ICA International Certificate in Compliance
Q1 In regulated firm every employee is responsible for compliance, including back and front offices. Board of Directors (Board), Senior Management, and each member of compliance and staff have their Individual roles and functions. For instance, responsibilities of The Board of Directors controls business strategies for the regulated entity and the decisions made by Senior Management. Also, it is responsible for suitable decisions, strategies and risks. Reputation of the company and policy in terms of responsibility of Board of Directors. Senior management implementing strategies and controls everyday decisions and actions of staff to appropriate policies, which were selected by the Board of Directors. In case of specific functions: to implement corrective actions on findings, operational plans; to develop policies, standards and procedures. Concerning to role of Compliance Chef Officer (CCO) includes list of responsibilities such as monitoring of the risk assets, reviewing and updating of the policies and strategies according to the Board. Main functions is to review, update for compliance effectiveness. Providing trainings and educating all staff of company are also, one of the duties of CCO. CCO interconnects with Senior Management by preparing concise compliance reports. In general, role of CCO is to coordinate and to guide all the compliance team members. Compliance manager investigates, recommends or advises to CCO necessary programmes, approaches and develops procedure of documents. The basic duties of Compliance Officer tackles Code of Conduct, regulations, rules and standard processes. As well as, following latest business trends, he should follow changings in regulations and legislation.
For example, I can describe the system of internal controls in case of Sovereign Welfare Fund “Samruk-Kazyna” JSC, when the Compliance Service realized procurement process for Hot Line supplement. To conduct procurement from a single source, we need to request commercial offers from several firms, which provide the appropriate Hot Line services. After receiving their offers, Compliance team should to analyze and write the reasons of selection of the most advantageous proposal in terms of price-quality ratio. Then, the legal based document directed to Procurement Department. In case of consent of the selection and signing of the document, it will be sent to the Legal Department for further verification. Next step is to sending the memo to the Senior Management for preparation of order for procurement.
Q2 In the Republic of Kazakhstan, main role of anti-corruption regulator is Agency for Civil Service and Anti-Corruption (ACSAC). This public authority, which is directly, subordinates to President of the Republic of Kazakhstan. ACSAC manages in the public service, assessment and state control over the quality of the provision of public services, as well as management and inter-sectoral coordination for the prevention, detection, suppression, disclosure and investigation of corruption offenses 1. The ACSAC has a department – the National Anti-Corruption Bureau (Anticorruption Service), as well as territorial bodies in the regions and cities of republican importance, the capital. The Agency is a legal entity in the organizational and legal form of a state institution has seals and stamps with its name in the state language, forms of the established sample, and in accordance with the legislation of the Republic of Kazakhstan, accounts in the treasury bodies. Regarding prohibitions, the ACSAC cannot entering into contractual relations with business entities for the performance of duties that are functions of the Agency.
In terms of Supervision, there is a real example of cooperation between ACSAC and Fund (Memorandum). There were identified several cooperation activities, such as:
– conducting regular analysis of the risks of non-compliance with the anti-corruption legislation to Compliance risks;
– development of measures to minimize identified, assessed and prioritized Compliance risks;
– monitoring the implementation of measures to minimize the compliance of risks;
– external communication on compliance with anti-corruption legislation, including joint press releases, posting information on websites, joint interviews, including on the joint work;
– internal communication on compliance with anti-corruption legislation, including training and awareness programs for the Fund’s employees.
When it comes to Enforcement, Memorandum provided following activities:
– investigation of potential violations of legislation on anti-corruption issues;
– development of recommendations on improving legislation on countering corruption, taking into account the best international practice.
Q3 October 31 in 2008 the President of the Republic of Kazakhstan signed the law on the ratification of the UN Convention on Combating Corruption. The purpose of signing the Convention is to promote the adoption and strengthening of measures aimed at more effective and effective prevention of corruption in promoting, facilitating and supporting international cooperation in preventing and combating corruption, including in taking measures to recover illicit assets. The Convention provides for a set of measures to prevent corruption, including in the public service, public procurement and management of public finances, as well as on the participation of society to prevent the corruption.
In the framework of aspiration to be member of OECD in 2014 by order of the President of the Republic of Kazakhstan – ACSAC created. Analysing of each legislation changings
Q5 Function of Compliance of the Fund is the part of corporate governance. One of its main functions is to protect interests of stakeholders. For instance, Fund’s Compliance Service enforcement of anti-corruption law of the Republic of Kazakhstan within the regulatory requirements of UKBA. Compliance Service of Fund uses OECD instrument because it covers 9 basic obligations, which is:
1) B2B Relationship Coverage;
2) Implementation of program compliance;
3) Conducting an assessment of risk compliance;
4) The involvement of top management and the “tone at the top”;
5) Measures to minimize the compliance of risks;
6) 3rd Party Due Diligence Procedure;
7) Corporate line of initiative information;
8) Communication, including compliance training;
9) Monitoring and evaluation of the effectiveness of the compliance system.
