Finding the Right Structure for Your Compliance Program
- Slides: 17
Finding the Right Structure for Your Compliance Program @complianceweek
Doraliz Ortiz de Leon Group Legal Advisor Emirates National Oil Company Limited (ENOC) Waheed Rathore EVP, Group Chief of Compliance & Anti-Money Laundering Abu Dhabi Commercial Bank Paul Zietsman Group Lead Trade Compliance Sadara Chemical @complianceweek 2
UNDERSTANDING YOUR BUSINESS Doraliz E. Ortiz de Leon Group Legal Advisor Emirates National Oil Company Ltd. (ENOC) LLC @complianceweek 3
UNDERSTANDING YOUR BUSINESS How do you set up your compliance program? • You need to look at international best practices, but equally as important, you need to understand your company: Ø What is the mandate from your shareholders? Ø How does the company operate? Ø Who are third-party stakeholders, where and how do they operate? For example, ENOC is wholly owned by the government of Dubai. It is a fully integrated oil and gas conglomerate with international operations. @complianceweek 4
UNDERSTANDING YOUR BUSINESS • ENOC’s shareholders (oversight) • Business activities subject to diverse regulations: Ø Depending on the country/jurisdiction Ø International trade Ø Within the UAE: Ø Federal laws Ø Laws of each Emirate Ø Municipality regulations Ø Free zones • Ethics and compliance program is centralized and interdepartmental. @complianceweek 5
ENOC’S ETHICS PROGRAM @complianceweek 6
ADAPTING TO YOUR INDUSTRY Waheed Rathore EVP, Group Chief of Compliance & Anti-Money Laundering Abu Dhabi Commercial Bank @complianceweek 7
THE BAD NEWS! @complianceweek 8
REGULATORY CLIMATE: FINANCIAL SECTOR • Banking regulator (UAE CB) • Capital market regulator (SCA) • Stock market (listed financial institutions) • Financial free zone regulator (DFSA/ADGM) • Host country regulator (where bank operates) @complianceweek 9
COMPLIANCE PROGRAM: 7 PILLARS 1. Executive Level Oversight (governance) Ø Tone at the top (filtering to all levels) Ø Independent compliance reporting structure Ø Hierarchical seniority 2. Organizational Structure Ø Ø Group or country structure Centralized vs. decentralized Right capacity Right skill set @complianceweek 10
COMPLIANCE PROGRAM: 7 PILLARS 3. Policies & Procedures (key policies for financial sector) Ø Conduct compliance Ø Conflict of interest (including related party transactions) Ø Personal trading Ø Chinese walls Ø Code of conduct (including gifts & entertainment policy) Ø Whistleblowing policy Ø Regulatory compliance program Ø Anti-money laundering/counter financing of terrorism & know your customer Ø Sanctions compliance @complianceweek 11
COMPLIANCE PROGRAM: 7 PILLARS 4. MIS & Reporting Ø Portfolio risk picture Ø Ongoing de-risking Ø Policy/target market review 5. Monitoring Ø Transactions & customers Ø Filing suspicious transaction reports @complianceweek 12
COMPLIANCE PROGRAM: 7 PILLARS 6. Training Ø Ongoing training on policies & emerging risks Ø Staff across the organization Ø Compliance staff 7. Audit Ø Compliance function should be independently audited for Effectiveness & Quality @complianceweek 13
CENTRALIZED OR DECENTRALIZED? Paul Zietsman Group Lead Trade Compliance Sadara Chemical @complianceweek 14
Why would you select a specific model? Centralized Model • Uniformity • Avoiding conflict of interest • Strong control through governance like the Audit Committee • More authoritive representation • Better tone from the top @complianceweek Decentralized Model • Flexibility • Regional autonomy • Business model – JVs • Better understanding of business • Better integration with the business 15
Do you really have to choose? or… Can you have your cake and eat it too? @complianceweek 16
CENTRALIZED ACTIVITIES VS. DECENTRALIZED ACTIVITIES Centralized Activities • Reporting • • • Performance assessments Group policies Though leadership Main assurance given Reliance of assurance value tested @complianceweek Decentralized • Process and control implementation • Compliance advice • Risk assessments • Monitoring 17