The Thomson Reuters annual report on the cost of compliance, published late in 2018 for the 9th year, has again highlighted a major challenge faced by Compliance Officers as coping with continuing regulatory changes.[1]
The report states that during 2017, Thomson Reuters Regulatory Intelligence captured 56,321 regulatory alerts from over 900 global regulatory bodies averaging 216 updates a day.
Referring to the number of hours per week compliance teams expect to spend tracking regulatory developments the report states that, this year’s results show a slight uptick, with two thirds of firms (66 percent) expecting the amount of regulatory information published by regulators and exchanges to be slightly or significantly more over the next 12 months.
Two examples of the many legislations that companies need to comply with are The Prevention and Suppression of Money Laundering and Terrorist Financing Law of 2007-2018 (enacting the EU’s 4th directive on AML), which came into effect in Cyprus on April 3rd 2018, and the General Data Protection Regulation (GDPR), which came into effect on May 25th, 2018. GDPR caused a lot of consternation and confusion across all businesses in Cyprus, about just what should be done to comply. The 4th AML Directive, though affecting a narrower spectrum of companies, spearheaded a change in approach from simple record keeping for AML purposes, to a more sophisticated risk based approach to AML.
Speaking at the AML & Compliance – Current Developments Seminar, in April 2019, Yiannis Pettemerides, Freelance Compliance Advisor, said, “The AML Directive is not a difficult law, but it is a very time-consuming law requiring compliance teams to gather a lot of information about companies, sources of finances, and background checks on associated persons.”
So how can compliance professionals cope?
They could take the advice offered by American lawyer Jason E. Brown, a Partner with Ropes & Gray LLP, in a paper published by the European Institute of Management and Finance who said “… [compliance officers] “need to understand regulators’ enforcement priorities and strategically deploy their compliance resources to address those priorities.” [2]
Of the varied resources available, our advice is to prioritise your time … it is your most precious resource.
Time is not an easily increased resource. Budgetary constraints may mean adding more personnel is prohibitive while on the other hand finding well-qualified and experienced personnel in the current market presents a recruitment challenge. Therefore, if increasing resources is not an option, compliance officers need to deploy their time strategically and work to mitigate time-consuming activities.
“Divide your time according to the evaluated risk rating of your clients. Spend 90% of your time on your high risk clients, and the remaining 10% on your normal and low risk clients.” Yiannis Pettemerides, Freelance Compliance Advisor, advised the seminar attendees. But, even when you heed this advice you still need to create and maintain records for all your clients on which to base your evaluations.
Gathering data and ensuring its quality is key to deploying a risk-based approach to compliance. To reduce pressure on your time and optimise data capture, find tools that help you by removing the need for duplicating data entry. Data gathered by company administration and banking activities should be readily available for compliance assessments and reporting.
To benefit from this type of cross-disciplinary collaboration you need an integrated approach to storing and accessing your data. One that also provides you with tools for generating the required reports such as group structures, client statistics and auditors’ reports, delivers alerts about suspect transactions, companies nearing or exceeding their Economic Profile limits, and reduces the time required for compliance monitoring and reporting.
The less time you spend creating records, maintaining Excel and Visio files and calculating beneficial ownership percentages, the more time you have to research clients and sources of financial transactions, activities that should form the core of your compliance activities.
Author: Claire Philpott, Senior Business Consultant, Moebius Limited.
[1] COST OF COMPLIANCE 2018, Stacey English, Susannah Hammond, https://legal.thomsonreuters.com/en/insights/reports/cost-of-compliance-2018
[2] European Institute of Management and Finance, ‘challenges-for-todays-compliance-officers-in-investment-firms-alternative-investment-funds’ <https://eimf.eu/challenges-for-todays-compliance-officers-in-investment-firms-alternative-investment-funds>
Source: Cyprus Fiduciary Association article, April 10th, 2019