A good compliance culture is where senior management and employees understand and value the importance of compliance within a firm. Senior management should start with setting the right tone at the top. A negative view of compliance can expose firms to risks, for example, Anti-money laundering (AML) risks, reputational risks, financial risks and eventually, even destabilize the financial system. Does your firm have a compliance culture? Below are some areas to look at.
Do the senior management team and employees understand what their responsibilities are? Do they understand the importance of compliance and the risks and consequences of non-compliance?
Is the Compliance Officer (CO) given enough seniority within the firm? Does he/she have access to senior management? Is he/she able to make and enforce decisions?
The firm must apportion significant responsibilities to its senior management and maintain this apportionment in such a way that it meets the corporate governance requirements in Dubai Financial Services Authority (DFSA) GEN Rule 5.3.30. The firm must also be clear who is responsible for which matters. Responsibilities are usually identified in the job descriptions of the Authorised Individuals and other members of senior management.
Ensuring compliance with DFSA Rules and Regulations should be a part of every employee’s job description. Compliance with the DFSA’s 6 Principles for Authorised Individuals (GEN 4.4) should be part of the obligations of every Authorised Individual.
Have all employees received compliance and AML training? Senior management and all employees need to receive training to ensure they understand relevant legislation applicable in the Dubai International Financial Centre (DIFC) and the DFSA rules and regulations. AML training is mandatory for all relevant staff at appropriate and regular intervals (upon joining and at least annually thereafter).
Does your firm understand the risks it faces? Has the firm established and maintained systems and controls to identify, assess, mitigate, control and monitor its risks?
Can employees raise their questions, concerns or obtain clarification on matters or highlight training needs without fear of criticism? If supervisors or management are unapproachable it could prevent staff from raising important issues.
Relationship with your regulator
Does your firm have a good relationship with the DFSA? The DFSA expects authorised firms to have an on-going honest and open relationship with them. Aside from mandatory notifications, this means reporting anything to the DFSA that they would expect to be notified of.
Relationship with your compliance function
Does your senior management team have a good relationship with its compliance function? The CO/Money Laundering Reporting Officer (MLRO) must have sufficient authority to carry out his/her functions satisfactorily and also have direct access to the senior management team, including the Board of Directors.
Compliance is an independent control function that provides advice, issues policies, conducts training for the business, and monitors and tests business activities proactively. Compliance helps to protect the company by taking steps so that potential regulatory risks and liabilities are identified and addressed appropriately.
Regular meetings should take place between the Senior Executive Officer (SEO) and the Compliance Officer.
Have you reviewed your employee remuneration structure recently? Are incentives in line with what you are trying to achieve in terms of creating/retaining a good compliance culture? Does your incentives plan focus purely on generating sales/hitting targets?
Accountability and responsibility
Are staff competent and accountable for their actions? Do you have disciplinary procedures in place to address any breach of rules/policies/procedures by your employees? Do you have appropriate policies (such as whistleblower protection) in place that afford protection to those employees that provide information on any potential wrong-doing/breach?
Staff must continue to remain fit and proper to discharge their duties.
Consequences of non-compliance are greater now than ever before. Increased focus of regulators on compliance is evident in the frequent actions taken by authorities world-over against non-compliant institutions as well as individuals. We also see greater responsibility and accountability attached to the senior management in this regard. The financial implications of non-compliance go much beyond monetary fines – there is potential to affect business profitability as well as the ability to offer certain services and all firms should procure the right type and amount of resources to build an effective compliance culture at the workplace.
HOLT consultancy delivers compliance and AML training for senior management and employees. Please contact the team at HOLT consultancy by email using firstname.lastname@example.org
or by phone on +971 4 386 6360 to discuss your requirements.
More information can be found on our website http://www.holtconsultancy.com.