Senior Compliance Officer
For the senior Compliance Officer, there’s a lot going on at all times. From getting your head around the newest regulations, to devising strategies of compliance and mitigating operational risks, we’d bet that your plate is pretty full.
Written by a human
So then, how would you feel about adding another responsibility; in the form of the Chief Compliance Officer certification?
The CCO certification is a way for the Department of Justice to hold individuals accountable for their entire firm’s compliance – a lot for the shoulders of a single individual.
Learn about how the CCO certification came about, what Senior Compliance Officers must do to comply, and how it differs from existing regulations.
Glencore: the enforcement action that led to the DoJ’s new certification
Glencore International AG was a Swiss-based commodity trading and mining company that had subsidiaries in the US. Between 2007 and 2018, the company allegedly provided more than $100 million in payments and gifts to secure new contracts across the globe.
To cover up the bribery, Glencore forged consulting agreements and paid inflated invoices, and earned profits of over $124 million. It led to a settlement in US courts, to the tune of $1 billion, alongside civil and criminal penalties.
But the Glencore settlement also included compliance based enforcements in order to prevent future regulatory violations. That’s likely due to the General Counsel for the company admitting that “Glencore knowingly and willingly entered into a conspiracy”.
Therefore, three extra penalties were added for the company:
- To implement two independent compliance monitors, including one to remain in the US
- To retain their compliance monitors for at least three years
- For the CEO and CCO to personally certify to the DOJ, in the form of a document, that they have met the compliance standards and obligations
It’s this last penalty that has raised concerns across the industry and caused the commotion around this topic.
What’s the CCO certification?
The Chief Compliance Officer certification was proposed more generally in 2022, with the same requirements. This means that CCOs, alongside CEOs, will be made to certify that their compliance program is reasonably designed to meet regulatory requirements and to detect and prevent violations of the law.
However, this isn’t applicable across the board. In fact, so far, it’s only been used as a retroactive enforcement action, as it’s only been linked to CCOs in connection with a resolution.
The key is that, if false statements are made within these documents, and then signed by the CCO, they could become liable and face criminal charges.
CCO vs SOX law requirements
This requirement is comparable to another longstanding senior manager obligation which exists within the Sarbanes Oxley Act, also known as SOX law.
In the latter, CEOs and CFOs must both personally certify that their company’s financial statements are wholly accurate, and are deemed directly responsible if they are not.
The CCO certification reflects this same level of risk management responsibility for a compliance manager, bringing both finance and compliance into equal footing.
Preparing for compliance
As it’s a fairly new policy, there are still a few questions around where it will lead, and how companies, and senior Compliance officers should best prepare. But it is worth noting that the DoJ has explicitly stated that this is aimed at supporting CCO and empowering them to get involved at every level of compliance, instead of hindering.
For most companies, it’s a ‘make no sudden moves’ policy, and things will only change in the face of an investigation. However, proactivity, especially in looking for any gaps in your regulatory affairs, will be key to maintaining oversight.
As a senior compliance manager, it’s your job to ensure that business practices are documented and work with your C-suite to design compliance programs that meet the demands of your specific organization, including improving regulatory standards as the rules evolve. Risk assessments should happen regularly to feed your regulatory frameworks, internal policies and global compliance strategies.
Here at Global Relay, we can support you by putting compliance at the heart of your business. Learn more here.
FAQs for Senior Compliance Officers
What are some CCO compliance challenges?
Typical CCO challenges include staying up to date with the evolving regulatory world, implementing compliance strategies and performing monitoring functions like an internal audit to check and test that these are working.
What is it like working as a Compliance Officer?
Compliance Officers typically deal with the daily regulatory compliance tasks to ensure their organization remains compliant. This can include auditing current systems, overseeing changes, record-keeping or documenting and regulatory reporting. A lot of the everyday work is about ensuring the company covers its back in the face of threats and implements the correct regulatory changes.
Who is responsible for compliance in an organization?
Generally, all employees should follow their internal compliance policies as they take control over regulatory compliance. However, ultimately, the buck stops with the senior compliance officers and the Chief Compliance Officer (CCO).
