Personal Liability: The Challenge for Compliance Officers

For a long time, it was presumed that individuals could not be held legally liable for compliance negligence incurred by financial institutions. Compliance negligence was perceived as an institutional liability, not a personal liability. As such, compliance professionals were typically not held legally liable for compliance negligence that occurred under their watch; the blame often shifted from individuals to their employers.

However, the assumption that individuals could not be held personally liable for compliance negligence took a sharp turn in May 2017 when Thomas Haider, a former Chief Compliance Officer at MoneyGram agreed to pay a $250,000 fine in a case brought against him by the United States AML regulator, FinCEN, for compliance oversights that happened under his watch.

The case against Haider is indeed a turning point in how personal liability is perceived within the compliance profession. The decision by the U.S. regulator to bring a case against Haider may be the beginning of a new era in the compliance profession where the compliance officer can be held personally liable for negligence in the line of duty.

While the case against Haider took place in the United States, it however has potential implications for compliance professionals everywhere, particularly in cases where USD denominated transactions are involved. In Africa, compliance officers have been sacked by their employers for negligence. Others have been called upon to testify in legal matters. But cases where a compliance officer was personally held liable in a legal case brought forth by a regulator is rare in the African context. This might however change as the compliance function becomes more complex.

Compliance professionals should be aware of personal liability challenges that come with the compliance function. The institution’s compliance manual should be in effect at all times. The compliance officer is less likely to face personal liability issues if procedures and processes are followed accordingly as stipulated in the compliance manual.

54 Comments

  1. Ahmed Abu Harira

    SUDAN

    It is very true that the personal liability is not yet applied in the African context of Compliance practices, but it is informally understood by all that the compliance practitioners may personally be held liable for compliance oversight. Central banks regulations have impliedly stipulated the personal liability issue. As long as process are clear and violations keep happening, the compliance officer should be personally held liable, especially if the particular violations took place under his approval or oversight!. The personal liability issue makes the compliance practitioner more serious in assuming the job burden. People tend to be more cautious if they are personally responsible to a superior or a law enforcement agency while exercising their duty. I personally call for making the personal liability issue part of the jobs terms and conditions by regulations, because this is what makes compliance profession the most challenging, demanding and the highest job paid on the globe.

    Reply
  2. Simon J. Banda

    MALAWI

    I believe Personal liability will soon be part of the regulatory enforcement tool to ensure that institutions comply with the relevant regulations. In Malawi, the Financial Crimes has a provision for personal liability where if proved a person may pay a fine of MWK10,000,000 (aprox US$13,600.00) and a minimum of 5years in prison, however no officer has been convicted so far. I also foresee a challenge that most compliance officers are not given adequate training on how to execute compliance tasks as such most organizations will be liable because they will struggle to prove that the Officer was given the right tools to perform. There is also a tendency to appoint a “ceremonial Compliance Officer” who is not involved in executing compliance tasks or has has no idea of AML/CFT issues. This trend will mean the ceremonial compliance officers will be personal liable even though they were not fully involved. However on a positive note it will force organization to appoint the right people in the compliance function to avoid reputational damage and fines by the regulators.

    Reply
  3. Nobesuthu Seopela

    SWAZILAND

    Personal liability is a challenge for compliance officers because some of the penalties might be due to financial institutions being resistant to comply with regulations. It has been noted that in most organisations the culture for compliance is being adapted slowly than expected nevertheless the compliance officers have a responsibility to ensure that they bring a change by strategically involving the Board of Directors and Executive members of organisation into adopting compliance culture. It is key that top management adopt this culture so that it can be driven from top and be incorporated into the organisation strategy so that non-compliance can be a responsibility for everyone in the organisation. The compliance officers have a challenge to make sure that the organisation is aware of compliance issues at hand to avoid fines and compliance officers will be liable as well if the organisation is not compliant at any point. As compliance officers we need the organisations to start taking us serious and they all have to know that if anything goes wrong in the space they are liable as much as the compliance officer is liable. Regulators need to access the route course of non-compliance because sometimes the compliance officers advise business about being compliant but, because they want to push sales they end up overlooking compliance issue to make profits. Compliance professionals need to make a change by ensuring that they have evidence when escalating issues within the organisation just to make sure that they are covered in case they are penalties. The first contact for reference for non-compliance will be the compliance officer, meaning it is true that compliance officers are liable for non-compliance. The compliance officers must have integrity to ensure that they stand their ground coming to compliance issues. There is no compromise when it comes to compliance issues is either you comply or get the consequences of non-compliance.

