By Derek Smith Jr
Globally, many organizations struggle to meet investor expectations and remain competitive after the onset of the COVID-19 pandemic. Additionally, statutory environments have been enhanced both globally and locally to simultaneously protect stakeholders while cultivating the atmosphere for innovation and growth. Locally, a recent example of creating attractive and robust legislation is the Digital Assets and Registered Exchanges Act, 2020 (DARE). Both Securities Commission of The Bahamas Executive Director Christina Rolle and FTX CEO Sam Bankman-Fried have stated on record that FTX’s decision to headquarter in The Bahamas is in direct correlation to our country’s crypto framework.
Against this backdrop, it has become imperative to develop, implement and maintain a compliance program for a business to be protected. This article looks at how a compliance program can be adequately interconnected while emphasizing the importance of creating a lasting culture of compliance.
Leadership role in compliance culture
Compliance, ethics and anti-fraud programs should be fully understood by the board of directors and c-suite leadership. The responsibilities of an organization’s leadership should be clearly defined and assigned. They should be documented in well-developed and socialized written policies and procedures, which establishes an atmosphere of accountability. These policies and procedures should be re-evaluated on a documented regular basis, in my opinion not exceeding a calendar year.
Independent compliance officer (CO) designation
Depending on the industry, this role is either required or suggested by guidance. The financial service industry in The Bahamas and the USA both require a compliance officer. Conversely, the healthcare industry in the USA only requires the designation if they partake in the Affordable Care Act (ACA) and in The Bahamas, there is no documented requirement. Notwithstanding the regulatory and guidance regime, I posit that this role is essential and required, irrespective of industry. The CO should a member of senior management and have unfettered access to the board of directors, internal and external legal counsel. A regular evaluation of the working relationship between the compliance function and other key operational areas should be conducted as well.
Communication and training
Communication of policies, procedures and other important elements of the compliance program should take place regularly and in practical ways, including controls, plans and corrective actions. Moreover, an effective training plan tailored to the nuances of the organization should be developed and implemented. Ideally, in addition to providing training sessions to the board of directors and c-suite leaders, the organization should also ensure that all employees have access to such sessions, as well as its agents or representatives or other third parties, where applicable.
Monitoring and evaluating the program’s effectiveness
The board of directors and c-suite members should receive regular updates on the program’s implementation and monitoring. These compliance updates must include reports of suspected non-compliances, which should be kept by the CO. It is important to consider factors such as the previous year’s audit findings, annual risk assessments and high-volume services in determining how frequently various functions need to be monitored.
During the past years, a well-documented and reasonably functional compliance and ethics program was adequate and enough but today, it is not. An effective compliance program reduces fraud and abuse, enhances providing organizations’ operations, improves the quality of service and reduces the overall cost of operations in a way that all stakeholders benefit from.
Derek Smith Jr is a governance, risk and compliance professional of more than 20 years with a record of leadership, innovation and mentorship. His career has been fortified by holding strategic positions at a TerraLex member law firm, a Wolfsburg Group member bank and a Big 4 accounting firm. Smith is a certified anti-money laundering specialist (CAMS) and the compliance officer and MLRO for CG Atlantic’s family of companies (member of Coralisle Group Ltd) for The Bahamas and Turks and Caicos.