The Challenges of the Compliance Officer in the Financial Sector - Practical Issues
Carlos Lelo Filipe
Director Compliance & MLRO | Leonteq Securities (Europe) GmbH - Sucursal em Portugal
Summary
I - A brief historical overview of Compliance in Portugal
II - Being a Compliance Officer: the biggest challenge
III - Types of Compliance Officer Challenges in the Financial Sector
IV - Conclusions
Must start with a disclaimer of interest, clarifying that this presentation expresses only my personal view on the Challenges of being a Compliance Officer in the Financial Sector and cannot be associated in any way with my employer, Leonteq Securities (Europe) GmbH - Sucursal em Portugal.
This approach is centered on a practical level and based on my professional experience as a Compliance Officer in various areas of the financial sector.
?
I - A brief historical overview of Compliance in Portugal:
When we talk about Compliance in Portugal we immediately associate the term with something related to the banking and financial sector, the General Personal Data Protection Regulation, the themes of Economic Criminal Law and the themes related to Whistleblowing after the transposition of Directive EU 2019/1937 into the national legal system.
In Portugal, the first references to Compliance and Corporate Governance themes appeared at the end of the 1990s in the stock exchange regulation sector.? The first step in this area was taken by the CMVM (Portuguese Securities Market Commission) in 1999, when it approved a set of 17 Recommendations regarding rules of conduct to be observed by companies listed on the stock exchange.
The second major step towards the adoption of Compliance programs in Portugal was also taken in the financial sector in 2005, following the adoption of the guidelines contained in the Basel Committee on Banking Supervision Report of April 2005, commonly known as ‘Basel II’, which expressly mentions Compliance and the creation of a Compliance function in banking.
The greatest impetus for consolidating Compliance in the financial sector in Portugal resulted from the transposition into national law of the European legislation that emerged after the 2007/2008 financial crisis, along with a trend towards harmonization of Economic Criminal Law within the Member States of the European Union.
Examples of the influence of EU legislation include the Directives on the Prevention of Money Laundering, Market Abuse (Mifid I and II) and the General Data Protection Regulation, among others.
?
II - Being a Compliance Officer: the biggest challenge
With 34 years' professional experience in the banking and financial sector, working in areas as diverse as Operations, Organization and Systems, Marketing and Legal/Contentious Advice before moving to the Compliance area in 2009, I can say without a doubt that the role of Compliance Officer is both the most exciting and the most challenging of all the roles I have held.
When it comes to the challenges faced by Compliance Officers, we should start with the personal ones.
As we've already mentioned, the role of Compliance Officer is an extraordinarily challenging one in many ways, starting with the ability to adapt, react and deal with constantly changing scenarios, through to a permanent willingness to learn and update knowledge, and ending with a considerable amount of flexibility and negotiating skills.
The world of compliance is constantly evolving, increasingly demanding and wide-ranging, and the Compliance Officer will only be able to carry out their duties efficiently if they are able to keep up with this evolution, anticipating scenarios, identifying problems and identifying solutions.
In addition to the aspects listed above, there is another that we consider not only indispensable but also decisive for the full performance of the Compliance Officer, namely an in-depth knowledge of the sector in general and the company's business model in particular.
As one of the most important ‘Gatekeepers’ of the organization he or she is part of, the Compliance Officer will only be able to carry out his or her duties effectively if he or she has a detailed and in-depth knowledge of the entity's business model, because only then will he or she be able to identify the risks of the activity, propose appropriate measures to prevent and mitigate them, without ever losing sight of anticipating new scenarios.
In the area of the Compliance Officer's personal challenges in carrying out their role, we must also include personal liability to authorities and regulators, which may constitute criminal liability, something already provided for in various legal systems.
In the Portuguese case, this type of criminal liability occurs whenever there is a case of omission of the duties of vigilance and zeal, such as in cases where behaviors ?are detected that constitute the commission of criminal offences and the Compliance Officer fails to act, doing nothing to prevent the pursuit of criminal activity.
