The Tribune

Globally, many companies have struggled to meet investor expectations and remain competitive following the COVID-19 pandemic’s start. Regulatory environments have been enhanced, both globally and locally, to protect stakeholders while simultaneously cultivating an atmosphere for innovation and growth.

A recent example of creating attractive and robust legislation is the Digital Assets and Registered Exchanges Act 2020 (DARE). Both the Securities Commission of The Bahamas’ executive director, Christina Rolle, and FTX’s chief executive, Sam Bankman-Fried, have said the latter’s decision to move to The Bahamas is heavily based on our supervisory framework.

Against this backdrop, it has become imperative to develop, implement and maintain a compliance programme for companies. This article looks at how a compliance programme can be adequately interconnected while emphasising the importance of creating a lasting culture of compliance.

Leadership role in compliance culture

Compliance, ethics and anti-fraud programmes should be fully understood by the Board of Directors and executive leadership. The responsibilities of a company’s leadership should be clearly defined and assigned. They should be documented in well-developed, and socialised, written policies and procedures that establish an atmosphere of accountability. These policies and procedures should be re-evaluated on a documented basis regularly, with the time between reviews in my opinion not exceeding a calendar year.

Independent compliance officer (CO) designation

Depending on the industry, this role is either required or suggested by guidance. The financial services industry in The Bahamas and US both require a compliance officer. Conversely, the healthcare industry in the US only requires the designation if they participate in the Affordable Care Act (ACA). In the Bahamian healthcare industry, there is no such documented requirement. Notwithstanding the regulatory and guidance regime, I believe this role is essential irrespective of the industry involved. The compliance officer should be a member of senior management and have unfettered access to the board of directors, plus internal and external legal counsel. A regular evaluation of the working relationship between the compliance function and other key operational areas should be conducted as well.

Communication and training

Communication of policies, procedures and other important elements of the compliance programme should take place regularly and in practical ways, including controls, plans and corrective actions. Moreover, an effective training plan tailored to the nuances of the company should be developed and implemented. Ideally, in addition to providing training sessions for the Board of Directors and executive leaders, the company should also ensure all employees have access to such sessions, as well as its agents, representatives or other third parties, where applicable.

Monitoring and evaluating effectiveness

The Board of Directors and executive members should receive regular updates on the programme’s implementation and monitoring. These compliance updates must include reports of suspected non-compliance, and be kept by the compliance officer. It is important to consider factors such as the previous year’s audit findings, annual risk assessments, and high-volume services in determining how frequently various functions need to be monitored.

Conclusion

During past years, a well-documented and reasonably functional compliance and ethics programme was adequate, but today it is not. An effective compliance programme reduces fraud and abuse, enhances a company’s operations, improves the quality of service, and reduces the overall cost of operations in a way that all stakeholders benefit.

NB: About Derek Smith Jr

Derek Smith Jr. has been a governance, risk and compliance professional for more than 20 years. He has held positions at a TerraLex member law firm, a Wolfsburg Group member bank and a ‘big four’ accounting firm. Mr Smith is a certified anti-money laundering specialist (CAMS), and the compliance officer and money laundering reporting officer (MLRO) for CG Atlantic’s family of companies (member of Coralisle Group) for The Bahamas and Turks & Caicos.