I am guessing that “Compliance” is a word which does not tend to provoke the warmest of feelings in many of those on the front line whose job it is to make money? Compliance functions are seen by some to get in the way of the sharp end of the business and be rather bureaucratic. Yes, Compliance is not a money making aspect of any business and, yes, there can be paperwork involved. However, the bottom line is that the law requires Financial Services companies to be regulated, and this is why we take Compliance very seriously.
Over time, the majority of Financial Services companies aim to build what we like to call a “compliance culture” where Senior Management in the front middle and back office consider Compliance at the same time as other business issues, and this is the way it should be ideally.
To be more precise, Financial Services companies often encourage and promote the benefits to employees, with Policies and Procedures which aim to reinforce this aspect.
All employees, no matter what their role within the business should have a helpful, open and positive attitude towards the Compliance Department and any Compliance issues, together with an understanding of its importance to the smooth operation of the business.
So – HOW do we ensure “Compliance” then?
First of all – you need a “Plan”…
A “Compliance Plan” would be a start. So, lets start with the Compliance Manual.
This is the starting point for many a “Trainee Compliance Officer”.
What should a Compliance Manual contain? Is there an “industry standard?” Can you buy one?
The answers to all of these questions are not the same – it largely depends on your company size, your FCA or PRA Permissions, your day-to-day activities, and of course the intended audience.
It is generally seen as “good practice” to refresh the Compliance Manual on an annual basis, often in conjunction with other processes, procedures and policies of the Firm.
The Compliance Manual should be “user friendly” and without a doubt – it should be “readable”. Remember, that for many staff, this is often the first document, or first dealing that they have had with Compliance, so the last thing you want to do, is to make your Compliance Manual a very intense and laborious read.
There is not ‘set in stone’ right and wrong for a Compliance Manual, some Firms use it as a “capture all” and include in with it, just about every policy and procedure that they have – and it ends up as a rarely printed “bible” – others take a more pragmatic view of the Compliance Manual, and have it saved in the “General Drive” under “Compliance Policies and Procedures” and it tells the story of Treating Customers Fairly, why Compliance is there, what Compliance do, and why we need Compliance to be informed, who you need to speak too (in confidence) and how to “Whistleblow”.
The amount of pages and chapters – again varies, but it is fair to say, that if you include too much in the document, it wont all be taken in and absorbed.
Some companies, ensure that their staff make an “annual attestation” that they have ‘Read and Understood’ the Compliance Manual and any other associated “Policies” so that, should there ever be a regulatory breach, incident, or such alike, the employee is not able to say “I didn’t know Guv?!”
So, in brief, ensure that you have a contact point in the Manual, you ensure that your staff know how to “whistleblow”, you have clear and concise Policies and Procedures, and that Compliance related issues should always be dealt with by the Compliance Department.
After all – that’s what it is there for – not just as a “Big Brother Monitoring Service”.
If YOU need guidance, help, assistance, a review of your Compliance Manual, Procedures and /or Policies, from an Operational Risk basis, a Regulatory Risk basis and a Compliance health-check basis do not hesitate to contact Compliance CRG.
One of our expert team will be more than pleased to give you a “no quibbles” review and recommend improvements.
Lets now move on to the next chapter…