate responsibility activity with the SDGs include France, Sweden, Italy, Spain, Colombia and Mexico, among others.

73% of companies acknowledge human rights as a corporate responsibility issue that their company needs to tackle. This figure goes up to 90% in the G250 sample.

67% of the 250 most important companies in the world disclose their targets for cutting carbon emissions, although nearly 70% of these do not relate their own targets with the climate goals set by governments, regional authorities or the UN.

The data published in the report shows a consolidation of the trend by companies of reporting on their CSR activity and resources. This is an outcome of the awareness, created by the regulations, that is nudging companies and organizations into defining their corporate strategy.

Laura Fernández

Draft Organic Act for Women’s Social, Political and Economic Development

The World Bank recently held its 2017 Law, Justice and Development Week in Washington, a forum for global experts to debate how the legal framework can contribute (or not) to development. On this occasion, the first three days were spent entirely on gender discriminatory laws. Something particularly urgent, if we recall that 70 years ago the United Nations created the Convention for the Elimination of All Forms of Discrimination against Women (CEDAW) in which all the signatory states made a commitment to work towards women’s full development, guaranteeing their human rights and eliminating all discrimination against them in politics and public life. However, legal inequality by reason of gender still exists in 90% of countries.

In 155 countries there is at least one law that bars women from the same economic opportunities as men. The figures come from the World Bank report Women, Business and the Law 2016, which also points out that in 100 countries women face restrictions to work and that in 46 there are no laws against domestic violence. Some of the 21 legal differences between men and women scrutinized in this report are: the ability to get a job without the husband’s permission, to sign contracts or register a company, to take on the role of “head of the household”, or to open a bank account, etc.

All this gender-based legal discrimination restricts women’s opportunities to choose and take decisions about what is in their own best interests and that of their families and this has major economic consequences. These inequalities limit women’s participation in the workplace and result in lower economic growth. The World Bank’s report Gender Equality and Development estimates that eliminating employment barriers to women in certain industries and occupations would increase labor productivity by up to 25%. Existing gender gaps in women’s entrepreneurship and employment currently accounts for estimated revenue losses of 14% in Latin America and of 10% in Europe.

In other words, fighting for equality under law between men and women is not just a question of human rights, but also an economic issue and one of human development. Where there is no legal discrimination it also means that there are more girls at secondary school (which has an impact on their likely income in the future); that there are more women in employment and in senior management positions and a lower gender-based wage gap (currently 24% worldwide). Similarly, in those countries with laws protecting the victims of gender violence, women have a higher life expectancy.

While it is true that the 30 countries with 10 or more legal differences between men and women are in the Middle East and Africa, in Latin America some gender differences under law persist. Social and cultural usage are often transferred to legal frameworks in the shape of unconscious bias and mean that, in many countries in the region, the law does not prevent discrimination in hiring, selection and promotion processes, nor does it prohibit wage discrimination between men and women. Furthermore, some laws do not allow Latin American women to carry out jobs classified as “arduous, dangerous or morally inappropriate” (eg. in mining, those in which toxic products are used or heavy materials are carried). In other cases, laws require married women to ask their husbands’ permission to work, women cannot be head of the household (nor administer marital assets) nor transfer their nationality to their children.

All these stumbling blocks contribute to reinforcing gender stereotypes and to limiting women’s economic empowerment, making it impossible for them to access loans, have the necessary assets to become entrepreneurs or to take decisions about how and on what the household budget is spent. Family law frequently reinforces women’s roles and prevents them from having the same opportunities as their husbands. The World Bank shows that there is a direct correlation between how finances are managed within the marriage and financial inclusion (in those countries with legislation under which the man is the “sole administrator”, only 18% of women have a bank account, whereas in those where this management is shared, the percentage rises to 57%). When women have greater financial independence, their negotiating power at home rises and more is spent on the family’s welfare.

Nevertheless, between 2014 and 2016, there has also been progress in the region. In fact, of the 18 countries that do not have gender-based legal discrimination, 4 are Latin American: Dominican Republic, Mexico, Peru and Puerto Rico. 16 Latin American countries have passed reforms on this issue in the same period.

We will probably be able to add Ecuador to this list very soon. In October the country passed the Draft Organic Act for Women’s Social, Political and Economic Development. Among the reasons given for this law is that of achieving real equality under law, both political and economic and social. These reforms will undoubtedly contribute to improving the situation described in the World Economic Forum’s latest Global Gender Gap Report, which concludes that Ecuador has lost ground and has a wider gender gap for two main reasons: political and economic participation.

With regard to women’s political participation, in the last 20 years, in Ecuador both the Constitution and other electoral laws have addressed the issue of equal opportunities between men and women, setting a minimum quota for participation in public office at 20% in 1997, which later rose to 35% and then with 5% increments at each election until reaching parity. However, these quotas have not materialized. In the 2013 general elections, women’s participation was just 38% and 26% in the regional elections. The number of women candidates for senior posts comes to only 42%. In Ecuador 27.8% [1] of women take part in ministers’ cabinets; it is in 7th place in this ranking after Nicaragua, Granada, Chile, Costa Rica, Colombia, Bolivia and Haiti. As such there is still a gap in women’s participation in politics, especially in regional and municipal administrations. So, the National Assembly has decided to amend the Organic Law on Elections and Political Organizations to eliminate discrimination against women in politics: internal democratic processes will be led by women, will include 50% of female candidates in the regional and local election processes, one man and one woman will be on each joint Presidential and Vice-Presidential ticket and a proportion of political organizations’ budget will be used for gender training.

One of the greatest obstacles to women’s economic participation in Ecuador is the lack of an environment that guarantees full autonomy and independence. Firstly, there are significant gaps in access to the job market. In Ecuador, only 45.4% [2] of Ecuadorian women have appropriate formal employment (a job that guarantees minimum wage conditions and in which they work a full 40 hours a week). Although this percentage changes if we study urban women living in poverty (37%). One of the greatest limitations facing Ecuadorian women in the job market is the time they spend on unpaid work: 40 hours a week (4 times more than the time spent by men). This means that many can only spend an average of 20.7 hours a week on paid work (half the time men devote to paid work) [3]. Stereotyping, together with the division of traditional roles, are factors that without doubt impact on these statistics as well as the type of activities and professions that women pursue (mainly trade, agriculture, food services, teaching and health).

Meanwhile, 27% of women in Ecuador are heads of household, which means that they are more vulnerable and are more likely to be in a situation of poverty (for every 100 men living in poor households, there are 117 women in a similar situation) [4]. Furthermore, 35% of women living in urban environments and 37% of women in rural ones do not have incomes of their own.

Ecuadorian women also suffer from lower financial inclusion (only 40.8% [5] have a bank account). In fact, the proportion of women who get micro-loans is lower than that of men (26%, against 74% of men). The opportunity of access to economic resources with which to finance their enterprises is critical for 48% of the businesses owned by a woman [6].

As a response to the situation which millions of women in Ecuador have to deal with, the National Assembly has drafted the following reforms in its Bill:

1. Reform of the Organic Financial Monetary Code so that it includes “gender equity” in its core values and promotes access to loans for “women, female heads of household and those involved in caring for others” in its purpose. These are also identified as priority categories in its role of generating incentives for institutions in the financial system to create products designed to promote and facilitate economic inclusion, in the affirmative-action measures promoting economic inclusion among groups with priority needs, in cutting the requirements to access productive loans and micro-loans in the national financial system, and in the loan guarantee system. These measures are designed to underpin the credit and guarantee obligations of people who are not in a position to execute projects with the national financial system or tender for contracts as State suppliers. Finally, legal amendments have been passed so that all institutions in the financial sector have gender indicators for the loans they have originated and so that they operate in a sustainable and equitable manner, one that encourages the economic inclusion of “first-time entrepreneurs, women, female heads of household, women involved in caring for third parties, and single mothers”.
2. Reform of the Organic Law of the National Public-sector Hiring System, adding to its core values that of gender equality, understood as public-sector hiring using margins of preference in activities that have traditionally have not taken on women, in order to break with the perpetuation of stereotypical roles.
3. Reform of the Code of Employment, setting a floor of 15% of the total amount of productive loans and micro-credits to be granted to women, above all female heads of households and those involved in looking after third parties, in the first year after the law comes into force.
4. Reform of the Law against Violence against Women in order to encourage co-financing of productive enterprises, training in financial literacy and productive entrepreneurship for women in all State-run shelters and centers for women, setting up productive enterprise programs and preference when bidding in tenders based on merit and examinations to enter public service.

Having laws that do not discriminate against women is a first step, and a key one, towards a better rule of law, greater gender equality and more economic empowerment for women. But it is not enough on its own. The real challenge is to make sure that written laws are properly implemented and that adequate budget commitments are made so that they can be enforced.

The World Economic Forum estimates that it will take 217 years before economic gaps by gender are closed [7]. Action on all fronts is needed urgently, on the part of all the stakeholders (governments, companies and civil society). A first step is eliminating any legal discrimination that does not enshrine equality between men and women. This is in fact the first target of Strategic Development Goal 5: to eliminate all discrimination against women and girls. The time is now. We cannot wait.

This Corporate Governance code, applicable to listed German companies, replaces the earlier text, dating from May 2015. This new version emphasizes the increasing importance of institutional investors for companies and introduces certain nuances affecting management and supervisory boards, transparency and financial information.

The code is governed by the “comply or explain” principle, such that companies must publish an annual report on compliance with their recommendations or else explain the reasons for non-compliance with these.

Management Board

• Responsibilities

The Management Board is responsible for developing company strategy in conjunction with the supervisory board, and of ensuring it is actioned. It is also in charge of verifying that the institution complies with legal provisions and corporate policies; it must act at all times in the best interests of its shareholders, employees and other stakeholders, with the goal of creating value that is sustainable over time.

A new feature of the code is the duty upon this body of determining appropriate measures for identifying the company’s risk policy, and of setting up a whistleblowing mechanism for employees.

• Composition

As with the 2015 code, the new text does not set a specific number of management board members, but it does establish that there must be an appropriate allocation of responsibilities between all the individuals, and a clear specification as to which issues require an enhanced majority to pass a resolution.

• Remuneration

The total remuneration, including fixed and variable components, received by members of the management board will be defined by the supervisory board, and reviewed regularly by them.

The new code adds that, since the components of the variable remuneration package tend to be measured over several years and to be of an intrinsically prospective nature, both positive and negative scenarios should be considered when determining them. Even so, under no circumstances will early disbursements be allowed in the case of variable remuneration spread over several years.

Supervisory Board

• Responsibilities

The supervisory board makes recommendations to and regularly supervises the management board, and must be involved in all important decisions affecting the institution.

Its responsibilities include appointing the members of the Management Board, ensuring there is an appropriate gender balance in the posts. Together with the Management Board, it is in charge of ensuring the succession of the members of that Board. In addition, it is empowered to set an age limit for serving as a member of the management board.

There is a specific reference to the chair of the supervisory board, who must be available to discuss such issues as the investors wish, and should act as the direct contact with the members of the board when discussing matters relating to strategy, business expansion or the company’s risk management.

• Composition

The Shareholders Meeting will have the power to appoint members of the supervisory board, once it has received a proposal from this board with the profile of the skills and experience required to ensure the efficient discharge of duties. Insofar as it is possible, the Supervisory board must do everything in its power to have a suitable number of independent members, while taking into account the company’s ownership structure.

The Shareholders’ Meeting’s proposal for new members of the supervisory board must be backed up by information about their career history, skills and experience, all of which will be posted on the company website and updated once a year.

As to restrictions, the code establishes that two former board members, at most, may occupy seats on the supervisory board when at least two years have passed since their appointment, unless they have been chosen by shareholders with more than 25% of the company’s voting rights.

• Remuneration

Supervisory board members’ remuneration will be approved by the Shareholders’ Meeting and must be commensurate with their roles and the company’s situation. Information about each board member’s remuneration must be posted separately for each person, broken down by component.

• Support committees

To support their functions, the supervisory board may set up committees made up of members with the necessary experience. These committees will report regularly to the supervisory board through their President. Among others, it must set up an audit committee that monitors audit procedures, together with internal control, risk management and compliance systems.

The new code explicitly reinforces the work of this committee, which will be responsible for recommending to the supervisory board which company auditor to appoint, as well as for assessing the latter’s impartiality and other issues such as service provision, areas to be audited and fees agreed. The code makes an additional provision that the President of this committee must not be the same as the President of the supervisory board.

An appointments committee must also be set up, composed exclusively of shareholder representatives, in charge of recommending candidates to occupy supervisory board member posts.

Conflicts of interest

The document pays special attention to conflicts of interest, with the members of both boards being required to act in the company’s best interests rather than their own.

