1. inCOMPLIANCE®
33
PERSONAL LIABILITY
inCOMPLIANCE®
33
inCOMPLIANCE®
33
inCOMPLIANCE®
33
Getting personal
Thomas Wan Chee Kien considers the personal liability
of compliance officers, and offers advice for those
looking to protect themselves
I
n recent years, a perception has
emerged that compliance officers
have become more exposed, on
a personal level, to regulatory and
government enforcement action,
especially given the increasing number
of regulatory and criminal cases,
financial sanctions and accountability
regimes.1
Against this backdrop, many
are questioning the personal risks that
compliance officers face.
Through examining a number
of recent examples, this article
considers the personal liabilities
of compliance officers under the
various accountability regimes,
and the expectations and desired
outcomes of regulators and law
enforcement. It also proposes ways in
which compliance officers can better
safeguard themselves.
Regulators’ expectations
A number of recent examples
highlight the regulators’ views on
compliance officers.
In November 2015, the former
US deputy attorney general Sally
Yates addressed the American
Banking Association and American
Bar Association Money Laundering
Enforcement Conference, saying that:
“compliance professionals are the
Department of Justice’s crucial partner
in the fight against white-collar crime”.2
In May 2016, in the case of Taft v
Agricultural Bank of China, Ltd3
, Judge
Paul A Engelmayer in the Southern
District of New York ruled that a
compliance officer at the Agricultural
Bank of China (ABC) could bring
a claim for retaliation under the
whistleblower protections contained
in the Bank Secrecy Act. The court
agreed with the plaintiff, Natasha
Taft, that a memorandum she wrote
to the Federal Reserve Bank of New
York against ABC constituted an
independent report and not one made
on behalf of ABC in her capacity as
a compliance officer. “Compliance
officers act as arms of the government,
and this decision reinforces the rights
that these individuals have in the
workplace,” said Brian Heller, a lawyer
for Taft.
In March 2015, Georgina Philippou,
the then-acting Director of
Enforcement and Market Oversight of
the UK Financial Conduct Authority
(FCA) said, when imposing a fine on
a chief compliance officer for Bank of
Beirut4
: “We are reliant on compliance
officers ... to act as an important line of
defence, to support effective regulation
at firms and to show backbone even
when challenged by their colleagues.”
In June 2015, in a public statement
titled “The Role of Chief Compliance
Officers Must be Supported”,
Commissioner Luis A Aguilar of the US
Securities and Exchange Commission
(SEC) said: “Chief compliance officers
of Investment Advisers (CCOs) play an
important and crucial role in fostering
integrity in the securities industry.
They are responsible for making sure
that their firms comply with the rules
that apply to their operations. As part
of that effort, CCOs typically work
with senior corporate leadership to
instil a culture of compliance, nurture
an environment where employees
understand the value of honesty and
integrity, and encourage everyone
to take compliance issues seriously.
CCOs of investment advisers (as with
CCOs of other regulated entities)
also work to prevent violations from
occurring in the first place and, thus,
prevent violations from causing harm
to the firm, its investors, and market
participants. Given the vital role that
CCOs play, they need to be supported.
Simply stated, the Commission needs
capable and honest CCOs to help
protect investors and the integrity of
the capital markets … Moreover, the
Commission has used its Whistleblower
programme, to protect and reward
CCOs who did the right thing”.
He added that: “CCOs are vital to
the protection of investors and the
integrity of the capital markets. To that
end, the Commission works to support
CCOs who strive to do their jobs
competently, diligently, and in good
faith – and these CCOs should have
nothing to fear from the SEC.”
In June 2015, Commissioner Daniel
M Gallagher, in a Statement on Recent
SEC Settlements Charging Chief
Compliance Officers With Violations of
Investment Advisers Act Rule 206(4)5,
said: “The risk is much too high for
the compensation. In my experience,
firms tend to compensate compliance
personnel relatively poorly, especially
compared to other associated persons
possessing the supervisory securities
licenses compliance personnel typically
have, likely because their work does
not generate profits directly. But
because of their responsibilities,
compliance personnel receive a great
deal of attention in investigations,
2. inCOMPLIANCE®
34
PERSONAL LIABILITY
and every time a violation is detected
there is, quite naturally, a tendency
for investigators to inquire into the
reasons that compliance did not detect
the violation first, or prevent it from
happening at all. The temptation to
look to compliance for the ‘low hanging
fruit’, however, should be resisted.
