What is a Head of Compliance?

The Compliance Oversight Function (SMF16) is the director or senior manager within the firm who has been allocated the responsibility for “oversight of the firm's compliance” and “reporting to the governing body in respect of that responsibility”. This is commonly referred to as the Head of Compliance.  

Responsibility: Company vs. SMF 16 

It is the firm as a whole that has the responsibility to establish, implement and maintain adequate policies and procedures sufficient to ensure compliance of the firm including its managers, employees with its obligations under the regulatory system. 

The firm must, taking into account the nature, scale and complexity of its business, and the nature and range of financial services and activities undertaken in the course of that business, establish, implement and maintain adequate policies and procedures designed to detect any risk of failure by the firm to comply with its obligations under the regulatory system, as well as associated risks, and put in place adequate measures and procedures designed to minimise such risks and to enable the appropriate regulator to exercise its powers effectively under the regulatory system.  

The firm is also responsible for maintaining a permanent and effective compliance function which operates independently.  

Head of Compliance Responsibility

The SMF 16 as head of the Compliance Function has the responsibility of:

• Monitoring and, on a regular basis, assessing the adequacy and effectiveness of the measures and procedures put in place and the actions taken to address any deficiencies in the firm's compliance with its obligations
• Advising and assisting the relevant persons responsible for carrying out regulated activities to comply with the firm's obligations under the regulatory system

The Compliance Function

To enable the compliance function to discharge its responsibilities properly and independently, a firm must ensure that the following conditions are satisfied:

• The compliance function must have the necessary authority, resources, expertise and access to all relevant information
• A compliance officer must be appointed and must be responsible for the compliance function and for any reporting as to compliance required
• The relevant persons involved in the compliance function must not be involved in the performance of services or activities they monitor
• the method of determining the remuneration of the relevant persons involved in the compliance function must not compromise their objectivity and must not be likely to do so. 

Independence 

It is important to distinguish between the responsibility of “the business” and the responsibilities of the SMF16 or the compliance function. In essence it is “the business” who is responsible for “establishing/implementing/maintaining” policies, commonly referred to as the first line of defence.  The compliance function, by contrast, is responsible for overseeing and reporting, forming the second line of defence.   

The general principle is that if the second line didn’t exist then the first line would generally be able to conduct themselves in accordance with the relevant rules and regulations.  

The concept of a first and second line of defence is integral to the understanding of a SMF16’s responsibility.  

Firms should ensure that the compliance function holds a position in the organisational structure that ensures that the compliance officer and other compliance staff act independently when performing their tasks.  

In certain situations, the SMF16 or indeed the compliance function could be involved in the day-to-day decision making, continually providing advice to the business and potentially signing-off key decisions or contracts in advance of them being enacted. If the compliance function is involved in this way they will need to consider if they are able to conduct effective independent monitoring of business activities and if a separate monitoring is needed.  

In Practice - General activities 

It is up to the SMF16 to decide the precise activities that are needed to comply with the responsibilities set out above. It is not possible to provide an exhaustive list of activities, however some key practical activities include:

• Policies and procedures: Providing advice to the business on establishing compliant policies and procedures.
• Monitoring Plan: Devising a risk‑based compliance monitoring plan for the year which sets out the business areas that need to be reviewed and the extent of the review that will be performed.
• Compliance monitoring: Executing the compliance monitoring plan and assisting the business in addressing any deficiencies identified.
• Reporting: At least annual compliance reporting to the board on the results of the monitoring activities undertaken, the deficiencies identified, and the action plan to address any issues.
• Registers: Maintaining relevant compliance registers in relation to conflicts of interest, financial promotions, complaints, errors and omissions, personal account dealing, and others as appropriate.
• Regulatory reporting: Assisting the finance team in understanding the nature of the information they need to report to the FCA.
• Business awareness: Having sufficient standing to be aware of all relevant upcoming business developments in time to advise on regulatory consequences.
• Business knowledge: Participating in business discussions to ensure they are kept abreast of all relevant business activities that may have a compliance element.
• Regulatory change: Keeping abreast of regulatory pronouncements to the extent they may impact the strategic or operational activities of the business.
• Financial promotions: Many firms have their SMF16 approve financial promotions as an additional layer of oversight.
• Regulatory Capital: Assisting the finance team in understanding the firm’s regulatory capital requirements.
• Marketing: Assisting the sales/distribution team in understanding

   

To learn how we can help you on your Appointed Representative journey, please get in touch.