In the event of a conflict of interest, the members of the management board must inform the remaining members and the supervisory board. In fact, significant transactions carried out between the company and those with links to the governing body must be approved by the supervisory board.   

The supervisory board will also report to the remaining board members in the event of a conflict of interest, and will include this event specifically, and the manner in which it has been dealt with, in its report to the Shareholders’ Meeting. Furthermore, any agreements or job contracts between a member of the supervisory board and the company must be approved by the latter.

Transparency and financial information

The code defends transparency as a fundamental tool for consolidating trust with domestic and international investors, clients, employees and other stakeholders. For example, it alludes to companies’ duty to post a calendar on their website giving prior notice of the forthcoming publication dates of annual reports, financial information, Shareholders’ Meetings, press conferences, etc.

Turning to financial information, the code states that these interest groups should be kept informed by means of the group’s consolidated financial statements, management report and interim reports, all of which should be put together by the management board, but audited and reviewed by the supervisory board.

The group’s consolidated financial statements and management report must be made available to the public 90 days before the end of the period, and the interim financial statements 45 days before the reporting period comes to an end.

Finally, for those companies not required to publish interim reports, the code states that even so, they should keep their shareholders informed throughout the year of any significant changes occurring in the firm.

The 3rd International Forum for Financial Inclusion in September was the occasion of the publication of the National Financial Education Strategy (ENEF), a key plank of Mexico’s National Financial Inclusion Policy (PNIF).

The ENEF maintains that financial inclusion and financial inclusion are closely linked. In consequence, efforts in these two areas should be coordinated to work towards the sensible use of financial goods and services that will ultimately have a positive impact on people’s overall welfare.

The document explains the essentials for achieving an effective financial education strategy. The first step is to make a preliminary diagnosis of the current situation of financial education, considering the obstacles people face; based on this, the right policies, together with milestones and regular assessments, can be worked out.

The diagnosis outlined by the ENEF concludes that the main barrier is the financial education of children and young people, followed by the existence of a yawning gender gap when it comes to the understanding of complex financial ideas.

This public policy goes on to establish the institutional agreements needed to implement the education strategy as a basic driver for achieving effective financial education.

It sets out 6 lines of action that the various institutions must work on in a collaborative manner:

• To encourage the development of financial competences from an early age in obligatory schooling
• To develop financial education programs that cater for every population segment, as well as companies
• To foster a culture of using financial products that is also mindful of consumer rights
• To use new channels for spreading basic financial literacy concepts.
• To make full use of technology innovations in the financial sector
• To carry out assessments to improve financial education policies based on the outcomes obtained from impact measuring.

The Financial Education Board, the CEF, will work with the Monitoring, Development & Research Group, the GSDI, in supervising the appropriate rollout of the action plans set out in the ENEF. The Group will manage the assessment and analysis processes of the programs created to act on the strategy and will monitor the progress made towards the targets set.

Finally, the policy document defines the goals and indicators to assess the national strategy. At the end of the document there is a framework for assessment and measuring: each line of action has certain indicators and a timeline so that, once the program has come to an end, the CEF and the CONAIF measuring team can conduct a global assessment of the results of the strategy.

On 6 October 2017, the Ministry for Justice & Human Rights passed the regulations supporting Act 27693, the law creating the Financial Intelligence Unit (UIF-Peru). This brings professional football clubs and the Public Procurement Agency “Perú Compras” under the jurisdiction of the Anti-Money Laundering & Financing of Terrorism scheme; it also requires notaries to report any transaction they find to be suspicious to the UIF.

The provisions in the regulations set out the UIF’s powers and responsibilities, as well as the obligation of the entities bound by them, whether they be public-sector bodies, legal or natural persons, to deal in a timely manner with the information requests made by the UIF. The regulation also makes provisions for reaching cooperation agreements with the SBS (Peru’s Banking & Insurance Authority) to establish conditions and procedures for delivering the information required.

The regulation empowers the UIF to request access to private banking and taxation data through the corresponding criminal court judge; if the court so authorizes, financial institutions and/or the tax authorities must make the information available immediately.

The UIF can also freeze funds and put blocks on other types of assets nationwide as a preventative measure, forbidding the withdrawal, transfer, use, conversion, provisioning or movement of funds or other assets that are suspected of having links to AML/FT. In accordance with clause 11, article 3 of Act 27693, this measure will be employed when the circumstances require urgent action or when a delay would be dangerous, and provided that the scope and nature of the investigation warrant it.

Those entities falling within the scope of these regulations are responsible for implementing an anti-money laundering and financing of terrorism scheme and for encouraging an internal culture that fosters its development. In the specific case of legal persons, this obligation will fall on the Board of Directors and on senior management or the relevant management officers when the institution’s articles of incorporation do not require it to have a Board.

The preventative mechanism entails making the Compliance Officer (CO) – to be appointed by the regulated subjects – responsible for supervising its appropriate implementation and operation. This officer must act as the liaison between the regulated subject and the UIF. If the regulated subject is supervised by the SBS or the SMV (the Securities Market Authority), the Compliance Officer should have management status within the entity.

The regulation develops the requirements and responsibilities of the Compliance Officer, as well as the possibility of appointing a corporate compliance officer when an economic group is involved, provided the UIF authorizes this, and provided that authorization by the heads of the supervisory bodies of the economic group’s other members is given, where this is applicable.

The regulated subjects must keep a record of transactions, which should be stored for between five (5) and ten (10) years, counting from the transaction date, depending on the nature of the regulated subject. A spare copy must be kept that should be made available to the UIF, to the supervisory body, to the courts and any other competent authorities.

In the case of transactions viewed as suspicious, these must be reported to the UIF by the regulated subjects via the Compliance Officer. This reporting must take place no later than twenty-four (24) hours after the transaction has been classified as suspicious.

The regulation establishes the obligation on the part of regulated subjects to have: (i) an AML/FT prevention and risk management manual, which sets out the policies, mechanisms and procedures for ML/FT prevention and detection, and (ii) a Code of Conduct describing the guiding principles, values and policies that must be applied when dealing with ML/FT risk exposure, as well as measures to ensure the duty of general confidentiality around the information accessed about the system for AML/FT prevention. All administrative and operations staff, employees, the compliance officer and members of the board must be made aware of these documents, and there must be a written record that they know about them.

Apropos of the agreement referred to in the second paragraph, the SBS has recently published Resolution 4353-2017, laying down how companies in the financial system and the Tax Authorities should submit information protected by bank secrecy regulations and taxation data to the UIF Financial Intelligence Unit.

Similarly, Banco de la Nación, savings & loan cooperatives and companies listed as not authorized to trade public funds under section 16 of the General Financial & Insurance Systems Act and the Organic Act of the SBS, must send the UIF an Excel spreadsheet with a summary table using the format described in Appendix I under the heading “Format for submitting information protected by bank secrecy regulations to the Peruvian UIF”. It must contain the following client information:

a)   Number of the account reported

b)   Name of the reporting institution

c)    Date and time of the transaction

d)   Banking agent (SBS code) where applicable

e)   Transaction number

f)    Currency

g)   Type of transaction

h)   Amount of the transaction

i)     Brief description of the transaction

j)        General classification of the transaction (SBS)

k)   Data on the second related party in the transaction

The information specified above must be sent over secure electronic communications that guarantee both proper transmission and confidentiality; UIF-Peru will confirm reception by the same means.

At the beginning of 2017, as discussed in issue 10 of Progreso, the British government sent out for public consultation a Green Paper on reforming certain areas of corporate governance to bolster the market’s confidence in the country’s companies. After this consultation period, the government published a document analyzing the feedback on the Green Paper from nearly 400 participating companies, and proposed nine reforms to the British corporate governance system, as we also analyzed in the previous issue of Progreso.

Among the proposed measures, the government has tasked the Institute of Chartered Secretaries and Administrators and The Investment Association with giving British companies guidelines on how to engage with their stakeholders, in compliance with Section 172 of the 2006 Companies Act.

To fulfil this mandate, these two institutions have published this document jointly, to foster stronger governance for companies around the country, in the conviction that bearing in mind stakeholders’ opinions and needs when taking business decisions will lead towards their long-term success.

Below follows a summary of the seven chapters that lay out the document’s 10 key principles, centered mainly on the duties of the board of directors:

Directors’ duties

Section 172 of the 2006 Companies Act establishes the obligation of company directors to consider their stakeholders’ interests when taking decisions to promote the success of the company.

Specifically, they must consider the long-term consequences of resolutions they adopt, the best interests of employees, the need to foster relationships with suppliers, consumers and other stakeholders, the impact of the company’s activity on the environment and society at large, the company’s good repute and high standards of business conduct, together with the need to act in a fair and appropriate manner.

Identifying stakeholders

The governing body should define which stakeholders are important to the company and which are most impacted by its activity, as well as identifying which are key for long-term value generation, or to the contrary those which may have a negative impact on value generation.

Once this exercise is complete, the way in which the company interacts with these stakeholders should be studied, to see whether further information is needed about them, and whether a more direct line of communication between them and the directors is needed, if they are important for the company’s long-term success. To ensure effective communication, it is advisable to identify a contact person for each stakeholder.

In addition, given that the importance of stakeholders and their impact on the company may vary over time, the board should define a regular review process of the stakeholders it considers to be significant.

Composition of the board of directors

In addition to their areas of expertise, directors must be able to understand their stakeholders’ needs. When analyzing their composition and effectiveness, the board must decide what weight to give these areas of expertise and decide whether to reserve one or more seats on the board for directors who belong to a specific interest group and/or whether to broaden the selection criteria for non-executive directors to identify candidates with directly relevant experience with one or more categories of stakeholders.

If the board decides that new directors are needed with expertise and understanding specific to a particular stakeholder, it should set out: i) the criteria for selecting them, ii) who will lead the recruitment process, and iii) how the potential candidates will be identified.

If board directors are required to represent the workforce, the board should consider: i) the number of representatives needed, ii) the process to follow for appointing them, iii) the support they might need to perform their duties (induction and training), and iv) how they will communicate with their colleagues and receive their input. These considerations may also be applicable in the event of the board needing a member who has experience with other stakeholder groups.

Induction and training

Once the board members have been appointed, they should receive induction programs tailored to their areas of expertise and skillsets. To define them, the Chairman and Secretary of the Board should meet the new directors to design the induction plan most appropriate to their learning needs.

To ensure that the induction covers all the information that a new director should know about the company’s stakeholders, the following activities can be considered: i) meetings with senior management, with staff representatives or labor committees, with the company’s principal external advisers and its most important customers and suppliers; ii) site visits; and iii) briefings on the company’s local, regional and global operations, as well as any impacts on local communities.

The Chairman of the Board should also regularly review and discuss with each board member their development and training needs.

Decision making

The Chair, supported by the other board members, senior management and the company secretary, should determine how best to ensure that the board’s decision-making processes give enough of a voice to key stakeholders.

The Chair should ensure that the board receives the necessary information about issues affecting its stakeholders, and that the board has enough time to discuss these issues at its meetings. This report makes some recommendations on this: to incorporate a prompt such as “impact on stakeholders” in all strategy and policy papers requiring a decision; or else to have standing agenda items addressing these groups on the agendas of all meetings; or otherwise a rolling program of meetings with them.

The Board must also consider whether to create a specific committee to analyze the institution’s engagement with its stakeholders, or to add this remit to one or several of the support committees that already exist.  It could also weigh up the merits of assigning to one or several board members the task of assessing the impact of decisions on stakeholders, and of ensuring that these questions are debated at all board meetings.

Engagement mechanisms

The board must have an overarching vision of all its engagement mechanisms with important stakeholders so that it can decide whether these are fit for purpose or whether changes are needed to ensure their effectiveness.

The appropriate mechanism for engagement will depend on the stakeholder group concerned and the nature of their relationship with the company, so different approaches should be considered to identify their needs: forums, advisory panels, surveys, social media, annual meetings, whistleblowing policies, etc.

Reporting and feedback

The board should report to its shareholders on how it has taken the impact on key stakeholders into account when making decisions. The main mechanism for this is the annual report and the annual financial statements. These must clearly and accurately identify the company’s key stakeholders, the mechanisms used so that the board is aware of their interests and how these interests have informed the decisions taken.

It should also explain the mechanisms deployed with stakeholders throughout the year and, to ensure that board members are fulfilling Section 172 of the Companies Act, include the assessment made by the board of the suitability and effectiveness of these systems.   

The information in the annual report can also be useful for other stakeholders as well as for shareholders, although other forms of reporting and feedback should be considered, such as reports on specific issues, resources on the corporate website, newsletters, forums, social media, etc.

The board should decide how often the different stakeholders should receive information, according to their needs.

