Globally, many organizations struggle to meet investor expectations and remain competitive after the onset of the COVID-19 pandemic. Additionally, statutory environments have been enhanced both globally and locally to simultaneously protect stakeholders while cultivating the atmosphere for innovation and growth. Locally, a recent example of creating attractive and robust legislation is the Digital Assets and Registered Exchanges Act, 2020 (DARE). Both the Securities Commission of The Bahamas’ Executive Director Christina Rolle and FTX Chief Executive Officer Sam Bankman-Fried have stated on record that FTX’s decision to headquarter in The Bahamas is in direct correlation to our country’s crypto framework.
Against this backdrop, it has become imperative to develop, implement and maintain a compliance program for a business to be protected. This article looks at how a compliance program can be adequately interconnected while emphasizing the importance of creating a lasting culture of compliance.
Leadership role in compliance culture
Compliance, ethics and anti-fraud programs should be fully understood by the board of directors and C-suite leadership. The responsibilities of an organization’s leadership should be clearly defined and assigned. They should be documented in well-developed and socialized written policies and procedures which establishes an atmosphere of accountability. These policies and procedures should be re-evaluated on a documented, regular basis, in my opinion not exceeding a calendar year.
Independent compliance officer (CO) designation
Depending on the industry, this role is either required or suggested by guidance. The financial service industry in The Bahamas and the USA both require a compliance officer. Conversely, the healthcare industry in the USA only requires the designation if they partake in the Affordable Care Act (ACA) and in The Bahamas, there is no documented requirement. Notwithstanding the regulatory and guidance regime, I posit that this role is essential and required, irrespective of industry. The CO should be a member of senior management and have unfettered access to the board of directors, internal and external legal counsel. A regular evaluation of the working relationship between the compliance function and other key operational areas should be conducted as well.
Communication and training
The communication of policies, procedures and other important elements of the compliance program should take place regularly and in practical ways, including controls, plans and corrective actions. Moreover, an effective training plan tailored to the nuances of the organization should be developed and implemented. Ideally, in addition to providing training sessions to the board of directors and C-suite leaders, the organization should also ensure that all employees have access to such sessions, as well as its agents or representatives or other third parties, where applicable.
Monitoring and evaluating program’s effectiveness
The board of directors and C-suite members should receive regular updates on the program’s implementation and monitoring. These compliance updates must include reports of suspected non-compliance and should be kept by the CO. It is important to consider factors such as the previous year’s audit findings, annual risk assessments and high-volume services in determining how frequently various functions need to be monitored.
During the past years, a well-documented and reasonably functional compliance and ethics program was adequate and enough but today, it is not. An effective compliance program reduces fraud and abuse, enhances providing organizations’ operations, improves the quality of service and reduces the overall cost of operations in a way that all stakeholders benefit.
• Derek Smith Jr., a Top 40 Under 40 leader, is the compliance officer at a leading law firm in The Bahamas and former assistant vice-president, compliance and money laundering reporting officer (MLRO) at an international private bank. His professional career started at a Big Four accounting firm and has spanned over 15 years including business risk management, compliance, internal audit, external audit and other accounting services. He is also a CAMS member of the Association of Certified Anti-Money Laundering Specialists (ACAMS) and executive member of the Bahamas Association of Compliance Officers.