There are many difficulties facing anyone fulfilling the role of a key person, whether a Compliance Officer, Money Laundering Reporting Officer (“MLRO”) or Money Laundering Compliance Officer (“MLCO”). Quite apart from the intellectual demands of keeping up-to-date on all relevant legal and regulatory requirements and the diplomatic skills which may need to be deployed to persuade, cajole and coerce colleagues, a key person faces a number of inherent conflicts of interest, not least of which is the tension arising from the responsibility to assess and report on the conduct of your employer.
This article tackles the conflict of interest which arises specifically when a Compliance Officer has client-facing responsibilities. Such a situation most often arises in a small regulated business or where an individual is providing temporary cover, for example pending the recruitment of a new Compliance Officer. We are going to consider, primarily, the situation where a client-facing director is also the Compliance Officer, as this example most clearly demonstrates the conflict of interest. The same conflict of interest is still present for any level of client-facing member of staff but, arguably, is somewhat mitigated by there (presumably) being a director above the conflicted individual who would have the final decision-making responsibility over the client and/or client structure.
The compliance function is an essential component of a regulated entity’s system of controls. It provides checks and balances to ensure that the entity conducts its activities in accordance with the legal and regulatory regime. In order to do this, and as required under the Codes of Practice, the compliance function must have appropriate independence. In circumstances where a Compliance Officer also has client-facing responsibilities, the tensions between the two roles could materially impact on this independence. This is why businesses, shareholders and, as you would expect, the regulator are increasingly uncomfortable with the situation where an individual fulfils both client-facing and compliance roles. However, as already mentioned, such situations do occasionally arise and the resulting conflicts of interest must be managed effectively.
As with all key person roles, the regulator will, of course, be aware of the conflict of interest as they will have had to confirm they have no objection to the client director’s appointment as Compliance Officer, however the holding of both roles will likely only be permitted for a finite period of time and the regulator will want to understand what steps the business is putting in place to manage the conflict.
Why is this a conflict of interest?
In instances where a client-facing director is also the Compliance Officer, there is the potential that the individual’s responsibilities in this post may conflict with his interests as a client-facing director. For example, there could be a temptation to allow exceptions to the usual procedural requirements rather than risk jeopardising a good client relationship.
Client directors, like everyone working within the finance industry, have a responsibility to comply with relevant law and regulation. At the same time, they will want to provide an excellent and cost-effective service and hence keep their clients happy. The majority of the time, there is comparatively little difficulty in achieving both of these aims. However, the role of Compliance Officer brings with it significant additional specific responsibilities as detailed in the Codes of Practice. There is the potential that in wanting to keep a client happy, the director may be less rigorous in fulfilling his compliance responsibilities. There is also the possibility that the director could be too involved in day-to-day administration to be able to step back and recognise, or indeed assess, any regulatory issues.
How might it be addressed?
In addition to the suite of controls required for the broader management of conflicts of interest, which I won’t repeat as they have been mentioned in other articles, a number of measures may be appropriate. The conflicts of interest presented in this case are difficult to fully address and the measures will, of course, have to be tailored to fit the circumstances of the role and the resources available to the business. The Codes of Practice impose various specifications for Compliance Officers – they must be based in Jersey, be employed by the regulated business (or its group), have sufficient experience and skills (including an appropriate qualification) and have appropriate status and authority for the role. It is hardly surprising that many businesses do not have such people “spare” within the business!
If possible, it may be helpful to reassign some of the Compliance Officer’s client workload. As well as reducing the extent of the conflict of interest, this would assist with the practicalities of managing the workload which is typically very demanding. It hopefully goes without saying that a Compliance Officer who has client responsibilities should not deal with any of the compliance tasks for “his” clients. When dealing with any problems or regulatory issues with one of these clients, one of his colleagues must step in. In addition, when considering the acceptance of new business, the Compliance Officer should not act as both the client director and Compliance Officer.
Conversely, the business could assign some of the compliance workload, such as the monitoring programme, revising policies and procedures and assisting staff with ad-hoc queries, to other individuals within the business. These can even be outsourced to an external firm of professionals (like Cyan!) which may provide directors and, indeed, the regulator with some comfort that the workload is being adequately addressed and controls maintained at the business. The business should, however, bear in mind there are some tasks which should remain with the Compliance Officer – including reporting to the board/relevant committee and communication with the regulatory authorities.
The business could also consider giving the Compliance Officer role to a member of the senior management, rather than one of the directors. Of course, the individual has to be sufficiently senior and confident to stand up to the directors as well as having appropriate experience and expertise/qualifications. The advantage of having a senior manager fulfil the compliance role is that there will be a director to make any final client-related decision whilst unencumbered by conflicts of interest.
Thought should be given to the terms of the remuneration and any incentives offered to individuals acting as Compliance Officer. For example, whilst a director is often rewarded for bringing new clients to a business, if the director were also to be acting as the Compliance Officer, this incentive would likely be perceived as not being appropriate as it could be seen to be incentivising the individual to approve the taking-on of unacceptable clients.
Where a business is placing reliance on a Compliance Officer who has client responsibilities, it is even more important than usual that the effectiveness of the compliance function, as required under the Code of Practice, is carefully and thoroughly assessed and that this assessment is conducted by someone independent.
Whatever measures are implemented, it is of course essential that they are documented appropriately and subject to regular review and oversight.
Conclusion
The Codes of Practice and Handbook require that the compliance function of a regulated business has appropriate independence. A Compliance Officer having client-facing responsibilities does strain the independence, which is one of the reasons why it is increasingly unusual for one individual to fulfil both roles, at least for anything other than a temporary basis. However, the risks can be mitigated, to an extent, through the tailored use of measures such as those mentioned above.