In the last quarter of the year, the Colombian government published the Bills that we discuss below, with the main objective of promoting and strengthening the country’s agricultural and livestock sector.

Smallholding economy and family-run farming

The Government’s Bill 126-2017 seeks to promote and consolidate the smallholding economy and family-run farms, as well as strengthening integrated rural development. The document proposes two associative systems, specifically:

• The smallholding economy understood as an economic, social and territorial system that is environmentally sustainable; one that is managed and operated by smallholders using their family, community and organizational hubs whose principal source of income is agriculture, forestry, small-scale fishing, aquaculture, pastoral activity, livestock, silviculture and handcrafts to at least 75%.

This system’s aims include self-sufficiency, the formation of associative and cooperative production and trading methods, transforming and adding value to their products, generating surpluses that can be marketed locally, regionally, nationally and abroad; protecting ecosystems, as well as the recognition, affirmation and boosting of smallholders’ cultural identity and connections to their land.

• Family-run farming as a socioeconomic and cultural system used by agrarian communities, whether these are smallholders, colonies, indigenous people, or of other kinds, in their respective territories, occupied in farming, livestock breeding, silviculture, aquaculture or fishing. They are run and manned predominantly by family labor or by a community of rural families, some of whom own the land, while others do not, while some have larger plots than others.  The heterogeneous nature of this relationship with the land and their production system allows them to be partially self-sufficient, while generating income by trading on local, national and international markets, whether sporadically or continuously, in search of a stable lifestyle to give them food security both for themselves and for society.  

These systems allow production and trading arrangements to be set up that are based on association and solidarity, protecting ecosystems and affirming cultural identity, among other aims.

Other matters covered in the Bill:

• FINAGRO’s role of financing of eco-farming production reconversion processes.   
• Measures to strengthen the smallholding economy and family-run farming’s productive capacities, in areas including:

– Diversification of production units.

– Food quality.

– Soil suitability.

– Forward planning of land use.

– Application and use of technology and resources appropriate to the type of production.

– Transitioning to agro-ecological systems, with the support of specialized experts.

– Ways and means of accessing loans.

– Provision of production infrastructure.

– Marketing that is appropriate for the goods being produced.

– Mechanisms for business training.

• Creating the Smallholders’ Economy & Family Farming Information System, into which the territorial institutions provide feedback. The system seeks to identify the smallholding population that is active in this economy and in family farming in order to target the policy instruments cited above appropriately.
• Incentives for people registered in the Smallholders’ Economy and Family Farming Information System who will receive, at least, incentives such as the creation of a special line of credit through FINAGRO at a preferential lower rate of interest than the lowest market rate to finance their projects, procure technology and equipment for the purposes of the Smallholders’ Economy & Family Farming. These loans will enjoy a grace period to be regulated by the Government so that the installment payments can be scheduled for when resources are available from the harvest.

The Bill also states that the Ministry of Agriculture will have to present research on barriers to accessing credit suffered by those affected by the law, and will set up, in conjunction with the Colombian Financial Authority, the SFC the regulations needed to overcome the obstacles that have been found.

Advantageous conditions for small agricultural and livestock producers

The first debate of the bill to provide advantageous lending conditions for small agricultural and livestock producers, set interest rates and create a loan guarantee system, has been tabled in the House of Representatives of the Republic of Colombia’s Congress.

Since the first draft, the scope of these conditions has been restricted to exclude medium-sized producers and will only benefit small producers.

However, it retains the earlier clauses relating to:

• Conditions over the debt portfolio purchase that the national government would carry out with the entire financial system, which is still up to 50%, and a grace period for the balance of 1 year and an interest rate of DTF [Colombia’s rate for 3-month fixed rate deposits]
• Credit facilities for small agricultural and livestock sector producers:

– To keep production schemes going: term of up to 3 years, 1-year grace period and DTF interest rate

– To set up production schemes: term of up to 10 years, depending on cash flow, 3 years’ grace period and DTF interest rate

• Surety from the Agricultural and Livestock Guarantee Fund on these loans
• Authorization for the SFC to define the mechanism for eliminating these non-paying debtors from the data bases

Rural women

The Colombian Government has put out for public consultation a draft decree that would enable the adoption of the Review, Assessment & Monitoring Plan for programs and legislation supporting rural women.

To ensure correct compliance with this Plan, the government intends to create an Inter-Institutional Tracking Committee to coordinate the different sectors involved. Several ministers and representatives from indigenous groups, such as the Raizal and Palenquero communities, Afro-Colombian women, subsistence farmers and LGBTI will make up this committee. Their functions, among others, will be: i) to amend or make adjustments to the Plan, ii) publicize and monitor public policies to help rural women, and iii) recommend strategies for rural women, as established by international bodies.

This Inter-Institutional committee will be supported by an Operations Committee and a Technical Secretariat.

Final beneficiaries of agricultural and livestock loans

Finally, we should refer to resolutions 7 and 8 published by the National Agricultural Credit Committee (CNCA in the Spanish), which make changes to the regulations on the use of farming and rural loans, that particularly affect the current conditions of associations.

In those resolutions, the requirement for eligibility of having been signed up to or linked for two years with a cooperative or association has been eliminated, in the case of individuals wishing to access the interest rates offered under these schemes. In compliance with resolution 7 cited above, the agricultural and livestock sector financing fund, FINAGRO, has made changes to its Service Manual outlined in its Regulation Circular P-18/2017 affecting loan eligibility requirements for associations, eliminating the obligation to have been signed up or linked for two years with a cooperative.

In addition, there is a rediscounting facility to purchase new machinery to modernize the agricultural sector with the latest technologies, to replace the obsolete machinery still used in farming. The interest rate on this rediscounting facility can be subsidized for beneficiaries over terms of up to 8 years with one year’s grace period, on portfolio balances up to COP100 million, and is covered by the Agricultural and Livestock Guarantee Fund.

The Council of Ministers published at the end of November this Royal Decree Law transposing into Spanish law Directive 2014/95/EU, of 22nd October 2014, on the disclosure of non-financial and diversity information by certain large undertakings and groups.

The Decree will apply to limited companies, limited liability companies and limited partnership with a share capital, considered public interest enterprises with an average number of employees during the period higher than 500 and, at the same time, considered as “large” in the terms defined in the Directive 2013/34. The regulation exempts enterprises belonging to a group from this obligation if the enterprise and its subsidiaries are included in the consolidated management report of another enterprise. Small and medium enterprises are exempt from these information obligations.

The transposition of this directive entails the modification of the Commercial Code (CC), of the consolidated text of the Corporate Enterprises Act (TRLSC) and of the Accounts Auditing Act (LAC), to include the following changes:

Consolidated management report

Article 49.5 of the CC and article 262.5 of the TRLSC now contain the obligation incumbent on public interest companies to include a consolidated statement of non-financial information in their consolidated management report, as long as they meet these requirements:

a. An average number of group employees during the period higher than 500 that also meet

b. On the end of period date for two consecutive periods, at least two of the following categories:

• Consolidated total assets of over EUR 20 million
• Consolidated net annual business turnover higher than EUR 40 million
• Average number of employees during the period higher than 250

The institutions will be exempt from this obligation if they do not meet two of the requisites under section b) for two consecutive accounting periods, or if at the end of the period the institution has fewer than 500 employees.

The consolidated statement must contain such information as is necessary to make the group’s position clear on environmental and social issues, human resources policies, respect for human rights (gender equality, minorities, etc.) and the fight against corruption and bribery.

Specifically, this information statement must contain a description of the group’s business model and of the policies and procedures applicable as they relate to the issues listed above. It must contain indicators for these policies, the principal associated risks linked to the company’s activities, as well as key non-financial indicators regarding the business activity in question. Furthermore, this information must include supplementary references and explanations about the sums reported in the consolidated annual statements.

The obligation described above will be taken as met if the enterprises prepare their non-financial information statement separately from the management report, but attached to it as a reference and always subject to the same criteria as the management report in terms of how it is approved, filed and published.

Exceptionally, the rule allows information relating to imminent events or those being negotiated at the time to be omitted from the statement, provided there is a properly justified opinion by the members of the governing body that the publication of such information could entail a serious setback for the group’s commercial situation. In this case, the governing body should be cognizant of the event in question and of the reasons why the information has not been divulged.

Diversity policy

With regard to the information that must be included in the management report about the structure of the company’s administration, in article 540 of the TRLSC, the Decree includes an additional regulatory requirement to describe the diversity policy used with regard to the governing body, in matters such as age, gender, disability, training and professional experience; as well as the measures adopted, and outcomes obtained, and the measures that, if applicable, the appointments committee would have taken.

Small and medium enterprises* will only be obliged to report on the measures adopted, if any, related to diversity policy.

Auditors’ report

Turning to the content of the auditors’ report, as outlined in article 35 of the LAC, the regulation states that in the case of consolidated account audits of public interest institutions, the auditor’s opinion about the consistency or otherwise between the management report and that period’s accounts will not be needed. The auditor needs only to check that the non-financial information statement is included in the management report or published separately from it.  

Likewise, in the case of the audits of the consolidated accounts of companies that issue tradable securities on official secondary markets, the auditor needs only to check that the non-financial information statement is included in the annual corporate governance report attached to the management report.

Entry into force and application

The amendments brought in under the royal decree will come into force in the accounting periods that start on 1 January 2017, and the two periods that will be calculated will be fiscal 2016 and 2017.

The European Central Bank (ECB) sent out for public consultation last September two sets of guidelines for assessing license applications from credit institutions and fintech banks, within the framework of their authority to award, extend and revoke banking licenses in the eurozone.

Credit institutions generally

The first set of guidelines covers the processes and requirements for assessing license applications from credit entities wishing to operate in the eurozone.

As well as complying with supervisory capital requirements and having an appropriate risk system, the guide highlights that institutions must have a sound governance system.

Specifically, it states that, of the areas that the supervisor considers in the assessment, particular attention will be paid to how the governing body works and how the institutions’ shareholders are handled. This chimes with the ECB’s own statement when it published the Guide for assessing suitability, as discussed in Progreso 11.

Regarding the suitability of the governing body, all its members should be vetted to confirm that they meet the “fit and proper” requirements. The vetting process may vary depending on the systemic importance and risk profile of the applicant institution (proportionality principle), but it will follow some common lines:

• The suitability of the members of the governing body, or of the candidates for these posts, will be assessed, whether the institution is significant or not.

• If an institution applies to extend its license, on the whole the members who are already on the governing body do not need to be reassessed, only those who take a seat on the body as a consequence of this extension.

Nevertheless, if the extension represents a relevant change in the entity’s business model or of the products or services it offers, the governing body as a whole may be assessed.

Furthermore, if new events come to light during the vetting process that might have a negative effect on the suitability of the members of this body, the competent national authority, in conjunction with the ECB, may consider whether to carry out a separate and complete fit and proper assessment.

Likewise, the suitability of those institutional shareholders owning more than 10% of its shares or voting rights, or exercising significant influence, will be assessed. The criteria used for this will be their reputation, their financial soundness and the lack of suspicion of money laundering or terrorist financing.

If there are many small shareholders and their stakes are not significant in any way, only the 20 largest shareholders will be assessed. If there are fewer than 20 shareholders, they will all be assessed.

Fintech entities

The other set of guidelines sent out for public consultation covers fintech credit institutions and subsidiaries of credit institutions that are applying a business model in which the production and provision of banking services is based on technology-enabled innovation (fintech), whether they are existing credit institutions that have adapted to integrate technological innovations or fintech entities new to market that are adopting these innovations to compete with well-established institutions.

The guide refers again to the duty of these entities to have a good internal governance system. To ensure this, during the process of analyzing the license application, the ECB and the relevant national authorities will assess, among other areas, the suitability of the governing body’s members; specifically, whether they possess the knowledge base, skills, theoretical and practical experience (especially in the banking or finance sector and in technology) in sufficient degree to be able to perform their duties, and also whether the company has considered including an IT officer on the governing body.

They will also assess whether the shareholders* are suitable: their reputation, their investment track record, their experience in portfolio management and whether the corporate governance structure is appropriate (for example, whether there are any non-executive board members). The assessment will also investigate their financial soundness against the funding needs of the fintech, and the financial support they plan to give the entity during the license application, if needed.

The supervisory bodies will assess fintech companies’ internal governance structure, probing into whether the governing body has accurate and appropriate information to be able to reach an informed view about issues requiring decisions, and whether they have set up specific internal monitoring procedures against potential risks (in particular: technology-based risks: cybercrime and outsourcing risks) and systems to ensure business continuity and sustainability.

In this paper, UN Women points to the difficulty of finding, within public policy formulation, policies linked to women’s empowerment in the context of the current economic slowdown in Latin America and the Caribbean.