    Reply
  4. Sam J. Brown

    LIBERIA

    The topic ‘Personal Liability’ is a very interesting but challenging point in our profession to underscore. As a Compliance Practitioner, your job is to ensure that everyone adheres to rules and not to buttress violations or serve as an accomplice or collaborator to non-compliance. Though many of us in the past have not seen this as an integral part of our career because the liabilities were always a corporate one but we have seen compliance officers being shifted from one department to another, force to resign or dismissed because of such purposeful indifference (willful blindness). Now that our regulators have seen the need especially for Liberia where we have our new AML/CFT regulation emphasizing on the issue of personal liability, it is advisable that we as compliance professionals be cognizant about this and act accordingly. While it is true that compliance is not an inhibitor of business but an enabler, we as compliance officers should always be meticulous in executing our duties and functions. By being constantly reminded of the personal liability aspect of our career, we can improve our ethical skills and help our institutions to get better by upholding our values, rules and etiquette.

    Reply
    • Clarence Baysah

      LIBERIA

      Well, Personal Liability: The Challenge for Compliance Officers in African should not be measure similarly to the UK or that of United States. However, Africa scene is quiet different from the Western World where an independent Compliance function as required. For example, Thomas Haider was given a responsibilities and authority to move on as Compliance Officer and his appointment was strongly backed by the US Regulatory Authority. In Africa, there are laws on the books. But what is on the books is not exactly what can be implemented. Take for instance, the AML/CFT regulation requires that the Head of Compliance be at the level of Senior Management and the Department should be fully staffed. How many Financial Institutions in Africa are in compliance with this regulation? Most institution will be liable due to the fact that One Compliance Office play the role as AMLO and the rest of the functions. ACCPA Should also help to engage African Central Banks or FIU not to hold Compliance Officer responsible if they them self fail to implement and monitor the laws. There is a saying in Africa that says:” Big guys sacrifice the smaller once to protect their integrity”

      Reply
  5. William Kapikara

    NAMIBIA

    I believe that company policies should be aligned in such a way that they talk to regulatory enforcement acts/tools in order to strengthen the awareness of Personal Liability. This is because, you find some financial institutions that have their own company policies that protect their employees from being personally held liable of negligence. In most cases, these policies are designed in the name of protecting the institutional brands or reputation of certain companies. This allows compliance officers to hide behind their respective brands and create a tendency of practicing the compliance profession with little integrity. Therefore Personal Liability must and should be made part of the countries financial regulations especially in our African continent.

    Reply
  6. Nerry Osuka-Raymonds

    NIGERIA

    The case of Mr Tom Haider’s conviction shows that professionals will no longer be able to hide behind their employing organizations, it marks the beginning of an era of personal responsibility. I foresee a time when this case would be used as a judicial precedence by many countries. SOX, a US legislation, is fast becoming an international reference point, nations are beginning to fashion their fraud fighting laws and frameworks after it, same, I predict, will happen following this case. It’s an eye opener for us as professionals, we must aim to get it right or be flushed down the drain pipe of irrelevance.

    Reply
  7. Refiloe Banda

    SOUTH AFRICA

    The increase in Compliance Officer Personal Liability cases is on the increase and has resulted in compliance being more than just a box ticking exercise and a nice to have to it actually being seen as a professional and necessary role. While this may be seen as a necessary deterrent and a way to ensure that enforcement of regulations occurs. Punishment by regulators for compliance failures is necessary, it is also important for regulators to ensure that all the facts for each case are looked at and that unintentional wrongful conduct and people being pursued for failures that they were not involved in are judged based on their unique set of facts. The CCO may be the responsible person for all compliance matters, he/she needs buy in and support from the Board and senior management without which it may be difficult for them to professionally execute their responsibilities. The CCO needs to be supported by ensuring that they have sufficient resources to professionally act and safeguard the institution. Personal enforcement against the CCO’s is not uniform, nor is it clearly articulated through a meaningful professional standard which could be used as a measure for professionals across the profession and, in turn, as a measure by others.

    The CCO needs to ensure that proper documentation of processes and where differences of opinions arise on important issues they should ensure proper documentation of escalation procedures undertaken. Regulators may want to drive a message across, they should ensure that on their mission to enforce laws they don’t alienate talented professionals who may leave the industry for fear of personal liability for things that may be out of their control as has been the case in the Obstetrician and Gynaecology field in South Africa recently.

    In closing, its important that regulators and compliance officers communicate and work better to achieve a balance in this highly regulated environment. Regulators could be less harsher in their dealing with personal liability but at the same time still driving a stronger message of building and maintaining a culture of compliance within institutions; we as compliance professionals need to be professional in our approach and apply better methods to manage our own individual accountability risk to avoid regulatory breaches.

