As part of its monitoring role, the Compliance Function should carry out frequent onsite visits at the offices of the regulated entity the compliance of which is under its responsibility. For the purpose of these compliance visits and their frequency, the Compliance Function shall refer to the Compliance Monitoring Program of the Company, the scope of which is to facilitate the work of the Compliance Function’s assessment in outlining the areas to which the Company shall focus during the business year, on a risk-based approach, to ensure compliance with the laws, rules and regulations applicable to the regulated entity.
When carrying out compliance visits, the Compliance Function can avail itself of compliance tools, arrangements, and questionnaires that give an overview of the internal processes adopted by the regulated entity and consent the assessment of the overall level of adherence of the regulated entity with applicable rules. Based on the results inferred from these tools and the findings of the compliance visit exercises, the Compliance Function will be in a position to provide the recommendations concerning the focused areas.
During the onsite visits, based on the matters subject to monitoring, the Compliance Function may carry out some, or all, of the following activities:
a. Reviewing of documents and files relating to the officers, employees, customers, service providers, or other third parties of the regulated entity, including:
- A copy of the Licence issued;
- Compliance Manuals;
- Latest submitted audited annual financial statements and supporting documents;
- Sample Fact Performance Sheets, when applicable;
- Management reports;
- Agreements in force;
- Files containing documentation or due diligence on the employees;
- Staff Training Log;
- Breaches Register, etc.
b. Reviewing of policies and procedures upon which the regulated entity bases its internal operations, services, and activities;
c. Reviewing of documents and files concerning the correspondence with the competent authorities;
d. Interviews with the officers, employees, service providers of the regulated entity.
In relation to the above-mentioned matters or documentation taken into consideration, the Compliance Officer may carry out inspection on the systems and arrangements of the regulated entity and require complete, up to date and accurate information to be disclosed by the officials of the regulated entity. The Compliance Function shall ensure that the officials of the regulated entity did not fail to disclose any information which they should have disclosed, that the policies and procedures have not subsequently been amended, revoked, rescinded or superseded, and any minutes presented or made available to the Compliance Function truly record the proceedings of duly convened, constituted and conducted meetings.
The findings identified in the compliance visits carried out by the Compliance Function shall be summarised in a report to be presented to the management board of the regulated entity. Such report should be annexed to the Compliance Report and, as a minimum, should outline the checks conducted by the Compliance Function, highlighting any findings made and a recommended way forward. The Compliance Function should then follow up on the recommendations provided and ensure that proper and adequate actions are undertaken in order to remedy or improve compliance with the applicable requirements.
The information contained above does not cover the subject matter in an exhaustive manner, for further information on the onsite visits of the Compliance Function, please contact us at [email protected].
The information contained in this write up is provided for general informational purposes only. It does not, and is not intended to, constitute legal advice on any subject matter. You should not act or refrain from acting on the basis of any content included in this write up without seeking legal or other professional advice for your particular situation.