News and developments

GRC in Malta: The Compliance Officer as a strategic partner – Beyond regulatory oversight

Compliance officers are responsible for ensuring that their organisation complies with applicable laws and regulations, and in a regulated sector like financial services, they must also adhere to the conditions attached to the license issued by the regulatory authority. However, compliance officers are not typically involved in generating business and may face challenges in executing their job in a commercial environment.

The compliance function is sometimes viewed as a necessary but unwelcome aspect of governance, included only because it is required. This means compliance officers may not always be welcomed to provide input on business opportunities, expansions, or strategy decisions. While compliance officers work to instil a culture of compliance within the organisation, other officers, such as the CEO, focus on instilling a profit culture.

Despite these challenges, compliance officers play a critical role in creating a business environment that values and embraces compliance as a key part of the business ecosystem. The following are some key points that can help compliance officers achieve their objectives beyond regulatory oversight:

Compliance for the Common Good

Compliance officers play a crucial role in maintaining and implementing laws and regulations that safeguard the interests of a diverse group of stakeholders. These stakeholders include customers, employees, investors, and society as a whole. The compliance officer’s primary responsibility is to ensure that the entity adheres to these laws and regulations, which are designed to protect the interests of all the players involved in the business. By emphasising the importance of compliance, the compliance officer helps to ensure that the entity captures the interests of all stakeholders, ultimately leading to the achievement of the overall business objective.

Compliance as a Building Block not a stumbling block

Compliance should not be a merely tick box exercise but a fundamental pillar of successful business operations, and it demands a proactive approach that involves identifying and mitigating potential risks. The Compliance Officer shoulders the responsibility of safeguarding the organisation from legal, ethical, and reputational pitfalls, and their role extends beyond mere enforcement of rules. They serve as a facilitator, seamlessly weaving compliance into the company’s fabric by actively contributing to the daily operations and strategic plans.

Early integration is key, and the Compliance Officer is involved from the outset, providing guidance and cautionary advice. Compliance is not an afterthought, but rather a top priority, and the Compliance Officer champions this mindset by advocating for policies, procedures, and training that keep compliance central while respecting ethical boundaries and promoting creativity.

Behind the scenes, the Compliance Officer crafts robust and comprehensive processes and procedures that provide clear guidance on how to navigate legal mazes. These are not dry manuals, but rather living and breathing guides that everyone, from the CEO to front-office management, follows.

Choose your battles – a risk-based approach to compliance

In the financial services industry, there has been a shift towards a more principles-based approach to legislation. This approach requires Compliance Officers to consider the underlying intentions of laws and regulations and take a practical approach to ensure that desired outcomes are achieved. In order to make the most effective use of limited resources, a risk-based approach should also be adopted. This involves allocating resources to areas that present higher risks, so that potential issues can be identified and addressed in a timely manner. By adopting a principles-based, risk-based approach, Compliance Officers can help to ensure that regulatory requirements are met in a way that is both efficient and effective.

Cost of Non-Compliance is often higher than the cost of Compliance

Reputational damage is a significant consequence of breaching regulations or compliance standards. Companies failing to comply with applicable legislation are often publicly shamed, which is seen as a more serious regulatory action than the financial penalty itself.

In the financial services sector, the Malta Financial Services Authority has recently introduced the concept of the anonymity principle, which allows the regulator to avoid naming the licensed entity if the administrative measure relates to a non-material breach, the penalty is below a certain amount, the publication may jeopardize the financial market or an ongoing investigation, or where publication may cause disproportionate damage to the regulated person involved.

The anonymity principle recognizes that publicly naming non-compliant entities invariably results in damage to their reputation. Therefore, Compliance Officers should emphasize the importance of adhering to legal requirements, as compliance pays off and makes business sense.

Compliance as enhancing Good Governance

The role of a Compliance Officer demands a high level of impartiality and unbiased judgement. These qualities are also expected from all board members, particularly independent non-executive directors (INEDs). The appointment of INEDs at the board level has become increasingly crucial for ensuring effective corporate governance. Given that the objectives of INEDs and Compliance Officers align with each other, their collaboration can lead to a more robust and comprehensive governance framework.

In conclusion, the role of a Compliance Officer is of paramount importance in ensuring that the operations of an organisation adhere to the legal and regulatory requirements. However, their responsibilities go beyond just ensuring compliance. A successful Compliance Officer must cultivate a culture that recognises the advantages of incorporating compliance considerations into the organisation’s strategic planning, objectives, and decision-making processes. By doing so, they not only enhance the long-term vision, success, and sustainability of the business enterprise, but they also support the growth of the company as a whole. Ultimately, the Compliance Officer plays a critical role in maintaining the reputation and integrity of the company, which is essential for its continued success.

This article was published in the Times of Malta on 26th of May 2024 and forms part of a series of publications focusing on cross-sectoral matters relating to governance, risk and compliance.

This series aims to offer legal and practical insights, a valuable resource for understanding and navigating the dynamic landscape of GRC in Malta.

Author: Romina Bonnici