    Reply
  8. Ameh Azah

    CAMEROON

    Personal liability in negligence for compliance officers in Africa just like is the case in the US and UK, i think, is currently a farce for many obvious reasons.
    The duty of care can be invoked only when it is established that a special relationship of care existed between the parties i.e a professional and a client. Sadly, compliance is not recognized as a profession in most African setups. Mainstream professional associations like lawyers, doctors and bankers have statutory professional associations with solid codes of ethics and deontology which the members are bound by. A part from a few countries like Nigeria and Ghana , the laws do not clearly provide for a strong association of compliance professionals, niether does it defines what a compliance professional is or what qualifies one as such.
    For the duty of care to lie, there must be an explicit responsibility as well as benefit. Most African organizations are shy to get true trained professionals because of the high cost involved in compensating them. Since organizations undermine compliance officers, the duty of care cannot also be invoked.
    Thirdly, local regulations need to come out clear to provide that the relationship between the organization and the compliance officer is one of Organization and professional not, employer and employee. The Yates Memo in the US understood this. The FCA in the UK then came out with the Senior Managers Responsibility program which provides that and executive must be explicitly made responsible for AML compliance. It is such an individual who can be held personally liable just like what happened to Thomas Haider.
    A lot of work needs to be done to increase the awareness of the importance of the compliance professional in Africa and ACCPA is doing a great job. We need to continue to support this Association.

    Reply
    • Isatou Jaiteh

      GAMBIA

      Personal Liability continues to find its way on to national regulatory agenda around the globe, be it companies and even compliance professions all should be prepared for the real implication of this change.If this change hits Africa and if care is not taken by compliance officers it will real damage us. Fines and suspensions are far from out of the question when it comes to an individual role in ensuring that a proper effective and satisfactory AML policy and procedure are followed and appropriate corrective actions taken where compliance deficiencies are identified.In some cases it is the organization that does not give the compliance officers all the necessary tools needed to exercise his /her duty due to limited resources but that does not have to stop the compliance officer to do what is expected of him/her. Instead if we make sure that we have a good documented government structure so that you can make them listen even though they might decide not to act.When the chips are down it is you the compliance officer that they will first come for.We need to work really hard to make sure that our voices are heard since we have seen that compliance professional is not really strong in Africa. I believe that regulators can assist by setting regulations as compliance officer being at senior management level, certification, having requisite skills and knowledge on Anti-Money Laundering and other internal and external regulations and laws,Unrestricted or unhindered access to information, and all the necessary resources to carry out their functions all of these needs to be factor in.I think if all these is put in place then, if the Compliance officer fails on his/her part, definitely should be held reliable for it.

      Reply
  9. Fidelis Mazividza

    ZIMBABWE

    Personal liability for compliance staff to me is more of a positive move towards the enhancement of standards and professionalism. Having knowledge of this development not only enables compliance professionals to conduct their duties diligently in accordance with the provided institutional frameworks, but that also, compliance function will start to receive that much needed attention from management especially in the provision of such needs like training of staff, re-alignment of the institutional frameworks to carter for new developments in standards, and provision of handy compliance tools that will enable the compliance staff not to rely on their diverse perceptions and opinions. If someone is well trained and well resourced, s/he cannot be a victim of personal liability.

    However, again in the view of this personal liability dimension, it is very prudent for similar jurisdictional institutions like FinCEN to consider some qualitative factors before passing on the personal liability to the compliance staff. Such factors should span in length to include checking if the organisation/financial institution ever had all the mechanisms in place such that would deter the member concerned from deviation. If not, then i am of the view that the organisation/financial institution has to take responsibility. This is better explained by that statement which says, i quote ” if you think compliance is very expensive, try non-compliance”.

    Reply
  10. Danny Luswili

    ZAMBIA

    The conviction of Tom Haider a former Chief Compliance Officer at MoneyGram in the US for negligence of duty in the execution of their duties makes a turning point in the operation of the compliance function. Compliance has now become a key function in the running of organisations especially in the financial sector. In Zambia, the laws and regulations are being amended to make compliance a key requirement in the operation of most organisations. The Banking and Financial Services Act (BFSA) has been amended making senior officers (including compliance officers) in a financial organisation personally liable if found negligent in the execution of their duties. The Financial Intelligence Act has similar sections for personal liability of a compliance officer which may range from a fine to imprisonment. To match this personal liability aspect the central bank has also elevated the position of compliance officer in the financial sector. The recently enacted central bank Corporate Governance directives have placed the compliance function at a senior level in the banking sector. The position has also been protected by the legislation by stating that a Compliance officer can only be dismissed by the board. This has brought the accountability and responsibility of a compliance officer together. As compliance officers we need to understand that our responsibility is far greater in the management and operations of organisations we work for. It is important that compliance professionals operate at the highest level of performance and maintain their integrity. Negligence should never be synonymous with a compliance professional. The importance of professional organisations like ACCPA is becoming increasing important in ensuring the compliance profession is prepared for the work and avoid issues like negligence due to failure to fully understand the compliance function. It is expected that going forward the compliance function will only be held by capable , professionally qualified staff for which ACCPA is supporting in Africa. Responsibility and accountability are important aspects which any compliance officer should never ignore.

