A company’s organisational structure includes various functions, often classified as business functions, control functions and support functions. Each of those can include multiple sub-classes. Risk management and audit are common examples of control functions. The same applies for compliance and surveillance.
In small companies, various (or all) control functions may be combined and managed by one and the same person. Large companies normally have specific, dedicated departments, such a risk management department, a compliance department and a surveillance department, whereby each of them is managed by a ‘head’ and staffed with various ‘specialists’. The compliance department may be managed by the ‘head of compliance’ and consist of various ‘compliance officers’. Moreover, there may even be a specific compliance department in a certain business unit of a company. ‘Trade compliance’ is an example thereof. Corporates with a business unit ‘trading’ may have a specific ‘trade compliance function’.
The tasks of the compliance function are manifold. It includes the management of the risk of non-compliance. The compliance function has to shield the firm, as well as its management and staff, against the risk of non-compliance.
Reputational risk and regulatory risk are highly related and typically part of the scope of compliance officers.
To function effectively, the compliance function should be independent and report to the highest management directly.
The exact compliance requirements depend on the activities of an organisation. Nevertheless, in general, the tasks of the compliance function include the following:
- Master knowledge of relevant legislation;
- Develop and maintain internal procedures and protocols;
- Describe what is acceptable and clearly document unacceptable practices;
- Logging of risks plus their mitigation, logging of incidents and logging of the use of exemptions, as well as the reason why those exemptions can be claimed;
- Reviews, such lessons learned and jurisprudence; and
- Education of staff.