In order to understand and tackle the uneven progress and setbacks in women’s economic empowerment depending on their socioeconomic background, the report looks at three scenarios, in which family and other, market-related, factors play a part.

Although the region has made gains in this area, no measures have been pushed through that would enable more space to be opened up for women to take a more active part in the economy. To this end, the report argues that the regions of Latin America and the Caribbean should work to overcome the obstacles and push forward with women’s economic empowerment, putting forward six key strategies to achieve this, but above all to prevent setbacks and consolidate the progress already made:

1.   Acknowledge, reduce and re-allocate domestic tasks and unremunerated care work
2.   Make progress on constructing universal welfare systems with a gender-based approach
3.   Create more and better jobs and turn work into an occupation that recognizes women’s rights
4.   Encourage equitable family relationships that value the diversity in the region’s households, together with the rights and obligations of all parties
5.   Create the right conditions for the effective enjoyment of women’s sexual and reproductive rights
6.   Minimize the adverse effects of the economic slowdown on gender equality

The World Business Council for Sustainable Development (WBCSD), in conjunction with GRI and UN Global Compact, has developed a guide for companies, setting out what they need to do to align their business strategies with the SDGs and to measure the impact that their strategies have on these goals.

The SDG Compass Guide explains how SDGs affect business and provides tools for putting sustainability at the center of business strategy. Thus, the SDG Compass exists to help companies – multinationals in particular, but also small and medium sized firms – to align their strategies and manage their contribution to SDGs.

The Guide presents five steps that help companies maximize their contribution and where the responsibility stops with them: complying with current legislation, respecting minimum international standards and making the solution of negative impacts a priority, paying special attention to those that impact human rights.

First of all, the Guide gives a brief description of the SDGs. It highlights the call they make to companies throughout the world to promote sustainable development and reduce negative impacts. Making progress towards the SDGs requires a global effort and coordinated action with all types of players: governments, the private sector and civil society. The business sphere is of particular importance, given that companies can reduce negative impacts and maximize the positive ones, manage risk, anticipate customer demand and also position themselves in emerging markets. Going further, the Guide affirms that the SDGs can be used as a general framework within which to mark out business strategies and targets, such that companies can obtain benefits such as identifying business opportunities, improving business sustainability, strengthening relationships with stakeholders, keeping the market stable, and using a common language which allows different parties to share a joint purpose.

Secondly, a series of priorities has to be defined, since not all the SDGs have the same importance for companies. To this end, mapping the areas of impact is very important. In this process, companies should select suitable key performance indicators for impact assessment and collate data for each indicator.

After this, using the results of the impact assessment and the SDGs they have prioritized, companies should set goals that are measurable, concrete and have time frames.

The Guide stresses that it is fundamental to anchor sustainability within core business activity and embed targets to carry out the goals set previously. Similarly, it sees working with partners as critical to tackle sustainability issues robustly, given that these cannot be managed in a vacuum.

Finally, the Guide recommends communicating progress as it is made towards the SDGs. It refers to goal 12.6 of the SDGs, according to which governments need to create the conditions for companies to adopt sustainable practices and include information about sustainability in their legal and regulatory documents.

The regulation on the Effective Equity Requirement for Credit Exposure establishes the methodology to be applied and the requisites that companies must meet to calculate the effective equity requirement for credit exposure under standard models, or using methods based on internal models.

To apply a more risk-sensitive methodology, the Banking, Insurance and Private Pension Fund Managers Authority (SBS) has amended article 22 and the 2-A1 “Credit Risk-weighted assets and Contingent Assets – Standard Method” report.

As well as shareholding exposures, the amendment to the article covers exposures in mutual fund unit-share certificates, establishing the risk-weighting factor of the exposure in the unit-share certificate resulting from the weighted average of the risk-weighting factors of instruments permitted under the mutual fund prospectus and the risk-weighting factor of derivatives, where applicable.

It also sets out the procedure that companies should follow when calculating the weighted average of permitted instruments’ risk weighting factors.

The modification to the 2-A1 Accounting Manual report for companies in the financial system incorporates lines for reporting exposures in mutual fund unit-share certificates.

The Latin American Banking Federation (FELABAN) has published its third report on Financial Inclusion in Latin America, analyzing the effect of the digital revolution in financial service provision, the variables for accessing financial services and aspects of public policy linked to financial inclusion in Latin America.

The report finds that with regard to the digital revolution in financial service provision, and while there have always been changes in technology in the financial arena, on this occasion there are also new players who leverage the lack of a regulatory and supervisory framework as their main advantage.

The report has referenced the work done by the Inter-American Development Bank (IDB) indicating that 60% of fintech firms in Latin America sprang up between 2014 and 2016, proof of these new players’ short track record, most of whom need capital and financing.

The paper also comments on the findings of the study conducted by the US Treasury Department which indicate that in fintech lending, there is no secondary market enabling them to cover firms’ borrowing risks, upgrade the risks associated with changing duration terms, or for securitizations, and that the absence of regulation means that the role of the participants, including rights, obligations and scope, cannot be demarcated.

The risks associated with fintech firms are as follows: (i) more credit supply; (ii) markets increasingly online-only; (iii) data security; (iv) the impact on monetary policy; (v) regulatory arbitrage; and (vi) money laundering and the financing of terrorism, and their regulation.

Meanwhile, FELABAN has developed an analysis of the main financial inclusion indicators, which have made significant progress overall, despite a challenging macroeconomic scenario and the low profile of financial inclusion in the public agenda. The Federation highlights the principles recognized at the G20 meeting in June 2017.

During the Second Meeting of the Regional Conference on Social Development in Latin America and the Caribbean, held in Montevideo in October, the Economic Commission for Latin America and the Caribbean (ECLAC) presented the book “Linkages between the social and production spheres: Gaps, pillars and challenges”.

ECLAC understands equality as a strategic objective of development; operating on this premise, the book argues for the need to push forward with inclusive social development in the different dimensions defined in the Agenda 2030 for Sustainable Development.

So, the document pays particular attention to the axes where the goals set by the Agenda 2030 meet; goals that are universal, integrated and indivisible, and which bring into play all three dimensions of sustainable development – social, economic and environmental. The text alludes to the “extended social pillar”, a concept that has echoes in the integrated and indivisible nature of Agenda 2030, in which social issues are woven into economic, environmental and institutional affairs. It is also reminiscent of SDG 17, according to which the means of implementing and bringing new momentum to the global alliance for sustainable development need to be reinforced.

The book begins by giving an overview of its content that, organized in four chapters, analyzes the obstacles facing sustainable development and the paths that lead to achieving it.

As we are told in Chapter II, one of the greatest challenges facing the region is respect for a legal framework. Similarly, poverty limits the opportunities people have and the outcomes they achieve. For these reasons, the book argues that public policy should aim to extend people’s individual empowerment and protect their vulnerabilities, emphasizing childhood, adolescence and young people: the measures adopted should consider the whole life cycle.

Chapter III looks at the dual challenge of social and labor inclusion. Collaboration and coordination between institutions in the economic-productive sphere, together with entities in the social arena is crucial for encouraging inclusive growth, reducing the different variants of inequality and overcoming poverty. This requires a minimum level of welfare, through universal access to good social services, and on the other hand, access to opportunities for decent work, with social security cover.

The book dedicates a chapter to public policies for social and economic inclusion. To work towards these, it highlights three areas that need thought; in the first place, the need to extend social and labor inclusion by concentrating on building skills; secondly, the importance of strengthening institutions by driving through appropriate public policies; and finally, the importance of making inclusive social development more feasible, from the political and fiscal perspectives, through consensus and participation.

After analyzing the key challenges facing the region in the implementation of Agenda 2030 and achieving the Sustainable Development Goals, the document sets out a series of clearly defined goals around each of the SDGs that Latin America and the Caribbean need to work hardest towards achieving.

The National Guarantee Fund (FNG) has published this Circular to create a short-term incentive for financial intermediaries to restructure secured debt instruments by novation.

Two new products have been created for this purpose: i) Easy Novations for SMEs, and ii) Easy Novations for Micro-enterprises.  

The maximum sum that can be secured with each the product has been set for each, as has the loan period, the coverage, the portfolio type, the currency, the fee, the minimum sum that can be claimed and the general terms and conditions of the guarantee.

What is more, transactions that need to access these mechanisms can be transferred without having to go through an early cancellation of the guarantee fee, which is put on hold for a year and will be invoiced in subsequent annual instalments of the loan repayment.

These mechanisms can be applied to any of the types of loan-book restructuring established in the recent External Circular 026-2017 issued by Colombia’s Financial Authority, to redefine the loan conditions for borrowers whose repayment capacity and ability to meet the original terms has been impaired.

This Circular issues instructions and introduces the concept of loan modification, in order to make it easier for borrowers to meet their obligations according to their current repayment capacity, without lowering their credit rating, while also opening up access to new funding sources.

The following are some of the conditions for modifying loans:

• The modification of a loan will not be considered a restructuring and, as such, will not give rise to making loan provisions provided that in the final six months the loan does not suffer consecutive defaults (longer than 60 days in the case of microloans, 60 days for personal loans and 90 days for the commercial and housing portfolio).
• These loans must be classified according to the guidelines set in the General Accounting & Financial Circular issued by the SFC.
• The new conditions must meet financial viability criteria that are aligned with the debtor’s capacity to pay.
• Modified loans must be subjected to special monitoring. Once the debtor’s regular and effective payment is verified (after 9 months in the case of microloans, a year for personal loans and 2 years for commercial and housing portfolio), this monitoring can cease.  
• Institutions should have in place information systems, policies and procedures to identify, manage and track those transactions that have been modified.
• If the new credit conditions are not met (30 days’ default), the loan will be classified as restructured.

Turning to loan restructuring, the following stipulations are made:

• Loan restructuring policies should describe, at the very least, the requirements, tracking and classification mechanisms, approval bodies and the powers of these.  
• Special classification criteria are set for the restructuring, at the time of the change, and after it is made.
• Loan restructuring procedures should allow:
  • The real deterioration to the debtor’s capacity to pay to be analyzed.
  • The financial viability of the restructuring to be set in line with the debtor’s capacity to pay.
  • Restructured loans to be classified according to established criteria.
  • Information systems to be in place that identify and track the restructured transactions.
• When debtors pay on time (after 18 months in the case of microloans, 2 years for personal loans, and 4 years for the commercial and housing portfolio), institutions can de-list the loans from the restructured category.
• Restructuring is considered non-compliant when the debtor defaults for 30 days or more.
• Institutions may, over time, allocate a lower risk rating when the debtor’s capacity to pay is verified as complying with the criteria set for improving this rating and when the debtor has also made regular, effective payments of capital and interest during the restructuring (for six consecutive months in the case of microloans and for a year in the other loan types).

Finally, the regulation makes the provision that institutions must provide clients with a comparison which enables them to understand clearly their loan conditions before and after the modification or restructuring.

The Ministry of Trade & Industries passed Executive Decree 177 on 14 November, creating the Republic of Panama’s National Entrepreneurship Council.

The regulation sets out how the National Entrepreneurship Council will have the function of coordinating and monitoring the roll out of the actions in the National Entrepreneurship Pact, signed in November 2016. Likewise, the institution must support the work done by the entrepreneurial ecosystem in Panama with an action plan from now until 2020.

To date, the National Entrepreneurship Council is made up of 42 members who have signed the National Entrepreneurship Pact. These members, whose posts will be ad honorem, are representatives of public and private institutions.

The National Entrepreneurship Council will meet on a regular basis twice a year, with the option to hold as many extraordinary meetings as needed.

Finally, the Decree also sets up a Coordinating Committee with the main task of acting upon and following up the actions mandated in the National Entrepreneurship Council’s plenary session.

On 20th October the Bank of Spain published its Latin American Economic Report for the second half of 2017 and went into depth, constructing the Taylor* rule.

According to the data in the report, the region’s main economies are enjoying a cyclical improvement, with a reduction in inflation rates and the resulting fall in official interest rates. In year-on-year terms, aggregate GDP has grown by 1.2% in the second quarter of 2017, although there are variations between the countries studied.

Private consumption in Brazil has recovered, with a parallel drop in the inflation rate, a rise in wages and a reduction in official interest rates. However, investment is still contracting, as is public consumption.

In Argentina, despite growth in internal demand, exports contracted; in Chile, economic activity improved, thanks to recovery in consumption and investment.

In Colombia, however, as a result of the drastic fall in the oil price, the economy slowed somewhat; the picture was similar in Peru, where the latest floods and the corruption scandals in which the country is embroiled have had a negative impact on public spending.

