Gone are the days when compliance was deemed a necessary evil. With breaches and blacklists and public scrutiny, regulated businesses must now view their compliance teams as their battle buddy, constantly on guard for threats from all fronts, internal and external.
In the past, many regulated businesses have provided the compliance function with little managerial time leaving their compliance officers with one simple objective: “Just get it done”. However, the pendulum is swinging and we are seeing increased budgets and managerial time spent on compliance.
To help senior managers new to the compliance landscape, here are a few tips to help better understand and manage compliance:
- Set a regular meeting with your compliance officers – book the conference room and forbid interruptions. This is your time to learn about new regulations coming down the pipeline and plan actions to meet these regulations efficiently. Remember to take notes to record decisions made – these are useful to show regulators senior management involvement in compliance related matters.
- Remember the rule, “what gets measured gets managed”. Compliance is difficult to measure because there are so many variables and with ongoing monitoring requirements, figures rarely improve. It is never a tick the box and move on exercise. But difficult does not mean impossible. Explore what matters most and how it can be measured. This may mean focusing on decreasing the numbers of days a potential new client has outstanding KYC or the number of existing accounts that are non-compliant.
- Is compliance always backed up? If so, look for the bottlenecks in workflow and aspects that can be assigned to others without reducing compliance integrity. For example, consider establishing sign-off approvals by two or three people – one manager approving PEPs, another out-of-scope transaction, a third EDD documentation – this way one single person is not overwhelmed with approvals.
- Review thoroughly those new clients/customers that are being identified as Politically Exposed Persons (PEPs). Because this is such a grey area, it’s too easy to identify every government official as a PEP. However, most regulations state a PEP is a person who “is or has been entrusted with a PROMINENT public function.” Remember to document your analysis – even if you think their position is not prominent enough to make them a PEP, put your reasoning in writing and on file.
- Require each compliance staff member go on holiday at least once a year without phones and laptops or work-related reading. Two reasons for this rule: (1) you need to know if you can continue without their presence – consider it a fire drill should they ever have to be away and (2) they need the break to release their mind from the knots that compliance work creates. They may even return with fresh ideas on efficiency.
- Thank them. This is a small act, but very important. Your compliance staff must manage complex regulations and there is a lot of personal liability with the role. They are tasked with making sure you and your staff are protected from penalties, negative press and yes, even prison, and they do so in many cases with limited budgets and staff. A simple act of appreciation can do wonders for morale.
Be prepared to spend more time on compliance obligations in 2018. Recent headlines indicate compliance obligations are going to keep increasing so good management oversight is going to be required.