The European Banking Authority has released a renewed statement on what it means to be a compliance officer. Released on June 14th, the statement details the role and responsibilities expected as it pertains to anti-money laundering (AML) and countering the financing of terrorism (CFT).
The statement was released as a set of guidelines for management and compliance officers. It is expected that management in businesses should hire at least one officer to handle the AML and CFT aspects of compliance to ensure that the work is done thoroughly and effectively.
As explained in the statement from the EBA, the guidelines are designed to “create a common understanding” between competent authorities and credit or financial institutions around the idea of AML and CFT operations. The guidelines are intended not to replace previous guidelines submitted by the EBA, but to complement them.
We’re breaking down the suggested roles and responsibilities of a compliance officer as put forward by the EBA, including who is suitable for the job, their input on new policies, customer services and more. Read on for all the details.
Suitability and skillset
The final report as put forward by the EBA stresses that, first and foremost, a compliance officer should have the reputation of an honest and integrity-driven person in order to complete their functions. Without that, the role would yield very little results with a skewed loyalty.
Of course, the appropriate skills and expertise for the role would then be considered. A potential for the role should be able to handle AML and CFT issues with knowledge of the applicable legal and compliance framework and issues, as well as being able to implement policies, controls and procedures with sufficient knowledge and understanding of the risks to business models posed by money laundering and terrorism funding.
They also outline that an applicant should have relevant experience to identifying, assessing, and managing money laundering and terrorism funding risks, as well as sufficient time and seniority in order to pull off their role and perform functions with independence, automation and effect.
Development of a risk assessment framework
The report outlines that one of the biggest roles a compliance officer would take on is to establish a risk assessment framework. They should be put to task in creating it but also maintaining and enforcing. The framework should be applied business-wide but also focus on individual money laundering and terrorism funding risk assessment cases in line with previous guidelines posed by the EBA.
The hired officer will also be tasked with reporting the results of any outcomes of the AML/CTF risk assessment framework. The findings should be reported, in detail, to the management body, and they should propose moves to the management body on how to mitigate any risks found. They should keep a particular look at any new products or services proposed by the management body or any significant changes to ones already launched, or the development of a new market. No moves should be taken until the proper risks have been assessed and managed by the compliance officer.
Development of policies and procedures
A compliance officer will also be expected to create and enforce adequate policies and procedures that aid in the AML/CTF mission. They should be set in place, consistently update and effectively enforced on an ongoing basis.
The report goes into more detail, listing that compliance officers should: set out policies to be used by credit or financial institution, ensure the policies are implemented effectively, are reviewed regularly, are updated or amended where needed, they should enforce these policies on any business changes like a new product or a change, and address any changes in regulatory requirements or in money laundering and terrorism funding risks.
Dealing with high-risk customers
The report stresses that part of the role of a compliance officer is to also manage high-risk customers. An AML/CTF compliance officer should be consulted whenever there is a final decision from senior management on the table concerning onboarding high-risk customers or maintaining relationships with businesses that have an abundance of high-risk customers.
They should also offer advice on how to manage high-risk customers, and, should the senior management decide not to follow that advice, they should record that decision and move on to how to mitigate risks in the situation.
The report goes on into deeper detail on exactly how a compliance officer should monitor compliance within the company, how they should handle reporting to a management body, how they would go about reporting transactions that flag up suspicions, and training and awareness, for a detailed framework of how a compliance officer should conduct their business according to the EBA’s guidelines. This is a basic guide to the most important elements of the role of a compliance officer, but you can find the full report here.
Contact us if you would like to find out how we can support your compliance team and wider firm in ensuring or enhancing your compliance and regulatory framework.