A
good compliance culture is where senior management and employees understand and
value the importance of compliance within a firm. Senior management should
start with setting the right tone at the top. A negative view of compliance can
expose firms to risks, for example, Anti-money laundering (AML) risks, reputational risks, financial
risks and eventually, even destabilize the financial system. Does your firm
have a compliance culture? Below are
some areas to look at.
Responsibilities
Do the senior
management team and employees understand what their responsibilities are? Do
they understand the importance of compliance and the risks and consequences of
non-compliance?
Is the Compliance
Officer (CO) given enough seniority within the firm? Does he/she have access to
senior management? Is he/she able to make and enforce decisions?
The firm must apportion
significant responsibilities to its senior management and maintain this
apportionment in such a way that it meets the corporate governance requirements
in Dubai Financial Services Authority (DFSA) GEN Rule 5.3.30. The firm must
also be clear who is responsible for which matters. Responsibilities are usually identified in
the job descriptions of the Authorised Individuals and other members of senior
management.
Ensuring compliance
with DFSA Rules and Regulations should be a part of every employee’s job
description. Compliance with the DFSA’s 6 Principles for Authorised Individuals
(GEN 4.4) should be part of the obligations of every Authorised Individual.
Training
Have all employees
received compliance and AML training? Senior management and all employees need
to receive training to ensure they understand relevant legislation applicable
in the Dubai International Financial Centre (DIFC) and the DFSA rules and regulations. AML training is mandatory for
all relevant staff at appropriate and regular intervals (upon joining and at
least annually thereafter).
Risk
management
Does your firm understand the risks it faces? Has the firm established
and maintained systems and controls to identify, assess, mitigate, control and
monitor its risks?
Open
door
Can employees raise their
questions, concerns or obtain clarification on matters or highlight training
needs without fear of criticism? If supervisors or management are unapproachable
it could prevent staff from raising important issues.
Relationship
with your regulator
Does your firm have a
good relationship with the DFSA? The DFSA expects authorised firms to have an
on-going honest and open relationship with them. Aside from mandatory
notifications, this means reporting anything to the DFSA that they would expect
to be notified of.
Relationship
with your compliance function
Does your senior
management team have a good relationship with its compliance function? The
CO/Money Laundering Reporting Officer (MLRO) must have sufficient authority to carry out his/her functions
satisfactorily and also have direct access to the senior management team,
including the Board of Directors.
Compliance is an
independent control function that provides advice, issues policies, conducts
training for the business, and monitors and tests business activities
proactively. Compliance helps to protect
the company by taking steps so that potential regulatory risks and liabilities
are identified and addressed appropriately.
Regular meetings should
take place between the Senior Executive Officer (SEO) and the Compliance Officer.
Remuneration
Have you reviewed your
employee remuneration structure recently? Are incentives in line
with what you are trying to achieve in terms of creating/retaining a good
compliance culture? Does your incentives
plan focus purely on generating sales/hitting targets?
Accountability
and responsibility
Are staff competent and
accountable for their actions? Do you have disciplinary procedures in place to address any breach of
rules/policies/procedures by your employees? Do you have appropriate policies (such
as whistleblower protection) in place that afford protection to those employees
that provide information on any potential wrong-doing/breach?
Staff must continue to
remain fit and proper to discharge their duties.
Consequences of
non-compliance are greater now than ever before. Increased focus of regulators
on compliance is evident in the frequent actions taken by authorities
world-over against non-compliant institutions as well as individuals. We also
see greater responsibility and accountability attached to the senior management
in this regard. The financial implications of non-compliance go much beyond
monetary fines – there is potential to affect business profitability as well as
the ability to offer certain services and all firms should procure the right
type and amount of resources to build an effective compliance culture at the
workplace.
HOLT consultancy delivers compliance and AML training for senior management and employees. Please contact the team at HOLT consultancy by email using info@holtconsultancy.com or by phone on +971 4 386 6360 to discuss your requirements.
