Sabine Halberstadt
Live is a journey and not a destination. The same goes for the maturing of any compliance function. I have been privileged enough to embark on the compliance journey at the Government Institutions Pension Fund (“GIPF”).
Starting with the establishment of a compliance function and the first compliance policy to where we are today was an exciting and at times a tiring process. Whether an organisation has a centralised or decentralised compliance function depends on the type of organisation, the volume of regulatory requirements of a specific industry that must be met and the funds and human capital available at its disposal.
In practice, however, I believe, it is best to have a decentralised compliance function with compliance officers in various departments such as; information security, human resources, finance, client services, operations, as well as marketing and stakeholders engagement department, as those people are specialists in their fields.
They know the best practices in their field of expertise, such as the standards identified by international standards organisations and what the current trends and challenges are.
The Chief Compliance Officer, whether being part of a legal and compliance department or a stand – alone compliance function of an organisation, guides other departments in identifying legislative requirements they need to comply to, assist them in developing internal controls to ensure compliance with all requirements.
This is done either by developing policies, procedures and guidelines and by automating some of the processes. With the regulatory framework changing continuously, it is important for compliance officers to keep abreast with developments in legislation.
For us, in the Pension Funds industry for example the Financial Institutions and Markets Act (FIMA), Act 2 of 2022 is a good example on how to prepare oneself for the implementation of the relevant regulations and standards that will accompany the new legislation.
FIMA has been gazetted and it is easy to determine what needs to be done to implement it. The processes and procedures that need to be adjusted and the training the staff members need are fairly easy to determine.
However, with the uncertainty of how the final version of the regulations and standards will look like, it is difficult to determine on how much time and effort should be put aside on getting ready for implementation based on the regulations and standards of which the final versions are not available yet.
Another piece of legislation, which is currently on the radar is the Electronic Transactions Act, Act 4 of 2019, which became partly effective and it is uncertain when the rest of the Act will become effective and how the Regulations to that Act will look like.
The role of compliance officers at organisations has shifted from “policing” colleagues and or departments to making it fun and interactive and thereby creating a positive compliance culture and ethical behavior throughout an organisation.
Compliance Champions are employees in various departments of an organisation. These Champions do not need to have a legal background. They need a good understanding of the day-to-day operation of their department and best practices in their field of expertise for example finance or investments.
It is normally the duty of the head of the compliance division to identify legal and other requirements an organisation needs to comply with.
These requirements are discussed with the relevant departmental Compliance Champions and steps are agreed upon to ensure compliance. These Champions receive training either on the job or formal training from for example the Compliance Institute of Southern Africa.
*Sabine Halberstadt is the deputy chief compliance officer at the Government Institutions Pension Fund (GIPF). The views expressed in this article are her own and do not represent those of her employer.