Compliance Effectiveness Review
As expectations from regulators, Boards, and investors have evolved, the need to develop and maintain effective metrics to support compliance efforts and provide a window into an organisation’s compliance risks and controls has never been more important.
The various Codes of Practice, issued by the Jersey Financial Services Authority (JFSC), to which financial services businesses must adhere, include a specific requirement for the board of directors or senior management to ensure that an assessment is undertaken, on at least an annual basis, of the extent to which compliance risk is managed effectively.
WHAT SHOULD A COMPLIANCE EFFECTIVENESS REVIEW COVER?
While the JFSC does not provide any specific guidance on what their expectations are, Principle 3 of the various Codes include a clear indication of the expectations of the regulator in respect of the compliance framework and the roles of the key persons. These include:
- A compliance policy;
- A permanent, independent and effective compliance function with sufficient time and resources in order to carry out its responsibilities;
- Suitably skilled and experienced key persons;
- Direct access to the board and senior management by the compliance function and unfettered access to all business areas and relevant information;
- An appropriate compliance monitoring plan;
- Regular written reports to the board on relevant compliance matters; and
- The compliance function to be the principal point of contact with the Commission on day to day regulatory matters.
An assessment should consider these areas at a minimum. A more comprehensive assessment of compliance risk management should also look at the business risk assessment, interactions between the compliance function, the board and client facing areas, as well as training on AML and other regulatory matters.
“Appleby understand the importance of our work in delivering high quality, safe and effective services. They are responsive and supportive and always work in our best interests, often finding ways to reduce resources and costs without compromising on quality.”
HOW DOES THE REVIEW WORK?
Our Compliance Effectiveness Review is suitable for any business. The review can be performed remotely using a combination of a self-assessment questionnaire and secure document upload.
- Document Review
Review of documentation including, not limited to:- Compliance Policy
- Business Risk Assessment,
- Compliance Monitoring Plan
- Organisational structure
- Policies and Procedures
- Survey
Anonymous survey issues to relevant colleagues
- AnalysisAnalysis of information, considering the context of the organisation and its compliance obligations
- Report
Issue of draft and final reports setting out findings and recommendations
We will analyse the information and survey responses and provide you with a structured Compliance Effectiveness report setting out an assessment against the following topics, together with any relevant findings and recommendations:
- Culture – The culture under which the compliance team is operating
- Resources – The resources available to the compliance team and key persons
- Compliance Monitoring Plan – the scope of the plan and the activities through which the monitoring is carried out.
- Training – The quality and delivery method of compliance training within the organisation.