…make things happen

G.R.I.A

gria2First used in 2005 by Ross McGill and Terence Sheppey, GRIA is an analysis method to identify potential operational conflicts and cost duplication from a firm’s attempts to comply with more than one set of regulations.

Most financial firms have activities that cross jurisdictional borders.  This often means that, in addition to a need to comply with a local regulator and domestic law, the firm will also need to take some account of those aspects of foreign regulation and law that also apply to a lesser or greater extent.

A good example would be data protection and corporate actions.  Many firms in Europe currently send data to the United States and to India for operational purposes.  Equally, in corporate actions, firms file tax reclaims on behalf of foreign investors where data is being provided cross border to third parties.  Transfer of data belonging to an EU resident to a location outside the EU is prohibited by European Directives with the exception of some limited circumstances.  In particular, India, a common jurisdiction for back offices, has no data protection regulations.  The United States is viewed by the EU as having a less stringent data protection regime, but ther EU has agreed a system of Safe Harbor certification.  In this system a receiving US firm can legitimately receive EU private data as long as the recipient firm is certified in the Safe harbor.  This means that the recipient has agreed to handle private data to both the higher EU standard and the lower US standard.  It is interesting that there are almost no US financial firms certified in the Safe Harbor.

A further example would be the US IRC Section 1441 NRA tax regulations.  These are US tax regulations enacted by US Congress in 2001, but apply only to foreign (i.e. non-US) financial firms. The trigger to be subject to these regulations is the receipt by the foreign firm of US sourced income, NOT as many think, having US clients as customers.  UBS found this issue highlighted since, as a Swiss bank, it was regulated by and subject to Swiss banking secrecy laws.  As a result, it could not, without breaking its domestic law, comply with the 1441 regulations and disclose its US customers to the IRS.  While a compromise of sorts has been reached, this issue cost UBS over $750 million and a big hit to its reputation.

The issue is therefore, how do firms analyse the different aspects of multiple types of regulation in terms of their ability to comply and the costs associated.  GRIA is the tool that we designed to do this.

Described in more detail in the book “The New Global Regulatory Landscape” (Palgrave Macmillan)  GRIA assesses multiple regulatory structures and identifies three types of overlap – neutral, constructive and destructive.  A destructive overlap describes a situation where expenditure incurred to achieve compliance to one set of regulation is wasted by expenditure by the same firm in trying to comply with a different set of regulation.  In some cases compliance to one set of regulation can actually mean compliance failure for another.

GRIA provides both an analysis of the relevant regulations as well as an analysis of costs incurred in compliance and the firms overall compliance position.

If you are interested in GRIA, please contact us.