In aggregate, the conclusion is that private consumption has increased despite the rise in unemployment over the period being analyzed. The region’s inflation rate fell because of stabilizing exchange rates; the exceptions were Mexico, due to the peso’s depreciation, together with the rise in the price of gas, and Peru, where inflation remained stable. Central Banks were therefore able to cut their monetary policy rates.

In the foreign-trade sector, the paper notes that international trade has been more dynamic with the depreciation of the dollar since July. Meanwhile, in the financial markets, the best performers were the Peruvian and Brazilian securities markets.

The report focused on the Mexican situation, given the social and economic news affecting the country in the recent months. Despite the unfavorable context, 2018 looks set to enjoy growth levels similar to 2016 and 2017 (assuming a competitive currency exchange rate and timid recovery in oil prices). Nevertheless, certain risks are envisaged, such as the negative effects of the earthquakes and the corresponding cuts in public spending, volatility in asset prices because of the NAFTA renegotiation and lower private investment because of the status of relations with the United States and the uncertainty caused by forthcoming presidential and legislative elections.

Finally, in the light of this comprehensive analysis, the Bank of Spain estimates moderate growth for 2017, at 1.6% after the reverse of -0.6% the year before, and accounted for by recoveries in Argentina and Brazil that offset the slowing growth rates in Chile, Colombia, Mexico and Peru. However, these growth rates are still insufficient to make significant progress in comparison with more advanced economies.

The International Monetary Fund (IMF) has published, as it does every year, a paper looking at the economic performance in the Americas.

Published in October 2017, the IMF points to the gradual recovery in 2017-2018 of economic activity in Latin America, but noting that despite this long-term growth, expansion is slow, making it hard to reach the levels of developed economies.

The paper reports the end of the recessions in Argentina and Brazil as one of the factors which has enabled economic activity to steadily recover.

On this topic, it identifies the following internal risk factors to economic growth: (i) uncertainty about the political direction that will be taken in Latin American countries on the brink of elections; as well as (ii) the knock-on effects in other countries of the current crisis in Venezuela, with the humanitarian crisis and the corresponding migration of Venezuelan citizens to neighboring countries causing the greatest concern. It identifies as external risks: (i) changes of direction in capital flows and tighter financial conditions; (ii) financial stability risks in China, (iii) the reversal of cross-border economic integration; and (iv) natural disasters and climate change.

Lastly, the IMF analyzes performance and outlooks, together with the economic policy priorities that must be tackled in South American countries, Mexico, Central America, Panama, Dominican Republic and the Caribbean.

In keeping with the trend in Latin American countries such as Peru, a bill was published in September establishing the scope of legal persons’ criminal liability. Independently of whether the capital is domestic or foreign, with or without state holding, the bill sets out that legal persons can be liable for committing the following felonies as defined in the Penal Code:

1.      Domestic and cross-border bribery and influence peddling, (articles 259 and 28b)
2.      Negotiations that are incompatible with holding public office (article 265)
3.      Exacting kick-backs (article 268)
4.      Illicit enrichment by public officials and employees (articles 268.1 and 268.2)
5.      Faking balance sheets and contents of reports  (article 300)

The criminal liability regime will apply to legal persons for the felonies they have committed, directly or indirectly, with their intervention or in their name, interest or benefit. It will also apply to actions carried out to their advantage or interest by a third party not properly authorized to represent them, provided that the legal person has ratified the operation or action.

Penalties

The penalties applicable for these felonies may consist of: i) a fine of between two and five times the profit improperly obtained or that might have been obtained; ii) total or partial suspension of the institution’s activities, for a maximum of 10 years; iii) suspension from taking part in public tenders or bids or any other activity linked to the State, for a maximum of 10 years; iv) dissolution and liquidation of the legal person if it had been created for the sole purpose of committing the felony; v) loss or suspension of entitlement to state benefits; and vi) publication of a summary of the guilty ruling, to be paid for by the legal person.

However, the bill makes provisions for certain grounds for exemption from penalty, provided the following circumstances apply:

• Self-reporting of the illicit activity after conducting internal investigation
• Adoption, before the felony was committed, of an appropriate monitoring and supervisory system, known as an “Integrity Program”
• Reimbursement of the illicit earnings obtained

Integrity Program

The Integrity Program should include activities, mechanisms and internal procedures designed to prevent, detect and correct irregularities and illicit dealings considered under this regulation. It should contain at least the following components:

• Code of ethics or conduct, or policies and procedures for integrity that apply to all company directors and employees
• Regular training sessions about the program for directors, managers and employees
• Internal channels for reporting irregularities and programs to protect whistleblowers
• Internal officer to develop, coordinate and supervise the program, similar to the Compliance Officer provided for under Spanish law
• Continuous monitoring and assessment of the program’s effectiveness

In any event, the Program will have to be tailored to the size, economic capacity and risks associated with the company’s business.

On 30 June 2017 the Panamanian government published its first report measuring poverty with a multidimensional indicator. This provides us with a good starting point for talking about the situation of microfinance in Panama, given that the report will be used as the baseline for the decisions and approach taken by governmental bodies, as well as the guidelines we in the private sector must follow when designing tools to trigger useful social-development opportunities that enable us to reduce poverty in the country effectively.

The multi-dimensional measurement of poverty is built on two key indicators: incidence and intensity. Incidence relates to the number of people, and intensity indicates the degree of poverty suffered by people by the deprivations in the different variables collated for the indicator. In Panama, incidence is 19.1%, representing 777,752 people, while intensity is 43.5%. When combined, these indicators give us a multidimensional poverty index of 8.3%. This means that approximately one in every five people lives below the poverty line in Panama and that of these, around half suffer shortfalls simultaneously by most of the 17 measurements taken.

Nevertheless, when the indicator is compared with other countries in the region, it is one of the lowest, although this in no way means that the task is completed, nor that we should stop looking after the low-income population. In fact, there are more than 700,00 Panamanians who need opportunities for social development and who should be looked after on a long-term and sustained basis. This number will always be too high when we turn to people in vulnerable situations. That is why we feel that it is a good time to review the microfinance framework in Panama, to confirm what we need to do to achieve the goal of providing access to credit.

Panama is a country of service provision, particularly in financial services, and this is one of its strengths, which might lead one to think that access to these resources should be relatively easy. However, for those at the bottom of the economic pyramid, banking penetration and access to banking is not so straightforward; only 32% of the 40% poorest people in the country holds an account in a financial institution.

This situation has led legislators to establish standards to strengthen microfinance in Panama, with the aim of making it easier for all those who do not have access to traditional banking to have exposure to financial resources. Currently, microfinance in Panama is handled through several types of companies, including microfinance banks, financial companies, savings & loan cooperatives and NGOs. As is evident, the activity is therefore subject to different regulatory bodies, with the outcome that the regulatory framework for microfinance in Panama is asymmetrical.

Acting on this analysis, the government passed four laws to strengthen and formalize certain aspects of the entrepreneurial environment. Their main purpose is to encourage access to credit and modernize the system of secured transactions (eg, through mortgages on moveable assets), set up a new prudential regulatory framework for microfinance institutions, create a legal structure for limited-liability enterprises (to make it easier for micro-enterprises to operate within Panama) and incorporate incentives to include microfinance in the formal economy, all underpinned by ensuring that information about microfinance entities’ credit history is thorough, accurate and standardized.

Under this scenario, banks supervised by Panama’s Banking Authority have been using licenses that allow them to provide financial services for microfinance, although it has been difficult for this type of institution to conduct transactions, mainly because of the costs associated with microfinance activity. As a result, no banks are currently operating under these licenses, but are rather trying to become general license banks, which puts a spotlight on the priority the private sector should place on making microfinance regulations more robust, given that the current situation drains the momentum from sector development.

All the above means that microfinance services are generally provided by financial institutions, NGOs, cooperatives and, in the worst cases, by the informal lending market controlled by foreigners, with charging mechanisms and interest rates that stunt micro-entrepreneurs’ growth, in the economic and the social sphere.

Other important players in Panama are multilateral entities such as CAF-Development Bank of Latin America and the IDB, which provide support with funding and take part in special programs. One of our star products was created in collaboration with the IDB, CASAFIN, targeted at serving people with substandard housing, which in many cases are their workplaces too. There are also specialized microfinance investment funds, which agglutinate investors who want to put their money into social purpose institutions, as in the case of Microserfin. Our funders include GAWA Capital, Microvest, Symbiotics, LocFund, ResponsAbility, BIB and Alterfin. There are development agencies too, managing resources for governments for exclusively social purposes, such as Fidemicro, Findec and ICO, which has given us resources from the Spanish cooperation agency.

Finally, and no less importantly, are the funds from local banks with which we have commercial relationships, not only in funding, but who provide us with day to day operating services, issuing checks and providing liability products where we can place such occasional liquidity surpluses.

Some of the institutions holding microloan portfolios on their balance sheet have organized an association called REDPAMIF (Panamanian Microfinance Network), to drive progress in the sector by issuing public policies, legal and regulatory frameworks, organizing training events, recruiting loan officers. The aim of these and their other activities is to give the sector a higher profile, and recognition in the small business segment of the market.

The most important microloan players are members of REDPAMIF, clearly differentiated by the market niches they target. Of the 9 institutional members, two use the microloan methodology, and grant loans with an average value of around USD5,000. Only Microserfin reaches the very base of the economic pyramid, with loans averaging USD1,500. The total loan portfolio of these institutions is worth USD 270 million, of which 13% is in the rural sector and 40% is lent to women.

The most significant governmental institution in this field, the leading provider of programs focusing on low-income entrepreneurs, is the AMPYME Ministry, that supervises micro, small and medium companies. It is responsible for promoting the creation of companies, consolidating those that already exist and for helping to generate decent employment and creating added value to the country’s production.

As we have seen, there is a widespread impression that an ecosystem for microfinance already exists. Indeed, the ecosystem was specifically targeted at fostering entrepreneurship. However, the outcomes are manifestly improvable, given the use of subsidies, tools which do not necessarily ensure long-term sustainability.

We should not forget the environment in which the microfinance sector is embedded. Panama is used to significant rates of GDP growth; in the last ten years it has grown at an average rate of 7.2%, the highest in the world, with the forecast for the end of this year at around 5%, supported by public-sector investment, and particularly the construction of a second metro line plus additional traffic generated by the canal enlargement.

The solid performance of Panama’s economy suffers from some social shortcomings in the areas of poverty and inequality. The economic slowdown is visible in sluggish sales, increased production costs and even the closure of businesses of all sizes, which has a knock-on effect, one way or another, on micro-entrepreneurs. This situation is a breeding ground for an increase in financing offered by different players, thus increasing the risk of over-indebtedness.

The deteriorating quality of assets can also be seen in the overall figures for the financial sector.  Proof of this is the impairment of the non-performing portfolio over the course of 2016 and to date. The over-30-day default indicator has risen from 2.2% in December 2015 to 3.44% in July 2017, representing a 124-base point (bp) impairment in the last 18 months. In contrast with the 31bp increase between June 2014 and December 2015, this demonstrates a significant overall impairment in Panama’s loanbook.

In conclusion, the country must make a firmer commitment to financial inclusion if it is to bring the poverty indexes down over time to a meaningful extent. From our perspective, we re-affirm out commitment to continue driving Responsible Productive Finance efficiently, to reduce poverty in Panama.

On 16 October, Chile’s Securities & Insurance Authority, the SVS, published general standard 420 for the self-assessment of basic principles and best market-conduct practices in the insurance industry.

This standard sets out the self-assessment of basic principles and good practice relative to market conduct that insurance institutions and brokers must honor when defining their business management policies. Market conduct is to be understood here as defined in the text: the risk that insurance companies and brokers do not treat their clients and insured parties fairly in any product or service relationship they may have with each other; the definitions and principles set out in the General Standard 309 from 2011 should also be followed.

When it is implemented, certain nuances of interpretation may be acceptable, but the principles and good practice it contains are applicable to all insurance and brokers companies, whatever their volume of production. Furthermore, market conduct must be self-assessed regularly, although the frequency will depend on the categories and conditions laid out in the lengthy appendix.

The areas regulated in this text are the following:

Purpose

The new supervisory framework for market conduct provides guidelines so that insurance market agents consider in their corporate governance those practices that promote trust and strengthen the industry. This will contribute to this sector’s development and to a more efficient allocation of supervisory resources.

Cornerstone supervisory principles

• Fair treatment of clients

The standard requires institutions to ensure that clients receive the product or service suited to their needs, while providing them with correct and clear service and information. To this end, they must:

– Act appropriately with care and diligence in their client dealings, whilst also taking into consideration matters such as how the sales strategy is designed, implementation of internal checks and balances and the availability of suitable staff to service clients.

