https://www.crigroup.

com/2020/01/09/risks-for-compliance-officers/

for compliance officers

in 2020
The job of a compliance officer can be a difficult one. Organisations from large corporations down to small
government agencies rely on their compliance officers to keep them within ethical and legal boundaries. They
also rely on them to maintain monitoring and reporting requirements, and stay abreast of any changes in the
compliance landscape. For professionals in this field, the bad news is that challenges will continue to increase in
the near future (as we’ll explain in this article). The good news is that there are trained experts available to
work hand-in-hand with organisations’ compliance officers to minimise risk and help them remain in compliance.
The stakes are high, as organisations in both the public and private sectors face new laws and regulations in
jurisdictions around the world, along with increasingly strict enforcement and punishments. Investigations of
violations can, and often do, lead to heavy fines. In some cases, criminal charges may result – and these can be
levied against the organisation, or individuals, or both. Here are some of the biggest challenges facing
compliance officers today:

 1. Anti-money laundering (AML) regulations

The Panama Papers and other major scandals, including the illicit funding of certain terrorist actions, brought
money laundering issues firmly into the spotlight. Many governments have been stirred to action to create
stronger measures meant to prevent the illegal funding of criminal or terrorist enterprises. In the European
Union, this resulted in the 5 th Money Laundering Directive (5MLD), which takes effect in January 2020. 5MLD
impacts organisations most directly in how they handle their know-your-customer (KYC) processes.
In the run-up to the 5MLD, there was increased attention on high-risk countries. Clients or transactions engaged
in high-risk countries are now subject to enhanced due diligence when performing onboarding checks.
Compliance teams need to ensure KYC is not a simple “tick box” exercise during the onboarding phase, and
ongoing monitoring processes need to be implemented to manage changes throughout the customer lifecycle.

5MLD requires enhanced due diligence when dealing with high-risk countries. In addition to obtaining evidence
of the source of funds and source of wealth, information on beneficial ownership and background to the
intended transaction must also be recorded. The EU may also designate a ‘blacklist’ of high-risk countries for
money laundering.
2. Conflicts of interest
Risks related to conflicts of interest are significant at every level of the company. Starting with the board of
directors, an effective board must be transparent about potential conflict issues and address them on an
ongoing basis. Board decisions that either suffer from actual conflicts can risk the board’s adherence to its duties
and create real legal risks. Even the appearance of a conflict can raise real issues and transparency becomes
even more important in these contexts.
This same level of risk can undermine the integrity of senior management. When senior executives fail to
address real and significant conflicts, the integrity and overall leadership trust factor can deteriorate. A
compliance executive must be willing to take on these issues, even when it is difficult to confront senior
executives.

Within the private equity (PE) industry, conflicts and their adequate disclosure remain problematic. In recent
years regulators have made examinations of PE firms and their complex structures top priorities. Most major
organisations – and their compliance officers – see outside business activities as a risk.

3. Innovation driving new demands

New innovations are providing increased efficiency in compliance processes, which is a major plus for
organisations. Always a double-edged sword, however, technology also creates more issues in data security, not
to mention the training and expertise required to master it.

For many ‘non-tech’ professionals such as compliance officers, rapidly changing technology can be a concern, as
the importance and integration of technology into the compliance suite continue to evolve. Compliance officers
may not need to become technology experts, but they do need to ensure that tech-related risks are addressed
within their firm’s framework. Compliance must be aware of rules and regulations from every jurisdiction with
authority over the firm’s activities. This is another area where partnering with an outside firm that provides
training and technology resources can be a major advantage.

4. Regulatory and political change

Recent years have seen a flurry of new regulations from various governmental bodies and jurisdictions, from the
General Data Protection Regulation (GDPR) act to 5MLD. The GDPR, for example, has extraterritorial reach. It
also serves as a model for future possible regulations in the critical area of data privacy and cybersecurity.
In Europe, Brexit creates real uncertainty for the UK’s regulators, and the industries that they regulate. But
Brexit also impacts EU member states and any organisations doing business within or through the UK. The
impact is far-reaching, and regulators face major challenges in responding to profound changes in policy, the
legislative framework and the wider economic context.

Politics in the United States and other nations have also seen similar dramatic shifts in governmental control and
resultant effects in policy, which can impact regulatory laws and how they are implemented and enforced
worldwide. One thing is certain – investigations and legal actions based on violations of the Foreign Corrupt
Practices Act (FCPA) continue to increase, and organisations must remain diligent in conducting risk
assessments and implementing control measures to remain in compliance.

5. Personal liability
One area of concern sure to grab the attention of any compliance officer is the issue of personal liability. Recent
news stories have reported criminal convictions, some leading to prison sentences, of executives, “middle men”
and other individuals involved in various scandals. Compliance officers should take heed, as their responsibilities
to their company can also extend to their own professional conduct being placed under a microscope. Many
compliance professionals are aware of this, as a recent Thomson-Reuters survey found that 60% of them expect
personal liability to increase.
New initiatives underline this reality, such as the Senior Managers and Certification Regime (SCMR) in Europe. It
places a focus on firms’ senior managers and individual responsibility, and extends to all Financial Conduct
Authority (FCA) solo-regulated financial services firms. The FCA itself has been increasing enforcement notices
against individuals. We can expect an increase in these types of measures and they will apply to industries
beyond those in the financial sector.

6. Ethics and integrity

Today’s business landscape brings an increased emphasis on the culture of an organisation, with an eye toward
ethical practices and principles. With growing scrutiny from both regulators and stakeholders, the pressure is on
for compliance professionals and their superiors to take broader responsibility for policies, procedures and
controls to create a truly ethical business.

The Cambridge Analytica scandal is a notable example of how data misuse has serious brand and societal
implications, on top of legal and compliance penalties. The public outrage was so intense that governments
were forced to act, calling on Facebook and other involved parties to testify and explain themselves. The
market’s reaction was also punishing, with more than $100 billion knocked off Facebook’s share price in days,
while Cambridge Analytica went out of business.

In conclusion, AML regulations, conflicts of interest, innovation driving new demands, regulatory and political
change, personal liability, and ethics and integrity issues are among the biggest challenges facing today’s
compliance professional. This is the time to address solutions. There is expert help and a wealth of resources
available, with no better time to leverage them than the present.

Let us know if you would like to learn more

If you have any further questions or interest in implementing compliance solutions, please contact us.
CRI Group has safeguarded businesses from any risks, providing investigations (i.e. insurance fraud), employee
background screening, investigative due diligence, business intelligence,  third-party risk management, forensic
accounting, compliance and other professional investigative research services. In 2016, CRI Group
launched Anti-Bribery Anti-Corruption (ABAC®) Center of Excellence – an independent certification body
established for ISO 37001:2016 Anti-Bribery Management Systems, ISO 19600:2014 Compliance Management
Systems and ISO 31000:2018 Risk Management, providing training and certification. ABAC® operates through
its global network of certified ethics and compliance professionals, qualified auditors and other certified
professionals. Contact ABAC® for more on ISO Certification and training