    Reply
    • Kebby Kalenga

      ZAMBIA

      I dream of a day regulators will make it mandatory for organisations to only recruit qualified members of ACCPA to take up the role of Compliance Officers. And when that day comes ACCPA should ensure it strips off qualifications and membership of members convicted of committing crimes while performing their duties. I believe this will potentially deter members from acting irresponsibly when performing their duties. In addition, as ACCPA we should ensure we make ourselves known to the regulators in respective countries and make them understand our role.

      Reply
  11. Daniel Effah

    GHANA

    In Ghana like most African countries, the AML compliance law renders institutions liable for any offenses in breach of the law rather than the persons involved.Act 749 section 44 of the AML law in relation to offenses to compliance states that:
    a. An accountable institution, which fails to formulate and implement internal rules or
    b. Provide training or appoint a compliance officer commits an offense and is liable on summary conviction to a fine not more than five thousand penalty units (5000, 12cedis per unit count) that is equivalent to $15000.The law is practically silent on personal liability and so individuals are not held personally liable for compliance negligence that occur under their watch. The gap in the law could be a cause for the negligence of some compliance officers.The law should be amended to make compliance officers more accountable for the discharge of their duties.

    Reply
  12. Thabang Rantsoabe

    LESOTHO

    The wave towards personal liability exposure for compliance professionals for acts of non-compliance seems to be gathering momentum day-by-day and it has in fact knocked on the regulatory corridors in the African context for some time now. The regulators are worried that the regulatory fines for institutions are sometimes not attaining their intended deterrent effect hence the move to ‘lift the corporate veil’ so to speak and go directly to the compliance officers who occasioned issues of non-compliance through negligence or omission. In Lesotho the regulator performs annual fit and proper assessment for senior management of all financial institutions (heads of compliance included) and board members, as a control to assess the individuals who hold positions of responsibility – the compliance professionals are more prone to suffer the consequences of this tool if they do not conscientiously undertake their responsibilities. The ramifications of being declared unfit to undertake compliance responsibilities by the regulator for a compliance professional would be too dire to contemplate. The existence of personal liability for compliance professionals in Africa is therefore more real than imagined.

    Reply
  13. Samuel

    KENYA

    Until recently compliance staff in Kenya were either not being personally liable or nothing beyond internal disciplinary actions for their actions or inactions relating to breach of money laundering regulations. At the height of National Youth Service corruption scandal 7 Compliance Officials were hauled in court and interdicted. Fresh in the wake and in what was believed to be related came the resignation of the CEO for the bank that was adversely mentioned in the scandal. Section 24(B) of the Proceeds of Crime and Anti-money laundering Act (POCAMLA) Amendment 2017 provides that: “where a person of a reporting institution is in breach of, or fails to comply…in the case of a natural person, a person shall be liable to a monetary penalty not exceeding five million shillings;… in the case of continued failure, the person shall be liable to an additional monetary penalty of ten thousand shillings per day on which such failure continues for a maximum period of one hundred and eighty days. In addition, section 16(2) make the same officer liable for a jail term of not more than 7 years. Further, FIU is empowered to issue an order barring an individual or individuals from employment within the specified reporting institution whether entirely or in a specified capacity. Note that in all previous cases, it is only the institutions that were being fined with the most drastic being the placement of Charter House Bank under statutory management for breach of AML regulations.

    Reply
  14. Sikanye Zwane

    SWAZILAND

    Personal Liability for Compliance Officers can only be understood at a point when the organisation has ensured that it has empowered all its officers to fully understand the roles and expectations of the Compliance Role. In most institutions that we have in Africa it is an individual’s responsibility to grow themselves intellectually in the role that they do. At the same time the employer expects delivery. How do I effectively perform in my job if I am not adequately upskilled?.Once one feels that the employer has understood the need to enroll employees for the relevant courses in line with their roles then I can say that the individual is liable as they were aware of the consequences for failure to adhere to regulations or policies.