– Develop products and services that cover the interests and needs of potential insurance policy holders; to achieve this, the product’s target segment must be correctly defined and each of the clauses contained in the policy documents and other contracts must be legally sound.

– Promote products and services using clear, understandable language and terms.

– Provide good quality advice before, during and after signing the contract.

– Fulfil the obligations deriving from the insurance contract, such as procedures for dealing with claims and mechanisms for resolving disputes between client and insurer.

• Managing conflicts of interest

Conflicts of interest occur when an incentive exists on the part of an insurer or broker to behave in a way that may have negative impact on compliance with the obligations that these parties have with their clients.

In general, acceptance of payment, an incentive or any other non-monetary benefit can create a conflict of interest. However, the regulation considers this to be acceptable when the payment or acceptance of something:

– Has the purpose of increasing the quality of the service to the client

– Is disclosed to the client before the service is provided, and

– Does not interfere with the obligation to act in the client’s best interests.

As far as managing these situations is concerned, the regulation requires the institutions’ Boards of Directors to adopt an internal policy that entails setting up diversity policies, commercial agreements, codes of ethics and public disclosure measures.

• Protecting clients’ information

Aside from regulatory compliance as regards information security, institutions must adopt all measures necessary to protect their client’ personal and financial information and respect their privacy. To this end, they must train staff, have the appropriate technology, identify potential risks and have contingency plans in place to mitigate them.

• Promoting the development of the market through transparency

To prevent deceitful, unfair or unethical practices, insurers and brokers must explicitly include in their internal operating policies the observance of transparent business practices that adhere to ethical criteria and institutional values that they themselves have defined.

Furthermore, the regulation recommends the provision of good quality advice that contributes to their clients’ financial literacy, with a detailed explanation of the product or service being sold. Specifically, in the case of savings insurance, this advice should offer other investment alternatives.

Self-assessment and information disclosure to the SVS

Insurers and insurance broker companies that are bank subsidiaries, whatever their turnover, and broker firms with a turnover of 75,000 UF (unidades de fomento) or higher, will have to conduct a self-assessment of their market conduct every two years. This self-assessment will look at the extent to which their market behavior has been compliant with the principles laid down in the regulation and must be reported to the SVS, together with the action plan defined.

This self-assessment of market behavior compliance, in line with the interim provisions in the regulations, must be carried out and reported for the first time to the SVS by 31 March 2018, and cover the period ending in December 2017.

On 29 November 2017, the National Securities Market Committee (CNMV) published this circular laying out the obligations on investment services companies to disclose information about corporate governance and remuneration policies was sent out for public consultation in September.

The first and second guidelines of the document go through the information that these companies must publish on their websites, in line with article 185.5 of the consolidated text of the Securities Market Act and article 31b of Royal Decree 217/2008, 15 February, on the legal framework for investment services companies and other institutions providing investment services (RD 217/2008).

Corporate governance and remuneration policy

Institutions will be required to include the following information in their website:

• Articles of incorporation
• Governance bodies: composition and categories; regulations and rules for organizing the Board and committees; identifying the posts of Chairman of the Board and CEO; board committees and their functions
• Procedures for vetting board members, general managers and similar, together with mechanisms for complying with rules on incompatibilities.
• Identifying whether the appointments of the members of the board and general managers or similar have been adopted with the positive report from the appointments committee or not
• Organizational structure, lines of reporting, division of roles and criteria for preventing conflicts of interest
• Description of procedures for identifying, measuring, managing, controlling and communicating internally the risks to which the entity is exposed
• Description of the entity’s internal control mechanisms, including those over directors and accounting
• Total remuneration accruing in each financial period to the Board members that reflects the total remuneration accrued and an individual breakdown indicating fixed components, per diems and variable components.

On this last point, companies will report any type of payment accrued, whatever its type or whoever is disbursing it, and this will include those payments accruing for serving on the boards of other companies in the group or investee companies in which the person in question represents the group.

As an alternative, the remunerations policy may be disclosed by means of a direct link to the document “Solvency information” referred to in article 191 of the cited Securities Market Act.

Website settings

The published information should be laid out in a comprehensive, clear, understandable manner and can be accessed from a constantly updated website in a tab called “Corporate governance and remuneration policy”.

Nevertheless, information may be published using direct links if this information has already been divulged in other areas of the website or provided free of charge in the Securities Market Commission’s IT databases or those of other bodies.  

The content disclosed must be three browsing clicks away at most, and should be presented in a structured, orderly manner. The headings must be clear, concise and meaningful, and the writing style used must be appropriate, avoiding as far as is possible the use of jargon and acronyms. If different versions for different platforms are offered, their contents and presentation should be similar.

What is more, institutions must guarantee at all times the security of the webpage, as well as ensuring that the information is true and accurate, that access to the same is free and that the documents are downloadable and printable.

Intangible assets

On the other hand, the circular specifies in the Additional Requirements the amendment to Circular 7/2008, affecting accounting rules, annual accounts and statements about restricted information concerning investment services companies, fund management firms and venture capital managers.  

It refers to the new accounting procedures for intangible assets, establishing that they will be treated as assets with a defined lifecycle and that, as such, will be subject to amortization. If their lifecycle cannot be reliably estimated, the amortization period will be set at 10 years.  

The official gazette El Peruano published on 15 September 2017 the country’s national anti-money laundering & financing of terrorism policy, fruit of a shared effort between several public institutions and private-sector players involved, directly or indirectly, in adopting measures to prevent money laundering and the financing of terrorism (hereinafter AML/FT). The policy was created in four stages, over the course of 7 workshops attended by 34 public- and private-sector institutions and 73 professionals.

The overarching aim of the policy is to prevent, detect, investigate and punish money laundering and the financing of terrorism efficiently, effectively and in a coordinated manner, to contribute to Peru’s economic, political and social stability. The policy operates on the following principles:

• Legality and due process: refers to respect for and compliance with the Political Constitution, laws, international treaties that have been ratified by Peru, sector regulations and binding national and international jurisprudence.
• Efficiency: optimization of resources available from entities involved in the AML/FT struggle.
• Efficacy: the activity of institutions involved in AML/FT must be focused on achieving goals and obtaining results.
• Cooperation between institutions: the aim is to adopt mechanisms that encourage mutual help at a technical and practical level between institutions.
• International cooperation: refers to public institutions implementing mutually collaborative mechanisms with their opposite or equivalent numbers outside Peru and using international judicial cooperation.
• Transparency and accountability: refers to strategic, timely reporting of the regulations, policies, plans, processes, actions, progress and outcomes achieved in the AML/FT battle, while safeguarding legal provisions  where they apply.
• Involvement of civil society and the private sector: civil society and the private sector must have spaces that guarantee and promote participation in the AML/FT fight.

The policy also articulates three critical strategies focusing on prevention, detection, investigation and punishment, and seeks to achieve “joined up” implementation. For this final goal, it is looking to generate synergies between public institutions, civil society and the private sector. Building on these strategies, it has set 4 concrete objectives, with targets, Heads, guidelines and standards for each.

In the Appendix documents, the policy identifies 5 threats: (i) the existence of coca crops, the first link to drug trafficking, (ii) vestiges of the Sendero Luminoso terrorist organization, (iii) increase in recent years of corruption in public life, (iv) high rate of certain types of crime in the country: illegal mining, people trafficking, illegal log felling, contraband, extorsion and contract killings; and (v) existence in the region of countries with a high degree of criminality. Based on these, 43 vulnerabilities and 43 risks in AML/FT have been targeted.

The Supreme Decree also modifies articles 2, 3, 4 & 7 of Supreme Decree 057-2011-PCM, most importantly the affiliation of the Multisector Executive Commission against money laundering and the financing of terrorism (CONTRALAFT) with the Justice & Human Rights Ministry, setting up the Commission’s functions, and changing its members. Formerly these included a representative from the Women’s & Social Development Ministry: this representation is now filled by someone on behalf of the Minister of Defense, while two have been added: a representative from the National Public Records Authority and another, on behalf of the Executive Director of the Peruvian International Cooperation Agency.

Similarly, the amendment requires institutions to inform the Presidency of CONTRALAFT in writing within 5 days of their designated representatives.

On 8 September 2017 the Ministry of the Economy & Finance published its regulations supporting Act 30573, the Special Farm Restructuring Act, discussed in issue 11 of Progreso, to organize the flow of resources allocated to farmers in designated emergency zones that have suffered partial or total losses to their crops because of natural disasters associated with the coastal El Niño phenomenon.

The Special Farm Restructuring Programme has a fund of PEN20 million to be allocated to debts of up to 5 tax units [Unidades Impositivas Tributarias (UIT)], equivalent to PEN20,050* or the equivalent in US dollars, that were in default at 31 July 2017, which at 31 March 2017 fulfilled the conditions of being: (i) debts owed by debtors classified as “normal” or “potentially problematic” with the SBS and (ii) that were reported as current in the SBS credit risk office.

The above-mentioned debt-relief will be delivered by means of a discount voucher for 1.5 UIT, equivalent to PEN6,075 applied on the total debt; and an additional discount voucher on the interest, late payment charges and expenses, of between 50% and 80% depending on the size of the debt.

IFIs should present an application for admission onto the Program, which will be evaluated by Agrobanco. This document should consider (i) all beneficiaries, providing all the information demonstrating their eligibility for the Program; and (ii) the conditions for debt reprogramming and/or restructuring. If the application is successful, Agrobanco will sign a contract with the IFI to channel the resources and oversee the obligations, by virtue of which the IFI’s involvement will be formalized and the obligations and rights of the parties to channel RAE resources will be established.

The regulation also stipulates that the program will run until 31 March 2018 and provides for the elimination of the debts originated in the Farm Debt Restructuring Program (PREDA).

Act 5908/17 was passed on 16th October, to recapitalize family-run subsistence farms; a category that includes all farming activities – agriculture, stock-breeding, silviculture, fishing, fish-farming and grazing – that are run and operated solely by families. Thus, the regulation allows for debts due up to 30 June 2017 to be restructured, provided they have been taken on for farming production and productive investments.The most important matters regulated in the text are as follows:

Nature of the restructuring:

• Maximum sum: for diverse activities not specified by each producer, a sum of up to 25 MMW (minimum monthly wage) can be restructured
• Debt reduction: on new defaults of up to 10 years, including 2 years’ grace period and annual interest rates of 8%
• Loan classification: the loan granted under this law will be have preferential status

Requirements that must be met:

• These debts may not already benefit from the 5527/15 Financial Rehabilitation for small producers, financial literacy and protection against unfair or misleading loan practices Act
• The beneficiary must be registered on the Ministry of Agriculture & Stockbreeding’s (MAG) National Beneficiaries Register (RENABE)
• Properties may not be larger than 30 hectares

Other considerations:

• On an exceptional basis, family-run farm smallholders with unpaid debts, whether these are with private or public institutions, may receive new loans from the CAH agricultural loans facility, provided they are used for productive recapitalization
• Article 3 of the 5527/15 Act referenced above has been amended. The conditions required to date to access loans regulated by this law have been eliminated, leaving only two:
  • Requirement to attend financial and production education courses offered under the law
  • The sum of the loan should be calculated on the basis of each production unit and should not go above the sum established under law, nor exceed the basic needs of the family unit benefiting from it

In view of the implications of the law, the regulations for which are scheduled to be ready within 2 months, the final clauses authorize the amendments to the national budget for the 2016 tax period.

On 3 November, the Banking & Financial Institutions Authority, the SBIF, published Circular 4-2017 setting out the general guidelines for financial education.

The principles and guidelines in the circular are not obligatory, but serve as a template for the financial education initiatives and programs being developed by the institutions supervised by the SBIF.

These guiding principles, which follow international best practice papers, are:

• The utility principle: the need to provide tools that increase society’s economic welfare
• The opportunity principle: implementing these programs at times when the learnings will be used, that is, at moments when a decision is about to be made
• The principle of transparency: by virtue of which the information provided must be straightforward and accessible
• The principle of impartiality: this implies a key differentiation from sales advice, given that it provides not only the advantages and benefits of a financial product or service, but also the risks and obligations that come with it
• The principle of quality: the content of programs must take into consideration the context in which they are carried out and should be imparted by people with the appropriate training and experience to accomplish the task

The guidelines on the initiatives and programs include the following points:

Overarching guidelines:

• Simple language that is adapted to the target audience.
• They should be made to measure and cover both the benefits and the risks involved in taking financial decisions
• They are independent from the institution’s marketing activities, so the use of the institution’s logos and brands is forbidden
• The trainers should have the appropriate experience and skillsets that are kept up to date
• Participation in these initiatives and programs is voluntary and the resulting data bases may not be used for commercial purposes
• Initiatives and programs carried out in teaching centers are conducted under the authority of a teacher at this center

Guidelines on contents: focused on subjects relating to handling money and economic welfare. Among these:

• Saving and investment
• Planning and family budgeting
• Responsible levels of indebtedness
• Financial products

Guidelines for planning, monitoring and assessing financial education initiatives and/or programs:

• Based on a diagnosis justifying their need that forms the starting point for determining the target, design and assessment mechanisms
• Carried out by a third party that is unconnected to the initiative or program to ensure objectivity.
• Rolling assessments that provide information about their effectiveness and focus on acquiring financial skills, changing attitudes that are unhelpful in financial scenarios, on measuring learned behaviors and on the opinion of participants to review the efficiency and effectiveness of the initiative or program.

