Are you into Compliance, Read this

#Compliance

#CCO

#CAMS

Before I start, let me stress on the fact that this article or any past or future articles represent purely my personal point of view and has nothing to do with my current or previous employers' point of view or directions.

Also this article doesn't promote or spot light on a specific compliance qualification or governing body, it is just to explain the compliance from a simple angel.

Compliance as a career didn't pop up just recently, compliance as a department or function do exist long time ago, especially with when the financial services and banking industry reached the maturity stage in the developed countries and G20.

Let us categorize the compliance into 3 Tiers;

1) Tier 1: Banking industry & financial services related compliance.

This category includes compliance for companies working in investments, securities, brokerage, insurance and trading.

This is the most sophisticated, strictly governed and regulated worldwide; if we look at banks, we will find so many line of defenses in place to protect against failure especially when you borrow from depositors and lend what you don't own, definitely such activities need to be well monitored to protect depositors, stockholders and customers.

The compliance function here had a clear role, formal structure , reporting requirements and regulatory investigations to issues related to opening and maintaining accounts, record keeping, client complaints, tradings, money laundry and terrorist financing.

In most countries, for someone to be a compliance officer, he or she has to pass a qualifying exam and obtain a license to practice.

Popular job titles are Chief compliance Officer, MLRO (Money Laundry Reporting Officer), CAMS (Certified Anti-Money Laundry) is the ultimate qualifications for those who will work in this field.

2) Tier 2: Non-banking related compliance.

With the merge of multinational companies operating around the globe, the huge differences in the laws and regulation across different countries and even inside the one country, the huge exposure of the risk of violating any laws when ignorance will not be a valid excuse, companies started to form a compliance function responsible for ensuring that the company is complying with the laws and regulation in the areas where they operate.

The credit goes to the Foreign corrupt Practice Act (1977) , Sarbanes Oxley Act (2002) as well as the UK Bribery Act (2010) all will remain major acts to be complied with and they trigger the issuance of so many following similar acts in other countries.

Later on, upon analyzing the reasons behind corruption, bribes and illegal acts, It was found that absence of code of conduct, Ethics code made so many wrongdoers run out and use the non-awareness as an excuse, thus, we start to find that ethics has been added to the compliance in so many multinational companies; Even governing body came out with qualifications that combine both (Certified Ethics and Compliance Professional - CCEP).

The main focus will be on compliance with trade laws, local regulations, fair competition and anti-monopoly, anti-harassment, anti discrimination, anti trust laws and conflict of interest situations.

3) Compliance from an Audit prospective.

One of the popular types of engagements is the compliance audit, where the auditor (whether external or internal) will accumulate evidence to provide reasonable assurance that the function/company is in compliance with specific law and regulation.

Both auditors (External or Internal) can preform such assignment if they understand the underlying laws or regulation and as long as it is within the scope of the charter for internal auditors.

However, if the external auditor is performing such assignment, then it might be either;

• Stand alone assignment with a separate engagement letter, specific fees and opinion or report being issued at the end stating clearly what are these laws and regulation or may be even debt-covenant and whether the entity is in-compliance or not. A positive assurance is expected to be the ultimate outcome.
• Done as part of the normal annual audit especially for publicly held clients (SEC) or governmental units being funded from the federal agency, in this case, the auditor is obliged to add an additional paragraph referring to the fact that the entity is in compliance with the laws and regulation and he/she is not aware of cases lead to the opposite of that. Such regulations might be quarterly (10Q) or annual filing (10K) or specific disclosure related to transparency requirements (8-K). It can be even to assess whether the entity is operating as per its article of incorporation or not. The crucial part will always be the criteria/law against which we are comparing (Benchmark).

Finally, no matter what, it is very important to decide what type of compliance we are after and are we qualified to carry on the duties of the position or not.

Examples of the so many compliance qualification: Certified Compliance Officer (CCO), Certified Compliance Professional (CCP), International Compliance Association (ICA) Certificate in Compliance.