Chapter 2 - The Compliance Function Flashcards
George is a compliance officer at a multinational firm that operates in both EU and non-EU jurisdictions. His manager has asked him to ensure that the firm’s compliance policies are aligned with global regulatory standards. George needs to update the firm’s systems and controls to ensure compliance across all regions.
Which is the best approach George should take to ensure the firm’s systems and controls align with regulatory standards?
A. Implement a basic compliance system, only ensuring compliance with the firm’s home jurisdiction.
B. Rely solely on the firm’s legal department to manage compliance risk without embedding compliance into everyday activities.
C. Ensure compliance systems and controls are managed by specialist compliance staff only, without involving the wider organization.
D. Develop systems and controls that observe both the spirit and the letter of the law, integrating compliance across all jurisdictions.
Answer: D. Develop systems and controls that observe both the spirit and the letter of the law, integrating compliance across all jurisdictions.
Relevant Sections:
Chapter 2, Section 1.1.1 Organising Appropriate Systems and Controls to Ensure Compliance
Explanation:
- Compliance should not only follow the letter of the law but also its spirit, ensuring a holistic and integrated approach.
- Compliance must be embedded across the entire firm, not just isolated to specific compliance personnel.
Lily is a director on the board of a financial services firm. The firm’s compliance risk management strategy is being reviewed. Lily is unsure of the board’s exact role in managing compliance risk and needs clarification on her responsibilities.
What is Lily’s primary responsibility regarding compliance risk management as a board member?
A. Delegate the entire responsibility of compliance risk management to the compliance department.
B. Approve the firm’s compliance policy and ensure its effective implementation by senior management.
C. Ensure that the compliance function only reports to senior management.
D. Review compliance risk management every five years to ensure long-term effectiveness.
**Answer: B. **Approve the firm’s compliance policy and ensure its effective implementation by senior management.
Relevant Sections:
Chapter 2, Section 1.1.2 Responsibilities of the Board
Explanation: The board is responsible for overseeing compliance risk and approving a formal compliance policy, which should be reviewed at least annually.
The board must ensure compliance risk is effectively managed by senior management.
Kevin, a senior manager at an investment firm, is tasked with ensuring compliance with the firm’s regulatory obligations. He is unsure about his role in establishing and communicating compliance policies across the organisation.
What is Kevin’s main responsibility in managing the firm’s compliance risk?
A. Establish a written compliance policy and ensure it is communicated throughout the firm.
B. Ensure that compliance is handled exclusively by the compliance team.
C. Wait for the board to handle compliance risks directly.
D. Develop compliance policies only for senior managers and exempt other staff.
Answer: B. Establish a written compliance policy and ensure it is communicated throughout the firm.
Relevant Sections:
Chapter 2, Section 1.1.3 Responsibilities of Senior Management
**Explanation: **Senior management is responsible for establishing a clear, written compliance policy and ensuring it is communicated and observed across the organisation.
State the two responsibilities of an effective compliance function, irrespective of the organisational structure.
Chapter 2, Section 1.1.1
- Regularly assess and monitor the adequacy and effectiveness of measures and procedures.
- Advise and assist relevant staff in complying with regulatory obligations.
Who is responsible for establishing a written compliance policy containing the basic principles followed by management and staff?
Chapter 2, Section 1.1.2
Senior management is responsible for establishing a written compliance policy.
What is the purpose of the compliance manual?
Chapter 2, Section 1.3.1
The purpose of the compliance manual is to** formally document the standards** to be followed by employees in both their personal conduct and business dealings, expanding on the company’s corporate governance manual.
What are the three key stages involved in a risk-based approach to a monitoring programme?
Chapter 2, Section 1.5
Stage 1: Information gathering.
Stage 2: Scoring of potential risks.
Stage 3: Applying weightings to prioritise the most pressing issues.
What are the most common methods used to monitor whether a business is in compliance with regulations, internal policies, and procedures?
Chapter 2, Section 2.1.1
- Interviews with staff and management.
- Observing processes and controls in action.
- Reviewing previous reports, key management information, and exception reports.
To which types of people might compliance staff provide individual training?
Chapter 2, Section 2.1.4
Directors and senior management approved by the regulator.
What role might compliance play in the development of new business?
Chapter 2, Section 2.1.6
Compliance plays a role in due diligence, risk assessment, and ensuring that new business activities comply with regulatory requirements.
What two factors do regulators use to assess risks?
Chapter 2, Section 3.1.1
- Impact (the scale of the effect the risk would have on consumers and the market).
- Probability (the likelihood of the risk occurring).
What type of information can be withheld when providing information?
Chapter 2, Section 3.1.5
Legally privileged information or documents subject to privilege.
What is it called when staff informs a client a SAR is made about them?
Chapter 2, Section 3.1.7
It is referred to as “Tipping Off,” which is prohibited under anti-money laundering laws.
