The Tribune

Compliance is about mitigating risk and following rules set by external authorities. To combat internal, and external, threats of corruption and fraud, various laws and regulations require that companies establish effective compliance risk mitigation programmes. But, despite this worldwide push, a simple assessment will highlight that the frameworks deployed differ from company to company. To deal with such inconsistencies, the Deloitte & Touche accounting firm has unveiled ethics and compliance programmes that focus on five so-called pillars for success. These are

1 Tone at The Top

2 Corporate Culture

3 Risk assessments

4 Testing and monitoring

5 Chief Ethics and Compliance Officer

Notwithstanding the above, compliance is by nature an evolving vocation. Compliance professionals should prepare themselves for another year of change that may expand the mandates of our teams, and challenge traditional methods of compliance risk management.

Foresight versus hindsight

Day-to-day compliance activities are challenging because reactive concerns consume time that could otherwise be used to mitigate risk in a proactive manner. Traditional approaches to analysing transactional data, and get to the root of issues, can now be addressed through advances in technology. Deploying technology that is properly monitored allows chief compliance officers (CCO) to realign their teams’ time to more insightful endeavours that assist the business, while still mitigating risks. To develop these insights, investment in technology; adoption of better processes; and a deliberate focus on the data that comes from the business, risk and operations will be necessary.

Sustainability Management

The continuously-shifting regulatory environment provides an avenue for compliance professionals to not only manage disclosures and reporting within their perspective jurisdictions, but also to pay acute attention to other jurisdictions, social media and traditional news reports to gain a glimpse into what is coming down the regulatory pipeline. According to ControlRisks’ Risk Map 22, environmental, social and governance (ESG) is the top risk of 2022. Locally, companies may not think ESG warrants attention. However, I would strongly disagree. As the world becomes smaller through technology and partnerships, the requirements global business partners mandate that Bahamian businesses must manage their third-party relationships to ensure compliance with their local legislation. As awareness increases of international requirements, the local compliance professional, if equipped, now has the opportunity to strategically advise on business decisions. In order to be successful, social and governance issues must be integrated into the daily processes of companies.

Compliance return on investment (ROI)

Deloitte estimates that “the cost of compliance and risk mitigation over the last eight years has jettisoned almost all discretionary funding available to firms”, with other estimates reporting an increase of 60 percent over the same timeframe. Chief compliance officers must shift from the approach of justifying their company’s compliance expense to ensuring its integration with strategic goals and objectives. Additionally, chief compliance officers must move to quantify their teams’ compliance impact through data which allows the business to see and feel the impact in areas such as regulatory fines and observations, internal audit findings and external audit findings.

Conclusion

In short, as compliance professionals, we must recognise that our role is about more than processes and now entails protecting our companies from the many risks that come with the year 2022.

NB: About Derek Smith Jr

Derek Smith Jr. has been a governance, risk and compliance professional for more than 20 years. He has held positions at a TerraLex member law firm, a Wolfsburg Group member bank and a ‘big four’ accounting firm. Mr Smith is a certified anti-money laundering specialist (CAMS), and the compliance officer and money laundering reporting officer (MLRO) for CG Atlantic’s family of companies (member of Coralisle Group) for The Bahamas and Turks & Caicos.