    Reply
  15. Davies Kajogu

    KENYA
    Davies Kajogu

    The premises of personal liabilities on compliance officers will promote good anti- money laundering compliance programs and policies which guide firm on their day to day operations. The same will also ensure that senior management; push through an agenda on compliance to the Board to support. It was not anticipated that laws could be introduced to find a compliance office culpable and take personal liability for his deed, which is not limited to the period under employment but also period after employment. It is not enticing at all when one is found culpable at his retirement for deeds done during his working career. In my view, compliance officers should be worried where; they lack adequate training, where they are not involved in key decision making of the firm in their area of operation and where they still operate at the ground floor level only. For example in Kenya the laws spells it out that , the Head of compliance officers should report to the Board, the same officer should be delinked from the risk function, yet in some firm this has not been adhered to, yet we have senior compliance officers in these firms. The fear is understood because of the further fear to lose a livelihood, however remember this does not override the personal liability clause: speak up, this might save you. Major challenges noted, compliance Officers are yet to come to terms with consequences of their own deeds on non-compliance, we have not appreciated the protection in the speak up policies, we have not pushed for our positions to be understood in organizational hierarchy, and we are yet to read and interpreted the laws in place. If these are done, we mitigate and reduce the personal liability damages to us and our families. The key question which all compliance officers should be asking, just like we do if you are in a Board of Trustee in a Pension fund, should the officer request for an indemnity cover, for risks which the employer has facilitated?.

    Reply
  16. Victoria Namutidde

    UGANDA

    In Uganda, individual AML compliance officers appear to be increasingly threatened with liability for failure to detect and prevent wrong doing at their financial institutions. The demand for personal responsibility for corporate acts has become common in today’s current regulatory environment. In the AML field, the call for individual accountability is repeatedly echoed in public statements by agency heads and is reflected in recent enforcement actions as well as regulatory developments. Currently, there are more questions than answers about where the momentum behind these issues will guide the industry. Will the public statements and threats of personal liability motivate the industry to enhance overall AML compliance programs or will the fear of stricter penalties and possible repercussions simply deter top talent from pursuing a compliance career?. Finally it is imperative that an institution provide support for its AML program and ensures that it is well funded with sufficient resources. In the event an AML officer identifies failures or potential violations, institutions should provide the financial support needed to address and remedy these issues.

    Reply
  17. Toina louis

    CHAD

    Indeed, the personal responsibility of the compliance officer has never been engaged by the simple fact that the role of compliance is still new for many institutions in some African countries. With this global evolution of the role of compliance, it becomes imperative for the institutions, for the compliance officers to take this function seriously and to put in place adequate procedural measures to avoid personal liability be engaged.

    Reply
  18. AHMED SHERIFF BOCKARIE

    SIERRA LEONE

    Personal liability is not yet in effect in Sierra Leone but however, this will serve as an eye opener for compliance officers in Sierra Leone. If Haider, a former Chief Compliance Officer (CCO) could be called to law for regulatory breach during his term as CCO, this will pose a question of what is expected of us as compliance officers while in office. This means that compliance officers should execute their work diligently while in office to avoid personal liability.

    Reply
  19. Agha Ogbonnia

    NIGERIA

    The summary in this case is a lesson that compliance professionals must be up and doing in their respective jobs. In our African manner, very soon our government and employers will begin to implement the Haider example, we must not wait for that to start before we sit tight.

    Reply
  20. George Naphambo

    MALAWI

    Now more than ever Compliance Officers should request Officers Liability Insurance in order to cover themselves against such risk especially if their employers/financial institution does not take Compliance seriously. In addition, Compliance is usually a function that requires coordination of various departments and failure of these other departments to comply may lead to liability of the Compliance Officer for acts which he is not directly responsible for which is unfair to some extent. Officers Liability Insurance will therefore protect the Compliance Officer

    Reply
  21. Jacqueline

    RWANDA

    Personal liability can only be successful if it’s underlined and emphasized in the regulatory laws and regulations. Compliance is a task of everyone in the institution and as such it’s the responsibility of the management to ensure that strong control measures are in place for staff to comply with laws and regulations, especially in AML/CFT domain. In some cases, African institutions do blame personal individuals due to non-compliance because they have failed to put in place required resources for staff to comply. If all controls are in place then non-compliance individuals should be blamed personally. In Rwanda, the regulator performs fit and proper assessment for all senior management,Chief compliance officer, Chief Risk Officer, head of internal audit and board members as a control tool to assess the level of integrity and responsibility for these individuals before approvals. Because we have qualified individuals at the top then the existence of personal liability for non-compliance is crucial in my institution. Everyone is liable when it’s comes to non-compliance.

    Reply
  22. Madeline Sambou

    GAMBIA

    I believe it is just a matter of time before the case of Mr. Haider can apply to us but as Compliance Officers in Africa we should start preparing our minds for such. Most Compliance officers are not part of the decision making body of their institutions and so have challenges in putting their issues forward, meaning the compliance officer is left out of crucial discussions. In such instances the compliance officers must always document their opinion for future reference. If regulatory and other compliance breaches should be the responsibility of the compliance officer, then the compliance officers should be equipped with the right tools.