III - Types of Challenges faced in the Financial Sector
After stating without hesitation that the greatest challenge for any Compliance Officer, regardless of the sector of activity, is precisely to perform the role of Compliance Officer, we will now move on to an analysis of the two ‘classic’ types of challenge: internal, within the company's organization, and external, arising from interaction with regulators and judicial authorities, as well as with business counterparties or service providers.
?
1. Internal
The main internal challenges faced by Compliance Officers in the financial sector are as follows:
a.??????????? First and foremost, the lack of co-operation on the part of companies' top management bodies, as many still see Compliance as a mere additional cost and an activity that conditions the business, in other words, as a legal and regulatory imposition that must be formally complied with.
Although the importance of the example set by top management, the so-called ‘tone at the top’, in the adoption and implementation of a Compliance culture is commonly accepted, the fact is that, in practice, there is no point in including these issues in the corporate communication strategy without providing the Compliance areas with the human, financial and technological resources they need to effectively fulfill their role.?
Equally as important as the ‘tone at the top’ is the ‘tone from the top’, i.e. the examples set by management in their interactions with the organization’s structure.??
?
b.??????????? The second internal challenge is the relationship between the Compliance units and the various business areas, which is not only extremely important but also critical to the success of Compliance programs and the full performance of Compliance Officers' duties.
领英推荐
In many cases, Compliance is seen mainly as a cost and an obstacle/barrier to the development of business activities by management bodies, and this is even more pronounced when we come to the area of relations between Compliance units, and also Internal Control, and the various business areas of organizations.
At this level, the great challenge for Compliance Officers is to be able to sensitize the commercial/business areas to the importance of Compliance as a safeguard instrument/mechanism, as well as a kind of insurance against the risks of involvement in illegal activities, i.e. a mechanism that aims to ensure that business is carried out in a way that is safe for the company, preventing risks of the most diverse nature, from criminal to reputational.
c.??????????? Thirdly, we can mention the challenge arising from the expansion and extension of Compliance Officers' responsibilities to areas such as ESG (Environmental, Social and Governance), crypto-currencies and NFTs (Non Fungible Tokens), technology and Artificial Intelligence.
In this case it is a challenge that is both internal and personal to the Compliance Officers, internal in the sense of including in the remit of the Compliance areas new demands from the regulatory field such as those related to compliance with ESG criteria and requirements, the extension of business areas to crypto-currencies or NFTs.
The same applies to the use of technology and Artificial Intelligence in the performance of various typical compliance tasks in the financial sector, such as carrying out KYC (Know Your Client/Customer) diligence, monitoring transactions or screening or preventing their use by economic and financial crime.
On a personal level, the expansion and extension of Compliance Officers' responsibilities and areas of activity is a huge test of their ability to respond and manage their time effectively.
?
d.??????????? Another of the internal challenges facing the financial sector's compliance areas, common to any other sector of activity, is their role in implementing a true culture of compliance within companies/entities.
In fact, if the ‘tone at and from the top’ is decisive for the introduction and implementation of a culture of ethics and Compliance in organizations, the role of the Compliance areas and the Compliance Officers is decisive for the effective adoption and deepening of this same culture, because alongside the importance of the example set by the administrative and management bodies, the examples set by the Compliance Officers in the exercise of their functions and in their interaction with the different units of the organizations are vital for its effective implementation.
This allows us to state that the ‘tone from the top’ without the proper ‘tone from Compliance’ is not enough for the effective adoption of a Compliance culture within organizations.
?
e.??????????? Lastly, but not necessarily least, we would point to the management of human, financial and technological resources as another of the internal challenges facing Compliance Officers, particularly Chief Compliance Officers, in the financial sector
As we had the opportunity to mention at the beginning of our presentation, in many entities in the financial sector, compliance areas are still seen as a cost and their contribution to value creation is not properly valued.
Seen as a cost resulting from legal and regulatory impositions, whose reflection on the benefits side tends not to be properly valued, the allocation of human, financial and technological resources to the Compliance function is still far from satisfactory.