Finally, the regulation recommends that institutions running these types of initiatives and programs should send information about the previous year by 10th January, filled in according to the template provided in the appendix to the Circular.

A bill has been tabled to provide guarantees for the subjects of data stored in credit rating agencies. the bill would introduce several amendments to the general Habeas Data scheme, and recovers a previous draft bill, discussed in issue 8 of Progreso.

The changes to be made include the following:

• Modification of the maximum duration of a negative report, reducing this from four to two years, starting from when the debt obligation has been satisfied.
• Requirement for financial institutions to report new information about their clients, at least once a month, to ratings agencies.
• A data subject’s credit rating may not be lowered internally because credit checks have been made by other institutions in the ratings agencies. These checks must always be free of charge and may not be used for job-related purposes.

Other matters not currently covered under law have been included, such as:

• Immediate elimination of the negative rating in the case of expired obligations worth 20% or less of the current monthly minimum wage (around EUR43).
• Negative rating to be written off 5 years after the obligation has gone into default or after the legal recovery process has finished.
• Description of a special procedure for eliminating negative reports in cases of identity theft.

Finally, the bill proposes a six-month transitional period during which the negative report on subjects who have already paid their obligations or who satisfy them within six months of the bill coming into law, should have a maximum life cycle of six months after the entire debt has been paid off.

The Bill 169-2017 Chamber promotes financial inclusion for recently created companies, encourages entrepreneurship and simplifies the paperwork involved in incorporating a firm in Colombia.

The draft text makes it obligatory for financial institutions to design or adapt credit risk assessment policies and methodologies to include this type of company, that are legally incorporated firms that have been issuing invoices for between 1 and 84 months.

It also provides that, during public contract processes, the financial capacity of these types of firms must be assessed on an individual basis.

Innovative start-ups

The Colombian government wants specifically to promote the development of start-up companies, by establishing a regulatory framework for crowdfunding models by creating incentives for these types of institutions. The aim is also to encourage job creation and an increase in competitiveness and wealth creation.

Thus, Bill 142-2017 Senate complements Bill 169-2017 Chamber, by:

• Creating the regulatory framework so that the private equity and venture capital industry can develop in Colombia
• Mobilizing financial capital towards social start-ups
• Creating incentives for private-sector investment in these companies

It also provides regulatory protection for the creation of private equity and venture capital funds and social enterprise funds, defined as group investment entities with the purpose of financing companies with growth potential.

In its Circular OPRAC 1-912, Argentina’s central bank (BCRA) has reviewed its definitions of micro, small and medium-sized companies, adapting the regulations covering the different categories.

The modification to point 1 came into force on 20th September, affecting “Attributes for consideration” in the text of the regulations for “Determining the category of micro, small or medium-sized companies”, dated 26th July 2016. Clauses 11 and 12, on the classification of MSMEs and issues affecting affiliation and control, were changed.

Definition

The Circular specifies that the presentation of the accreditation certificate should be taken into consideration and raises the upper thresholds by sector, aspects that are covered in Resolution 340-2017 issued by the Department of Entrepreneurs, Small & Medium Companies, in the Ministry of Production, as discussed in issue 12 of Progreso.

1. Presentation of the certificate accrediting the condition of micro, small or medium-sized company: the certificate referred to in the above Resolution will have to be presented in order to establish a company’s category.
2. Average value of total annual sales: the regulation specifies the monetary limits by sector set out in Resolution 340/2017. Annual total sales should not exceed the amounts specified in point 1.1.2 of the regulation –which coincide with those in Appendix I of the same resolution-. The limits for each SME category, using the Economic Activities Classification (CLAE) are as follows:

• Micro enterprise: Agriculture, ARS 3 million; Industry & Mining, ARS 10.5 million; Trade, ARS 12.5 million; Services, ARS 3.5 million; and Construction, ARS 4.7 million.

• Small enterprise: Agriculture, ARS 19 million; Industry & Mining, ARS 64 million; Trade, ARS 75 million; Services, ARS 21 million; and Construction, ARS 30 million.

• Medium (T1): Agriculture, ARS 145 million; Industry & Mining, ARS 520 million; Trade, ARS 630 million; Services, ARS 175 million; and Construction, ARS 240 million.

• Medium (T2): Agriculture, ARS 230 million; Industry & Mining, ARS 760 million; Trade, ARS 900 million; Services, ARS 250 million and Construction, ARS 360 million.

The Circular specifies that total annual sales will be understood as the average pre-tax sales from the previous three financial years, with an exemption of up to 50% on exports. However, on this final point, it introduces some qualifiers:

• If the enterprise is under three years old, total annual sales will be calculated by pro rating information from the tax period completed; in its absence, the completed monthly tax periods will be used.
• If an enterprise has sales in more than one activity sector, the sector with the highest sales will be used.
• If the main activity of the enterprise is one of those listed in Art. 3 of Resolution 340/2017, the value of its assets must be verified and found to be no more than ARS 100 million.

Furthermore, the Circular allows the total annual sales to be calculated from the enterprise’s financial statements or by means of a statement of net sales from a chartered accountant.

Affiliation and control

The regulation excludes from the MSME definition those enterprises that, while meeting the above requirements, are controlled by or affiliated to other enterprises or economic groups. It defines these relationships as follows:

• Control: an enterprise is controlled by another when the latter either has a direct participation or, through another enterprise which in turn it controls, it owns more than 50% of the first enterprise’s capital.
• Affiliation: an enterprise is considered affiliated to another company or group when the latter holds 20% or more capital in the former.

On 8th September, the Argentinian government passed Decree 711/2017, containing the regulations for Heading I of Law 27.349 to support Venture Capital.

The purpose of the decree is to make it possible to enforce the law; as such, it clarifies some of the concepts outlined therein, sets out the percentages that can be deducted when calculating tax payable on earnings, regulates the procedure for granting these deductions and covers other matters relating to the Trust Fund for Venture Capital Development.

Clarification of definitions

• Resources that may be offered by a “venture capital institution”: they may be either monetary or non-monetary, provided that they are liquid financial assets that can be realized in local currency; i.e. that can be realized in under 24 hours without losing their value.
• Fund: this should be construed as it has been in Law 24.083, in other words; a fund that consists of publicly traded transferable securities, precious metals, FX, rights and obligations deriving from futures and options, among others, that do not constitute companies and have no legal personality.
• Management company: a legal person that represents the Venture Capital institution and manages the investments made by it.
• Disbursed investment: one that is made directly or indirectly through a Venture Capital Institution in an undertaking.
• Under-developed areas and those with less access to financing: those provinces listed in Article 2 of Decree 435 from March 2016.

Tax treatment

• Necessary requirements for those investments made through the controlling company. To be eligible for the special tax treatment in the case of investment made in venture capital, the Decree stipulates that certain conditions should be met:

– The investment should be used, finally and irrevocably, to capitalize the undertaking, in the first 12 months after it is disbursed.

– The controlling company should own at least 90% of the shares in the undertaking.

• Percentages deductible when determining tax on earnings:

– 75% of investment sums made, as a rule.

– 85% of investment sums in undertakings in or for under-developed areas and with less access to financing.

• Limits. The regulation sets a 10% limit on the deduction, calculated on the net taxable earning of natural or legal persons. Nevertheless, the regulation provides for the deduction of the surplus in the 5 tax periods immediately after the investments have been made.
• Other considerations. There is a yearly tax quota that will be allocated in the order in which admissible applications are received. The quota will be distributed for each tax period in line with the characteristics of the enterprises, strategic sectors and subsequent conditions that the Department for Entrepreneurs & MSME (SEPyME) may set.

Procedure

To be eligible for the special tax treatment provided for in the regulations, institutions should make a filing in the Venture Capital Institutions Registry (RICE) created under Law 27.349. The investor will have to present the corresponding application, to be considered by the SEPyME, who will decide whether the favorable tax treatment is justified. The Federal Administration for Public Revenues (AFIP) will be informed if the tax treatment is granted and will be responsible for monitoring that enterprises’ revenues do not exceed the upper threshold of the percentage stipulated in the law.

This tax break will apply when determining the tax on earnings payable in the period in which the investment sum was actually disbursed and may be granted partially.

Trust Fund for Venture Capital Development (FONDCE)

This may be organized using a series of trusts and the following, among others, will be classified as included in the FONDCE’s equity resources: those rights, interest payments, shares, installment payments, loans or assets of other kinds the purpose of which is to apply resources to any of the ends provided for in the Fund. In addition, the decree regulates the composition of the Fund’s Board of Directors and recognizes that the latter is empowered to appoint the Advisory Council as required for each program, among other functions.

Decree 1451, September 4th, 2017, issued by the Ministry of Trade, Industry & Tourism (MinCIT), sets down the requirements necessary for legal persons to obtain a permit, issued by the Ministry itself, to market abroad goods from micro, small and medium enterprises.

These requisites include:

• The principal purpose of the enterprise should be to market and sell Colombian products, acquired on the domestic market from micro, small and medium enterprises (MSMEs) abroad;
• The enterprise must not have any customs duty, tax or foreign exchange debts when it makes its application;
• The company must demonstrate that it has a calendar for implementing a system for managing AML & FT (anti-money laundering and financing of terrorism) risk and the financing of the proliferation of weapons of mass destruction.
• The firm must have a positive risk classification assessment from the MinCIT’s Foreign Trade department;
• The company must have an inventory control that enables it to verify and track domestic, imported and exported merchandise.

The authorization received by International Trading Companies (SCI) will have an open-ended term and will be subject to meeting the requirements and obligations set out in the Decree.

In addition, SCIs that have this authorization will be required to constitute a bond payable to the National Taxation & Customs Department (DIAN) for one per cent (1%) of the FOB value of exports made during the twelve (12) months immediately before presenting the request for authorization.

Companies setting themselves up as SCIs have a number of advantages: in particular, they are exempt from Value Added Tax on the domestic purchase or acquisition of goods, provided that these are exported in the following six (6) months; they are not taxed at source; they have access to support services and programs for business people run by participating or related institutions, together with MinCIT programs and support from the Regional Productive Transformation Program in identifying micro, small and medium enterprises that can provide them with their goods.

Bill 111-2017, before the Republic of Colombia’s Congress of Representatives, seeks to introduce innovations in the National Development Plan’s key objectives.

One of the most important parts of the text has to do with the creation of Shared Work Centers, where micro entrepreneurs and small business people can share a space, equipped with offices and desks to pursue their projects independently. These Shared Work Centers will have to be regulated within a six (6) month period after the law comes into force and created in the following two (2) years.

Similarly, crowdfunding models will be included. Four group funding models are listed, although these have not yet been developed:

• Donation-based community models
• Reward-based community models,
• Financial schemes based on loans, and
• Share-based financial schemes.

The document sets a period of twelve (12) months from when the law is passed, for central government to present a bill to Congress authorizing the crowdfunding models specified in this bill and that defines, among other matters, the control and monitoring functions to the corresponding supervisory body.

The Ministry of Finance & Public Lending has recently published a draft decree regulating online crowdfunding of productive projects managed through institutions regulated by Colombia’s supervisory authority, the SFC, in which securities are issued.

The draft text contains specific rules for administrators of these platforms, contributors and recipients, on matters such as:

• Information disclosure
• Anti-money laundering and financing of terrorism mechanisms
• Handling conflicts of interest
• A series of limits in order to protect contributors and recipients

In addition, certain requirements have been set for online crowdfunding:  

• Classification of productive projects through objective risk-analysis procedures
• Adoption of operating regulations
• Reporting and updates of information about contributors and recipients to be sent to information centers
• Limits on the sum that can be invested per project, to be set at 10 MMW or 5% of annual income, whichever is the lower; a global limit of 30 MMW or 15% of annual income, whichever is the lower.

Finally, specific rules have been laid out for the securities that form part of the crowdfunding, relative to their issuance, sale and purchase, non-negotiable status on the securities market and the inadmissibility of applying additional regulations.