    Reply
  23. Ekere Nelson

    NIGERIA

    Compliance professionals need to be factor personal liability on any transaction undertaken as sanction can arise at any time. Recently in Nigeria, due to the anticorruption war a lot of compliance and bank officers have been arraigned in Court for failure to comply by the anti corruption agency. We must be careful.

    Reply
  24. Francis Kawooya

    UGANDA

    Personal liability indeed would increase due diligence in performance of the compliance role…but it needs to be exercised with caution and on a case by case basis. If exercised recklessly as a standard it is prone to misuse by top management who may sacrifice compliance personnel as the ‘fall guys’ for all non-compliance incidences even those already flagged out by the compliance officer but overlooked/overruled by management. Blame the compliance officer outright for weaknesses in the compliance program which could have led to non-compliance or non compliant acts sanctioned or reviewed by them but not each and every non-compliance incident…that would undermine the ‘compliance is everyone’s responsibility in a organisation’ slogan which goes a long way in promoting a strong compliance culture. In any case in Europe and America where the personal liability on compliance officers movement is being cemented the pay of compliance professionals is commensurate to that associated risk and am afraid Africa is still playing a catch up game in that respect.

    Reply
  25. Mohamed Elgily

    SUDAN

    I believe that the personal liability its a feeling should come from the employees before it’s been forced by regulations. simply, its a culture we need to learn. In my opinion, the absence of the personal liability is a reflection of the level of corruption in any country, but why?! having unqualified staff in particular positions and supporting by other powerful people, can clearly explain. Thus, even if we implement laws, or regulations to force the personal liability, it would be worthless in a highly governmental control countries. Recently, many Africans countries are following the international development revolution, especially in the banking sectors. Apparently, it is increasing the challenge of compliance profession, and the personal liability will be a serious issue. Compliance officers must be fully responsible for their tasks and understand what is the personal liability. we need to have cases like Haider in Africa to make others feel the risk.

    Reply
  26. Ramakhala

    LESOTHO

    The cardinal rule should be sticking to the procedures and processes and these should be well documented in the compliance regime.
    I would give it a thumbs up for an institutions which ensures that the position of compliance officer carries the risk of dismissal where negligence is a factor in involving the business in any of the inherent risks of non-compliance. One thing I haven’t seen in our region is whether legal instruments besides disciplinary measures that can be taken against a negligent officer, do include striking off a compliance officer as part of administrative sanction. Being a compliance officer should come at the cost and the position should ordinarily be at high managerial level otherwise how would the culture of compliance be inculcated and appreciating the risks involved in steering the business in the cost efficient direction.

    Reply
  27. Jean Claude Nsengiyumva

    RWANDA

    It is very correct that the personal liability is not yet applied in Rwandan Context, but the Central Bank officially has established in its corporate governance that the Head of Compliance is in charge of all compliance issues of the Bank. This can be understood informally that the Head of Compliance might be personally held accountable for failure to identify, assess and mitigate all compliance risks for his Financial Institution. Even if there is a compliance officer across Financial Institutions, we still witness a big number of regulatory requirements violations which happen under the watch or approval of a compliance officer. In this case, she/he can be reliable of these violations if it is established that they have been causes by his negligence or cover-up or connivance. This trend will increase awareness and seriousness of compliance officers when dealing or reporting compliance issues. And it will also help to increase the reason of being for a compliance officer in a Financial Institution. Otherwise, there will be corporate governance risks while the compliance function was put in place to sort out all those governance issues.

    Reply
  28. Puseletso Seitei

    BOTSWANA

    Personal Liability is a reality for compliance officers. This is not something that is currently being applied in most African countries as yet. In Botswana, I must say I am mostly concerned about organizations not taking compliance officers recommendation serious. As such, it is even more important for our compliance officers to ensure that they play their duty of care as always and ensure that all is documented and can be produced as evidence so as to ensure that one is protected from personal liability.

    Reply
  29. Atsu Agbemabiase

    GHANA

    The issue of personal liability of compliance professionals is certainly an important issue to discuss. However, in Africa unlike in the US, because institutions have so much power as compared to individuals, the main issue is how compliance professionals can and should protect themselves when issues come up against them with regulators especially when they did everything expected of them in their line of duty. Compliance professionals in Africa must ensure that they give records of documents and their dealings with management in cases where they disagreed with management on issues. These records can help them give a good account of themselves in the event their personal liability becomes a subject matter even though they might have done everything right.