Fund have 6 expectations of stakeholders:
1) Shareholder to add value by strengthening reputation and improving efficiency
2) Government Compliance with OECD requirements within the country program “TOP 30 countries”
3) Regulatory authorities Transition from observing “for a tick” to the approach of proportionality to risks
4) Business community Implementation of international standards \ FCPA UKBA
5) Society Leadership in promoting honest and responsible business
6) Fund’s employee conscientious employment of personnel
Q6 a) Successful compliance officers have 5 main skills:
1) educated in legal and regulatory basis (Mr B scares to act in terms of compliance programme );
2) knowledge of whole business or firm (lack of knowledge of Mr B cannot effect on company as whole, so it still have plenty of risks);
3) communicate with all employees (Mr B seems to be not communicative with other business sectors);
4) objectively analyse materials or information which could be received during the investigation;
5) competent to communicate with Senior Management, Board of Directors and other public services which could be an external communicator (Mr B does not communicate to anyone, except sales of director ).
b) Here illustrated Fund’s organizational structure and functions, which could be good example of successful compliance department. First, compliance department should submit to Board of Directors in whole, not in comparing with Mr B, who is submitted only to sales director. It could form wrong policy and new business risks in ABC Ltd. In future it could be violations of anti-corruption law. For example, through the kickbacks on tenders from the suppliers.
1. External regulatory requirements of Fund (example of successful department):
1) continuous monitoring of external regulatory requirements and best international practices on anti-corruption issues;
2) determining the consequences for the Company in case of changes in the regulatory requirements.
2. Conducting an assessment of risk compliance
1) development of a methodology for assessing the compliance of risks to the Company;
2) ensuring the assessment of the susceptibility of the Company’s key business processes to the risks of corruption, including in conjunction with the regulatory body of the Republic of Kazakhstan on anti-corruption issues;
3) ensuring the preparation of a report on the assessment of risk compliance and a plan of measures to minimize them;
4) ensuring public disclosure of information on the results of assessing compliance risks.
3. Development of standards and policies Compliance:
1) ensuring the development / updating of internal policies, regulations and procedures of the Company on anti-corruption issues.
4. Conducting a third party audit of the Fund:
1) ensuring the establishment, testing and implementation of the Company’s third-party due diligence procedures for the Company (the 3rd Party Due Diligence procedure, generally accepted in the international practice) in accordance with the developed methodology of the Fund.
5. Introduction of a line of initiative information
1) ensuring the optimization of communication facilities for proactive informing for the Company in accordance with the developed policy of proactive information on violations of the Regulatory Requirements and the Compliance Program for the Fund and the Fund Group.
6. Communication and implementation of policies Compliance 1) ensuring timely communication and consultation for the Company’s structural units, adhering to the principle of proactivity;
2) monitoring the implementation of compliance policies and standards in the Company;
3) training on compliance directions as needed.
7. Monitoring and control Compliance directions:
1) monitoring the procedure for monitoring compliance with regulatory requirements and compliance programs;
2) ensuring the preparation of regular reporting to the Chairman of the Management Board on risk compliance and the Audit Committee of the Chairman of the Board on the status of implementation of the Compliance Program.
8. Conducting investigations within the framework of the Compliance Program:
1) organization of the work of the investigation commission (representatives of the following areas: internal audit, risks and internal controls, legal support, security, human resources management, etc.) for calls to the hotline, or on the basis of information received by results of monitoring;
2) coordination of the investigation process until completion and taking corrective measures.
9. Interaction with regulatory bodies:
1) ensuring interaction with regulatory bodies on anti-corruption issues (Ministry of State Affairs, Ministry of State Revenues, General Prosecutor’s Office, Commission under the President of the Republic of Kazakhstan on Combating Corruption, etc.), including analysis corruption risks, the use of databases for the verification of third parties.
c) The main remedial actions regarding to Mr B is to start to identify business direction of ABC Ltd.
d) The main remedial actions in compliance function according to scenario is to assess the risks of the ABC Ltd in each business section: internal audit, business administration and sales force. Further, realize policy/strategy with all stakeholders and members of Board of the company. Then, to form internal documents< such as Code of Conduct of the ABC Ltd. In order to communicate with every employee of the firm, organize training to educate about this Code of Conduct. If necessary, start to present from Board of Directors. To check systematically Due Diligence of 3rd party (in terms of procurement, for example), to use Whistleblowing hot line in order to prevent or suppress violations of law and internal documents of company. Conducting investigations if it necessary to prevent violations or to suppress and recommend to solve the future violations’ faith on the Board of Directors or on Staff Committee.