The Government passed Act 1870 on 21st September 2017, laying out rules for strengthening regulation and supervision over financial conglomerates. This text has not been altered from the version that was agreed prior to the president’s sanction, and was reviewed in issue 12 of Progreso.

The following are some of its most salient points:

1. A financial conglomerate is defined as a group of institutions with a single controlling body that includes two or more domestic or foreign institutions carrying out an activity that is regulated by the Colombian Financial Authority (SFC), provided that at least one of these institutions carries out these activities in Colombia.

Only those subsidiaries that are financial institutions will form part of the conglomerate.

2. A financial holding is defined as any legal person or investment vehicle exercising control over the institutions making up the financial conglomerate. These institutions will be subject to inspection and oversight from the SFC unless they demonstrate to the SFC that in their home jurisdiction they are subject to a regulatory and supervisory regime similar to that of Colombia.

3. The SFC will have the power to determine:

• The capital adequacy required of conglomerates,
• Corporate governance standards;
• Framework for financial risk management and internal control;
• Exemptions of legal persons or investment vehicles from supervision, depending on the scope of that supervision;
• Criteria for defining the nature of linked parties to the conglomerate and to the holding;
• Criteria for identifying, managing, monitoring and disclosing conflicts of interest;
• Changes needed in the structure of the conglomerate (when the existing structure does not enable information to be disclosed appropriately, comprehensive and consolidated supervision and/nor identification of the real beneficiary and the institutions comprising it;
• Information requirements and visits to be made to the entities in the conglomerate;
• To revoke the regulated entity’s operating license when the information supplied by the foreign parent company is insufficient to carry out the supervision.

4. The law clarifies that holdings will not have to contribute to operating and investment costs that Colombia’s Financial Authority, the SFC, may incur.

5. It extends the SFC’s powers of supervision and sanction, to cover giving instructions to holdings on how to comply with the regulation, particularly in the areas of financial conglomerates’ risk management, internal monitoring, information disclosure and corporate governance.

6. Oversight of financial holdings set up outside Colombia.

7. The concept of “significant influence”, as a criterion for determining the existence of a financial conglomerate.

8. Three scenarios are described in which control and subordination are understood to exist, namely, i) when there is a majority shareholding, ii) when there is a decision-making majority on the company’s board of directors, and iii) when a shareholder pact exerts an overriding influence on the decisions taken in the company.

9. The regulations covering purchasing the assets and taking over the liabilities of a credit institution in compulsory liquidation are laid down; the Financial Institutions Guarantee Fund (FOGAFIN) is given the authority to transfer these assets and liabilities to other credit establishment(s) or to a bridge bank.

Furthermore, the Government will have six (6) months, from when the bill comes into law, to regulate for supervisory powers over conglomerates, to cover the structure, complexity and specific characteristics of financial conglomerates. Heading I of the law will come into effect six (6) months after these regulations are published.

On 10th August 2017, Colombia’s Industry & Trade Authority (SIC) published External Circular 005 regulating the transfer to third countries of personal data that is under the jurisdiction of Colombian law. Data protection standards have been set, among them:

• Standards applying to personal data processing and over guidelines for personal data processing, rights of data owners and duties of data officers and controllers.
• Legal and administrative routes to ensure protection for data owners.
• Public-sector data processing supervisory body.

A list has been drawn up of countries that ensure a suitable level of data protection; this list may be added to or otherwise changed by the SIC, in line with the guidelines stipulated by law.

Finally, to transfer personal data outside Colombia, data officers will need the SIC to issue a statement of conformity. In any event, if there is a contract or other legal instrument between the Data Officer issuing the data and the Officer receiving the data that specifies the principles and obligations for processing, the transaction will be presumed viable and considered as having a statement of conformity.

In the same way, as discussed in issue 5 of Progreso, the colombian government has recently published Bill 089-2017 amending the 2012 Statutory Act 1581 which sets the general provisions for personal data protection.

According to the Bill’s preamble, the regulation aims to give Colombia’s authorities the legal powers to protect citizens’ fundamental rights regarding the recompilation and processing of their personal data online.

The initiative is a response to the challenges of personal data processing presented by the internet. The Bill echoes the principles set in international papers such as (i) the “Estándares de protección de datos personales para los estados Iberoamericanos” [Personal Data Protection Standards for Ibero-American States] by the Ibero-American Data Protection Network and (ii) the Regulation (EU) 2016/679 of the European Parliament and of the Council.

We should draw attention to some of the amendments in the Bill:

Extended area of application

In the same way as Regulation (EU) 2016/679 extended its area of application to the processing of data of Community citizens beyond the European Union, this Bill also widens the application of the regulation. It now regulates data processing controllers who neither live nor are domiciled in Colombia, but who, online or by other means, are collating, storing, using, disseminating or involved in any other operation using personal data of people residing, domiciled or living in Colombian territory. The text also defines the duties of the data protection authority with regard to those international controllers who are living in the country and processing the personal data of Colombian citizens.

Principles

The Bill adds the principles laid down by the Ibero-American Data Protection Network, which include: the principle of data protection by design and by default; the principle of accountability and the principle of proportionality. These principles uphold that privacy, proper personal data processing and security should be an intrinsic part of the design, architecture and configuration of any technology or information handling process. They also establish the effective measures that the data processing controller should adopt to meet their legal obligations and the restrictions incumbent on this person when collecting or processing data, which depend on the use to which they are being put.

Outsourcing services involving data processing

With regard to the duties of data processing controllers, the Bill provides for the option of outsourcing services involving the processing of personal data, setting the framework for outsourcing and the liabilities taken on by the sub-contracted party.

Pro-active measures for data processing

The Bill adds a new sub-heading to the law, on pro-active measures in personal data processing, containing articles on privacy by design and privacy by default, as well as self-regulation mechanisms for the proper application of the law.

Assessments must be conducted on the impact on data protection when the processing, due to its nature or end purpose, carries a high risk of affecting the data subject’s right to data protection, a regulation which was inspired by EU Regulation 2016/679. The European law makes the same provision, but adds the scenarios or cases in which such an impact assessment would be required.

Lastly, it includes the figure of the data protection officer, present in EU Regulation 2016/679, although there are clear differences between the two documents. The Colombian Bill empowers the data processing controller to appoint the data protection officer, once the prior decision from the data protection body has been secured; whereas EU Regulation 2016/679 does not need this prior authorization before appointing an officer, but, instead, lays out the situations in which such an appointment should be made. Furthermore, the Colombian Bill does not provide for the possibility that a business group might appoint a single data protection officer, nor does it mention the principle of confidentiality in the performance of his/her duties.

Taking into account the guidelines issued by the European Securities & Markets Authority in March 2016 for the assessment of knowledge and competence of staff who inform and advise, as well as the internal organization requirements contained in the European MiFID I regulation (Directive 2004/39) and in the securities market regulation[1], Spain’s National Securities Market Commission, the CNMV, has published technical guidelines to define the criteria using which entities can prove that their staff who inform or give advice about investment services possess the necessary knowledge and competence and that they are acting in clients’ best interests.

Governing body

The document explains how the institution’s governing body or, in the case of large institutions, a Board Committee set up for this purpose, and consisting of at least 3 suitably prepared directors, will be in charge of:

• Establishing the criteria that identified staff must satisfy,
• Appointing the unit in charge of its application, and
• Defining the control procedures to ensure compliance.

Among other matters, the governing body should make staff responsibilities very clear, the policy on the qualification of identified staff, the procedures to ensure that these members of staff are assessed, the qualifications they should have, the number of training hours or the external agencies/internal area of the institution in charge.

Accreditation of staff qualification

Financial institutions must guarantee to the Securities Commission, whether they use internal means or outsource the task, that their key staff possess the necessary knowledge and competences to fulfil their obligations and that they are aware of, understand and put into practice the institution’s internal policies and procedures to ensure regulatory compliance.

When the accreditation is handled by the institution itself, the governing body will have to establish the necessary control mechanisms to guarantee that staff have the appropriate skillset. To this end, the regulatory compliance unit will be responsible for preparing a report for the governing body that should include proof that the tests conducted accredit that this has been achieved.

Institutions must keep their records up to date on the accreditation of their identified staff members’ knowledge and competence, with information about each staff member, his/her experience, the training received, etc., that will be made available to the CNMV.

Furthermore, the institution’s governing body must review the development and needs of key staff every year, to ensure that they continue to be suitably qualified and have kept abreast of developments. If the staff member is not considered to have the necessary knowledge and skills, measures must be taken to ensure that they cannot provide information and advice, or that they provide it under supervision.

The CNMV has published a first list of certificates approved for the identified staff.

Knowledge and competences

Staff who give investment advice must have higher levels of knowledge and competences than staff who simply provide information about investment products and services.

Among other matters, staff giving information must know the following: i) the essential characteristics and risks associated with the products on offer, ii) the total amount of costs and expenses the customer will incur, iii) how financial markets operate, the impact of economic data and national and international events on the same and the value of the products, and iv) the regulations applicable to the securities market.

On the other hand, staff who provide advice, as well as knowing the foregoing, must i) meet the suitability requirements under MiFID rules, ii) know the total relative costs of the advice provision, iii) analyze whether the type of product offered may not be appropriate for the customer after having assessed the information provided by that customer, and iv) understand how portfolio management works and the implications of diversification relative to individual investment alternatives.

The minimum period in which the necessary experience can be acquired will be 6 months full time (or the part-time equivalent). The maximum period during which it is permissible not to have qualification or experience will be 4 years.

Application

The guidelines apply to all those entities providing investment services[2] in Spain (“financial institutions”) and to their identified staff, who will be those who inform or advise customers or potential customers and who handle customers with portfolios with discretionary management agreements.

A member of staff will acquire the condition of “identified” if he/she complies with the following requirements:

• Being in possession of the knowledge and competences required by regulation
• Having received the minimum number of teaching hours (80 hours for staff who provide information and 150 hours those who advise) in both theoretical and practical training, whether these are taught in the financial institution itself or by training companies, both in person and online.

SBIF, the Banking & Financial Institutions watchdog, has published new regulations amending chapter 20-7 of the RAN (Updated Regulations Directory) on outsourcing Cloud Computing services. The new guidelines, which are at the public consultation phase, set out the minimum conditions that financial institutions must meet when outsourcing cloud computing services.

The key changes brought in are as follows:

Definitions

New definitions such as “Cloud Computing Services”, “Technology infrastructure” and “Information security infrastructure” are added and others such as “Data processing” amended to include their purpose (data transmission, transformation &/or storage); and “Significant or critical (strategic) activities”, which includes any activity that uses non-public customer data.

General conditions that institutions outsourcing their services must meet:

• The Board of Directors must specify what risk tolerance it is prepared to accept.
• The technology infrastructure used to support significant or strategic activities must be used exclusively by the contracting entity.
• The independent audits put together to select, hire and monitor suppliers must be conducted by personnel who specialize in the various risks being audited.
• Institutions must ensure that the supplier carries out its own internal audit reports of the service being contracted.
• The responsibilities and obligations of the subcontracted firms must be defined.
• The physical location of the data centers must be known.

Business continuity

The institution must verify that not only critical service suppliers, but also the suppliers they in turn subcontract, have continuity plans in place to guarantee the services being contracted.

In addition, the institution must have an exit strategy to cover possible non-compliance by the supplier, and must check that this plan ensures the portability and interoperability of the outsourced services.

Information security

As well as verifying that the information security program safeguards the confidentiality, integrity, traceability and availability of its own information assets and those of its clients, the institution must:

• Manage and supervise the security infrastructure of the information available, so, for example:  firewall, anti-malware, antivirus, anti-spamming controls, among others.
• Have an encryption level that is high enough to ensure the end-to-end confidentiality and integrity of the data in communications connections between the hiring party and the service provider.
• Ensure that effective control and protection measures against external attacks are in place.
• Carry out vulnerability assessments regularly, have access to the audit records and to the tracking of mitigation measures.

Services carried out outside Chile

The new regulation removes the obligation, written into the previous version of the regulations, on the Data Processing centers to have infrastructure with simultaneous maintenance capabilities.

Reinforced diligence for services in the cloud

This is the biggest change in the RAN update. The new section V contains added requirements in those cases in which the outsourcing involves an activity considered to be strategic or critical. Thus, the Board of Directors must be especially diligent and bear in mind the following considerations:

• The supplier used has independent certifications that are recognized internationally.
• The contracts are signed directly between the contracting institution and the suppliers, to minimize the risk posed by intermediaries.
• The institution has legal reports on privacy regulation and access to the applicable information.
• The information processed outside Chile has been authorized by the clients.
• The service provider writes its own internal audit reports and they are available for reference.