    Reply
  30. Michèle RAZAFINJATO

    MADAGASCAR

    Personal liability might be a big challenge for compliance officers, yet they are staff members like any other in the financial institution they are working for. Upon entering the function, they should be aware of the risks that may arise during the performance of their duties. It is essential that a compliance manual be agreed upon and dully signed of by executive members so as to protect compliance officers from what could be considered as negligence. It goes without saying that during their tenure, compliance officers must ensure strict adherence to the compliance manual. The latter being the means to prove that they have acted in accordance with a written and valid process should any matter raise from regulators or an external body.

    Reply
  31. Thandi Khundla

    SOUTH AFRICA

    The CCO should be allowed to exercise his/ her rights of the office by top management. The policies of the organisation should also stipulates what is expected of the CCO to avoid confusion in times of noncompliance. Compliance role it is no longer just a job but a a huge responsibility in the organisation . It is critically important for Professionals in the field of compliance to be abreast of developments. In some organisations the role of Compliance officer is taken seriously that full reliance is upheld. In such instances yes the CCO should be liable of any anomalies that occurs. In some areas of the African continent where race is still an issue some compliance officers are not fully respected in that case liability becomes an issue. The regulator has an expectation from the CCO to answer where non compliance is evident.

    Reply
  32. Abdihakim Mohamed Hashi

    SOMALIA

    In my home country, there is no effectual regulatory which can be liable to the Compliance officer, whether they made any negligence or illegal behavior to their company. Since the compliance officers believed they themselves were insulated from liability for any wrongdoing on behalf of the corporation. However, currently, there is a growing Personal Liability for compliance officers which Central Bank of Somalia and their regulators are pursuing cases of negligence where the Chief Compliance Officer was neither involved in nor aware of wrongdoing and this will be very challenging to them. Another expecting challenge for compliance officers is that regulators need to dig a little deeper regarding business personnel who were resistant to AML compliance advice or demands.

    Reply
  33. Georgina Van Wyk

    NAMIBIA

    I have to agree with what William said that Personal Liability should be made a MUST in the compliance sector, as employees tend to hide behind their employer when negligence is pointed out. All the policies and procedures should be aligned in such a way that they adhere to regulations and compliance matters. This might be a very big turning point for compliance in Africa.

    Reply
  34. Martin Mwaulambo

    TANZANIA

    The compliance officer’s role involves coordinating and monitoring the organization’s day-to-day AML/CFT compliance program. It is the second line of defense. Given the compliance officer’s responsibility to manage the organization’s adherence to AML/CFT regulations, frequent and consistent training is needed to stay abreast with regulatory requirements and emerging trends. Often, this will require the compliance officer to attend conferences or AML/CFT- specific presentations that are more robust in nature. This will help the compliance officer to avoid being liable for non-compliance issues every now and then.

    Reply
  35. Tinashe Nyamangara

    ZIMBABWE

    Intentionally or unintentionally, the repercussions of negligence for a Compliance officer are far reaching and may include fuelling money laundering, terrorist financing and corruption and if identified; reputational damage could be the least of the employer’s worries. So “YES”, its high time compliance as a profession be treated with the seriousness and respect it deserves. Personal liability is a noble idea and it will help in making sure compliance practitioners do no cut corners and instil integrity in all interactions. I am also sure that this move will make employers realise the risk involved in this profession hence reward accordingly.

    Reply
  36. Ayuk Arrey Ebott

    CAMEROON

    Compliance professionals should be aware of personal liability. The institution’s compliance manual, policies and procedures as well as regulatory guidance should be respected at all times. In all professions, personal liability should be the norm, which unfortunately is not, especially in Africa. In Cameroon and CEMAC countries (Central Africa) the new regulation on Money laundering, terrorism financing and proliferation, clearly states liability and punishment for the guilty. The regulations clearly states that financial institutions who are under a supervisory authority with disciplinary powers shall not be punished. This implies that while the employer, who is the bank is not held to charge, the staff concerned is responsible (art 114 -132). This is a rope round the necks of compliance professionals in the various institutions in our monetary zone. However, as the President rightly wrote, quote “The compliance officer is less likely to face personal liability issues if procedures and processes are followed accordingly as stipulated in the compliance manual.”unquote. That is the norm.

    Reply
  37. Mohamedhadi Hassan Noor

    SOMALIA

    The issue of personal liability had long stood when it comes to compliance heads or officers taking responsibility for the compliance shortcomings of their institutions. We have seen over the years, some global big financiers like HSBC-America, facing a similar predicament where they failed to meet the AML checks and balances. In this particular case, after senate probe, it was deemed that HSBC did not follow stringent AML procedures when dealing with correspondent banking as well as failure in reporting SARS timely among many findings. By and large, the compliance culture is not big in our own setting – Somalia; we are playing a catch up and our industry is not as sophisticated. The national regulator has done some strides in terms of laying the ground work for supervision. At the moment, we have six commercial banks and fourteen remittances in place. Somalia’s AM/CFT law was passed in 2016 and it outlines the compliance programs for these reporting institutions in combating AML/TF cases.

