Why choose a career in governance, risk and compliance?
Ensure Effective Risk Management
Compliance as a discipline was traditionally thought of as ensuring adherence to the many rules and regulations organisations face. But compliance is now about so much more: culture, ethics, advice – modern compliance really is at the heart of the business.
Compliance professionals not only navigate a complex regulatory environment but also add a key commercial perspective. They enable the right business to be conducted in the right way and help firms achieve success by using systems and controls to ensure effective risk management.
IT Governance, Risk & Compliance extends the GRC concept to include cyber security, data privacy and technology, integrating IT risk management into an organisation’s strategy.
Discover the courses and professional qualifications we offer in governance, risk and compliance to kick start your career today.
What does compliance mean?
The term compliance describes the ability to act according to an order, set of rules or request.
In the context of financial services businesses compliance operates at two levels.
- Level 1 - compliance with the external rules that are imposed upon an organisation as a whole
- Level 2 - compliance with internal systems of control that are imposed to achieve compliance with the externally imposed rules.
What duty, objective and responsibility does a Compliance Officer fulfill?
- Duty- The Compliance Officer has a duty to his employer to work with management and staff to identify and manage regulatory risk.
- Objective- the overriding objectives of a compliance officer should be to ensure that an organization has systems of internal control that adequately measure and manage the risks that it faces.
- Responsibility- The general responsibility of the Compliance Officer is to provide an in-house compliance service that effectively supports business areas in their duty to comply with relevant laws and regulations and internal procedures.
What are the five key functions of a compliance department?
- To identify the risks that an organisation faces and advise on them (identification)
- To design and implement controls to protect an organisation from those risks (prevention)
- To monitor and report on the effectiveness of those controls in the management of an organisations exposure to risks (monitoring and detection)
- To resolve compliance difficulties as they occur (resolution)
- To advise the business on rules and controls (advisory)
What is corporate governance?
Corporate governance is a highly inclusive concept that covers a number of different aspects about the way in which an organisation is managed, directed and governed.
It can be described as a set of relationships between a company’s management, board, shareholders, and other stakeholders, which provides the structure through which the objectives of the company are set. Furthermore it provides the means of attaining and monitoring performance against those objectives.
What does the term 'regulation' mean?
What are five generally accepted key core objectives of financial services regulation?
Although there is no unified theory of financial services the key objectives of regulation is as follows.
- The protection of investors/consumers
- Ensuring that the markets are fair, efficient and transparent
- The reduction of systemic risk
- The reduction of financial crime
- The maintenance of consumer confidence in the financial system
What are three key attributes of effective regulation?
Effective regulation is regulation that:
- Contributes to the fulfillment of one or more of the core objectives of financial services regulation.
- Maintains an open market that can be participated in by the widest range of appropriate participants with no unnecessary barriers to entry and exit and
- Provides an equal regulatory burden on all participants that meet minimum criteria.
What is primary and secondary legislation?
Primary legislation refers to the Law, Act or Ordinance passed by the legislative of a particular jurisdiction.
The legislature in many jurisdictions has the power to delegate or subordinate law making powers to other agencies that may then make delegated or subordinate legislation often referred to as “secondary” legislation. In the context of financial services, secondary legislation is generally legislation that has been drafted by a regulatory body empowered to do so pursuant to the primary law by which it is established.
What are regulatory guidance notes?
Guidance can either be in the form of a statement of best practice or a statement of minimum best practice.
Occasionally a regulatory authority will feel compelled to issue detailed guidance to regulated businesses on how it expects them to actually discharge their legal and regulatory obligations. Anti money laundering and terrorist financing is one area where most regulators around the World have issued guidance.
What functions does a regulator usually fulfil?
In broad terms regulators fulfill the following seven functions:
- They lay down rules or principles that determine who can conduct financial services business
- They authorise financial services businesses
- They lay down the rules by which regulated financial services businesses must conduct their business (both prudential and conduct of business rules)
- They supervise compliance with the rules either through desk based supervision or onsite inspections or a mixture of the two
- They conduct investigations into suspected breaches of the rules sometimes in conjunction with other law enforcement bodies
- They enforce the rules
- They co-operate and exchange information with other regulators
What steps does a regulator utilize in it's supervisory process?
Many regulators adopt a risk-based approach to supervision and follow a process of supervision that can be divided into the following four steps:
- Step 1. Defining the objectives
- Step 2. Obtaining information from regulated businesses
- Step 3. Assessing the risk that regulated businesses face and pose
- Step 4. Taking action in response to the risk assessment
What two key methods does the regulator utilize in supervising regulated businesses?
There are essentially two methods by which compliance with regulatory rules is monitored – onsite supervision and offsite desk based supervision.
- On site supervision entails visits by the staff of a regulator to the offices of a regulated entity, with the objective of satisfying etc
- Offsite desk based supervision requires regulated financial services businesses to provide relevant information by means of ‘supervisory returns’ normally prescribed within legislation and or license conditions.
What are the two commonly accepted objectives of prudential regulation?
What aspects of the activity of a financial services business would be subject to the conduct of business rules?
What are common enforcement powers of a regulation?
- Power to inspect and request information
- Power to seek orders to compel a business to comply
- Power to remove directors and auditors;
- Power to appoint an administrator
- Power to impose administrative sanctions and / or to seek orders from courts or tribunals;
- Power to initiate or to refer matters for criminal prosecution;
- Power to suspend operations or trading
What course is right for you?
View salary details and job market trends in governance, risk and compliance, compiled by our partner Broadgate.