There is a real risk that excessive
focus on violations by compliance
personnel will discourage competent
persons from going into compliance,
and thereby undermine the purpose
of compliance programmes in general.
That is, we should strive to avoid the
perverse incentives that will naturally
flow from targeting compliance
personnel who are willing to run
into the fires that so often occur at
regulated entities.”
Compliance
officers would be
well advised to
take prudent steps
to better safeguard
themselves in the
current regulatory
enforcement
environment
Remaining uncertainty
While the above developments are
generally positive for the compliance
profession and compliance officer,
there remains some uncertainty as to
personal liability, as currently there
are not any global laws or regulations
that explicitly ‘protect’ the compliance
officer when doing their job and
discharging their duties responsibly
and dutifully.
Thus, in the meantime, compliance
officers would be well advised to take
prudent steps to better safeguard
themselves in the current regulatory
enforcement environment. Some
possible steps are:
• To get a clear mandate and formal
appointment of the compliance role
from the board
• To develop a clear job description
and a clear mission statement for the
compliance group and compliance
function
• To obtain formal appointment in
writing and from the regulator
• To obtain adequate indemnification
and insurance protection from the
firm / employer
• To document clear lines of
supervision and reporting (with clear
supervisory liabilities) within the firm
• To work closely with the regulator(s)
and understand their regulatory and
supervisory objectives
• To review the firm’s policies and
procedures, using a risk-based
approach and compliance risk
assessments. Repeal any that it is not
possible to follow or adhere to
• To continue all required compliance
testing and reviews, even during
emergencies
• To respond to all material audit and
regulatory findings, breaches and
non-compliance immediately, and
get senior management attention to
do so
• To respond to all red flags of possible
misconduct. Pay particular attention
to whistle-blowing, customer
complaint and staff misconduct
reports
• To negotiate but not compromise on
what is not acceptable under the law
and regulations
• To address the ‘two or multiple
hats’ problem, in which compliance
officers have to perform other
functions in addition to the key
compliance role
• To escalate all material issues to the
board and senior management.
• To request permission to obtain
advice from independent legal
counsel if there is a disagreement
with senior management
• To contemplate whistle-blowing or
resigning only as a last resort if the
board and/or senior management
are not willing to address serious
concerns.
Wan Chee Kien,
Thomas is the Tutor
at ICTA in Singapore,
and teaches various
ICA courses in GRC,
AML/CFT and FCP in
Asia-Pac. He is a
FICA, IBFA and CFTP
(Snr)
1. e.g. the UK FCA’s Senior
Managers Regime, the Hong
Kong SFC’s Managers in
Charge, and ASIC’s Banking
Executive Accountability
Regime in Australia. Others
are contemplating similar
regimes, e.g. Malaysia
(http://www.bnm.gov.
my/index.php?ch=en_
announcement&pg=en_
announcement&ac=608)
and Singapore (http://
www.mas.gov.sg/
News-and-Publications/
Consultation-Paper/2018/
Consultation-Paper-on-
Proposed-Guidelines-on-
Individual-Accountability-and-
Conduct.aspx)
2. https://www.justice.gov/opa/
speech/deputy-attorney-
general-sally-quillian-yates-
delivers-remarks-american-
banking-0
3. https://law.justia.com/cases/
federal/district-courts/new-
york/
4. https://www.fca.org.uk/news/
press-releases/financial-
conduct-authority-imposes-
%C2%A321m-fine-and-places-
restriction-bank-beirut
5. https://www.sec.gov/
news/statement/sec-cco-
settlements-iaa-rule-206-4-7.
html
Get more on the CPD
Portal
• The complexities of CCO liability
https://www.int-comp.org/cpd/
complexcco
• Evolution in the role of
compliance officer
https://www.int-comp.org/cpd/
evolutionco
• The Role of the Compliance
Officer as Psychologist
https://www.int-comp.org/cpd/
COPsychologist
Not a member?
For access to the ICA CPD Portal,
among other benefits, become a
member today: www.int-comp.org/
membership/why-become-a-member