Governance, Risk and Compliance

Mosaic has extensive experience working with clients across banking, insurance, funds and wealth to help them understand the risks, regulatory expectations and compliance obligations of customer remediation.

We work with clients to ensure that their implementation of customer remediation is as effective as possible, replicable and embedded to strengthen organisational resilience and competence.

Our support spans the full solutioning cycle, from advice and recommendations, through to data analysis, remediation calculation and implementation.

Periodic maturity assessments are an effective way to measure a firm's progress, validate its risk and compliance roadmap, enable informed decision-making, support a strong risk and compliance culture, and uplift operational excellence and resilience.

We can assist you assess your organisation's risk and compliance maturity. We can undertake holistic risk or compliance maturity assessments or more focused, "deep-dive" maturity reviews on specific aspects of your business. Our experienced team will independently assess your people, processes, and systems to ensure they are operating consistently and in line with industry practices.

An effective risk governance framework supports identification and focus on those risks that have the potential for the greatest impact on an organisation achieving its strategic objectives. It also holds risk owners accountable for managing those risks effectively.

We work with clients to assess, design, and implement fit-for-purpose frameworks that align corporate governance with risk management and control activities. This helps ensure that actual and potential threats to strategic objectives, business performance, operational efficiency, and resilience are well understood and managed within risk appetite.

Operational risk management is the process of identifying, assessing, and mitigating risks that can impact an organisation's operations. These risks can include human error, system failures, and external events.

We assist organisations to improve their operational risk management and broader reslience capabilities. We can provide a holistic approach that includes:

• risk assessment and identification;
• policy development and implementation;
• training and awareness; and
• control design and testing.

Regulatory requirements and expectations continue to evolve requiring financial services businesses to respond strategically and tactically to ensure compliance.

We have deep experience in assisting clients to respond to a wide range of regulatory changes spanning all sectors of the financial services sector. This assistance includes consulting engagements to identify how firms are positioned to meet current and/or new regulatory obligations or licencing requirements, and where required we can provide support to enable clients to implement the required operational responses within their business lines.

Conduct of Financial Institutions Act ("CoFI")

Mosaic supported four banks and three insurers to prepare them to meet CoFI requirements. It's engagements spanned gap analysis, programme leadership, programme implementation including Fair Conduct Programme drafting and other support to meet licencing requirements.

‍

RBNZ Outsourcing Policy (BS11)

Mosaic provided consulting and implementation support for three banking clients. This included review and remediation of third party and contracts and outsourcing arrangements.  

‍

Financial Advice Provider Licencing

Mosaic has supported a range of financial advice providers spanning funds, life and general insurance to prepare for the licencing regime which came into effect March 2023, and to review their advice operations  post implementation. Services provided included consultancy engagements to review the readiness of clients' business operations for meeting licencing obligations, and implementation support including the design of advice processes, drafting of policies, and development of assurance programmes.

‍

Risk framework review and holistic risk maturity uplift

Using its Enterprise Risk Management Framework ("ERMF"), Mosaic undertook a review of firms' risk management frameworks in the context of a merger integration and provided recommendations for a target ERMF for the new organisation. It has also assisted a large investment management firm to assess its risk and compliance maturity across all aspects of its business.

‍

Consumer Credit Contracts Act (CCCFA)

Mosaic supported two large banking clients to prepare their operations to meet CCCFA requirements. Mosaic has played a role in influencing CCCFA policy relating to director and senior manager liability, and disclosure penalty proportionality.