In the field of human resources, we continue to see one of two typical situations: either an insufficient number of employees or inadequate selection, something that ends up having a strongly negative impact on the performance of duties, because while the former leads to an overload of tasks, the latter ends up generating an inability to fulfill them effectively.
The challenge of allocating and making available the necessary and adequate financial resources to effectively carry out the Compliance function is also a test of the various Compliance Officers‘ ability to adapt, starting with the Chief Compliance Officer's ability to negotiate and even make demands, and ending with the other Compliance Officers’ capacity and ability to carry out tasks in a scenario of scarce or clearly insufficient resources.
In terms of the technological resources allocated to the Compliance function, the Compliance Officer's challenge lies at two levels: the Compliance Officer who carries out the KYC, monitoring or screening tasks, who is primarily responsible for pointing out deficiencies, proposing improvements and even revising the parameters of the tools and, at a second level, the Chief Compliance Officer, who is responsible for demonstrating to the management bodies both the shortcomings of the existing tools and the need to obtain upgrades or purchase new versions/tools that ensure the necessary responsiveness and effectiveness in carrying out the tasks.
?
2.???????? External challenges
In the domain of the external challenges faced by Compliance Officers in the financial sector, we can point to three main :
?
a.??????????? In the first instance, we are faced with the challenge arising from the increase in legislative and regulatory requirements and their impact on Compliance structures and models, both at the macro level of the organizations’ normative and procedural architecture and at the micro level of the increase in the number of daily or periodic tasks required to ensure compliance with new legal and/or regulatory obligations.
In addition, this challenge also has a significant impact on individual Compliance Officers, both because of the increase in the number of tasks and because of the need to keep constantly up to date and aware of new legislative and regulatory trends, in order to anticipate any changes and ensure the timely adoption of the necessary measures to guarantee compliance.
We should also include in this first group of external challenges those resulting from contacts and interactions with regulatory and judicial bodies, which, as part of the Compliance function's list of duties and responsibilities, require the Compliance Officer to take particular care in the way he communicates with these bodies.
b.??????????? The growing sophistication of illicit behavior is perhaps the most critical external challenge for Compliance Officers in the financial sector, particularly in the field of preventing and combating money laundering, terrorist financing or fraud and corruption.
Since Compliance Officers in general, and the so-called Money Laundering Reporting Officers (MLROs) in particular, are the gatekeepers of entities in terms of preventing, detecting and combating the use of the entities' products and business segments by individuals or criminal organizations, this gives rise to a special duty of care and constant updating.
In fact, along with in-depth knowledge of the commercial activity of organizations and the characteristics of their clientele, it is the duty of Compliance Officers/MLROs to be particularly aware of the new types of economic and financial crime, in order to ensure that they are able to deal with them.
?
c.??????????? At a time marked by globalization and the intensive and even exhaustive use of social networks and digital information/social media, in our opinion the means of defense against reputational risks is the third major external challenge facing Compliance Officers working in the banking and financial sector.
In this case, in addition to the typical reputational risks resulting from the public disclosure of financial penalties imposed by judicial or regulatory bodies, we have to consider those resulting from attacks perpetrated by radicalized groups, self-styled defenders of a panoply of causes ranging from the environmental to the inclusion of all kinds of minorities and social fringes, who are always ready to spot any ‘politically incorrect’ reference in the promotional materials of entities in the various sectors of activity, launching various kinds of attacks on them that end up having reputational effects.
In this area, the role of Compliance Officers is particularly important in both the preventive and reactive phases.
?
IV - Conclusions
Throughout this reflection on the challenges faced by Compliance Officers working in the financial sector, we have moved from the personal to the institutional level and ended as we began, considering that the main challenge for any Compliance Officer, whatever the sector of activity they are in, is in fact the performance of the role, which implies, from the outset, an extraordinary ability to adapt and react, together with the aptitude to deal with scenarios of constant change, including a permanent willingness to learn and update knowledge, and ending with the indispensable flexibility and negotiating skills.
?
Translated to English with DeepL.com (free version)