Latest Products

Media Release: Clarifying the Role of the Compliance Professional

Thursday 1 November 2018
1 November 2018 — The hearings of the Royal Commission into Misconduct into Banking, Superannuation, and the Financial Sector Interim Report, not only exposed systemic misconduct but also highlighted the lack of industry understanding with regards to ‘compliance’ and ‘compliance frameworks’. The GRCI and its members—as noted by the recent submission to the Royal Commission Interim Report on 25 October—are not surprised by this, since compliance as a business function is often under-utilised and not resourced properly.

One solution is that the role of the Compliance Officer (CO) needs to be better understood by organisations, placed, authorised and resourced appropriately and not treated like a back-office expense, rather than the business enabling framework it is, when utilised properly. A qualified compliance professional enables and facilitates the business understanding compliant conduct, assists them with analysing business practices, products and procedures and developing business-oriented solutions, that encompass sensible business decisions that, in best practice situations, exceed community and customer expectations.

It is the view of the GRCI that governance, risk, compliance, and assurance is the responsibility of everyone working in the business, from those customer-facing, through all levels of management and right through to the board. All of these roles are ‘front line’ roles. Every single employee and director express their organisation’s values through the manner in which they prioritise and analyse business decisions. It is the role of the compliance professional to guide management and the board in their roles. With the complexity and volume of regulation in place for most organisations, it is not surprising that directors and senior management struggle with the depth of understanding needed to ask appropriate and meaningful questions to know enough to adequately execute their duties. Access by compliance to the board to fully support them is absolutely essential.

The role of the CO is to alert the business when something is wrong, and if the business and relevant stakeholders fail to act, then there should be appropriate protections for the CO to speak with the regulator if need be.

Further observations by GRCI and its members:
  • Compliance and conduct KPIs should apply to senior management and directors as a compulsory element of their remuneration;
  • Directors are ill-equipped to ask the right questions of compliance and risk management officers and might need training in this area;
  • Compliance needs to be able to report directly to the board, and to the regulator, if an issue arises; and
  • Senior management and directors need to be held accountable with ‘much more suitable penalties’ but also rewarded for ensuring the best conduct occurs.
“What compliance professionals undertake within their organisations is frequently misunderstood, especially by senior management. The compliance team is often brought in way too late on product development, meetings with the business and issues, to do final sign offs or fix issues, rather than being proactively utilised,” GRCI Managing Director said. “Compliance professionals are facilitators and translators of the complexity of regulations, stakeholder expectations into practical business options by working with the business to work through and develop the deep understanding of the requirements and enable the business conduct to reflect stakeholder expectations and good business practice.”

About the GRC Institute
The GRC Institute (GRCI)—formerly known as ACI—is the pre-eminent member association, servicing compliance and risk management professionals since 1996. We aim to unify and strengthen the GRC profession to provide a community in which individuals can come together to share knowledge, challenges and ideas on solutions to mould their vision for the future. For more information, visit:
Proudly supported by our Principal Members: Westpac, NAB, ANZ, AMP, Commonwealth Bank, AIA, KPMG, and Thomson Reuters.

Contact Details 
Naomi Burley