    Reply
  38. Hayford Annor

    GHANA

    The article’s position is the perception of personal liability by compliance professionals for negligence by financial institutions . The use of the words, presumed, assumed, etc were prevalent as a support to the argument. However, this “thought” of argument ought to be discounted completely in the discharge of the compliance function since liability is a matter of legal determination. This is a reason why the professional “ought to have known” as a matter of law to separate the”truth” from “reality”. The question we need to be asking is, what is the position of the law relating to personal liability to the compliance professional for negligence by the financial institution? This will determine the appropriate compliance risk management approach.

    Reply
  39. Alexandre Langa

    MOZAMBIQUE

    Personal liability for compliance staff is more of a positive move towards the enhancement of standards and professionalism. Compliance become a key function in the organisations especially in the financial sector. Compliance officers must have integrity to ensure that they stand their ground coming to compliance issues. When escalating matters there is enforcement of having evidences to make sure that they are protected in case of need. Compliance will start to receive that much needed attention from management especially in the provision of such needs like training of staff which is a concern now. Compliance officers should be well trained in order to perform their duties accordingly and thus reducing the risks of being held personally liable.

    Reply
  40. John Muvavarirwa

    TANZANIA

    Although personal liability is rarely applied by African regulators on negligent compliance officers, most African countries’ legal systems have provisions that allow for sanctions to be applied to both the company and individual officers. Note that these sanctions, in most instances, are not only limited to compliance officers but extend to every employee of the company who breach certain provisions of the AML/CFT laws. For example failure to report suspicious transactions where there are reasonable grounds to suspect that funds are the proceeds of criminal activity or in cases of tipping off, among others. What is only lacking in the African context is effective implementation of their own laws. This may be due to a number of reasons: 1. Most African compliance officers do not have sufficient tools to use in order to effectively monitor compliance and as such in most cases the blame will lie on the company 2. Some companies and their compliance officers may not have enough money to meet the regulatory financial penalties. Those that breach are most likely to be those operating in losses or with very minimal profits and they may not even be well capitalized 3. Most African prosecutors and judges are not familiar with AML/CFT laws even in their own jurisdictions so applying them may be a big challenge 4. Capacity issues in terms of having sufficient compliance resources to fulfil their functions. In some organizations, if not the greater chunk, compliance function is run by one or two men band while in some the compliance officer for prudential compliance is the same as the one for AML/CFT. Most boards do not consider compliance as an important function given its cost centredness. In such instances it would be very difficult to shift the blame to a compliance officer should any instance of non-compliance is identified.
    What I have realized is that instead of criminal or civil sanctions, most countries consider administrative sanctions – warning letters etc, unless if it is an exceptionally serious circumstance. Given the parity in the level of understanding between the African regulators and entities with their counterparts in the developed economies, the approach being taken by African regulators may be reasonable. What should be prioritized is education/ training/ capacity building and awareness in order to develop a culture of compliance from the most top politician down to the governor of the central bank before taking it further to corporate boards, ceos, senior management and all staff.

    Reply
  41. Isabel Fernando

    ANGOLA

    Such an interesting topic!
    The compliance professional has to understand that personal Liability is an obligation for which an individual is legal responsible for something. As an compliance officer, the very first thing that he/she has to be focus on, is the Compliance Manuel. The compliance Manuel is a document that contains guidance and supporting information, procedures, requirements in which the compliance officer has to follow up, and he/she fails to do so, this may lead to compliance negligence. Bringing to the African context, knowing that compliance career still being new in many African countries, employers has to make sure that his/her compliance professionals are being well trained and make sure that they are implementing the right AML/CFT programes and regulatory rules to support their employees in how to deals with compliance issues.

    Reply
  42. Nancy Kilimo

    KENYA

    Compliance officers should have regular trainings on the ever tightening regulations so as to be updated with what is required of them. Organizations should have all the required tools for smooth execution of compliance functions in the organization of which in most cases it is not so as the tools of service e.g screening softwares are pricy for the organizations. The role of the organization in the breach of the compliance laws by a compliance officer should be put in consideration.

    Reply
  43. Miguel Moiana

    MOZAMBIQUE

    Personal liability has become a major focus for regulators around the globe as they look a step beyond an organization’s role in compliance, taking a magnifying glass to individual accountability.
    As personal liability continues to find its way onto federal and state regulatory agendas around the globe, companies and compliance professionals alike should be prepared for the real implications of this change. Fines and suspensions are far from out of the question when it comes to an individual’s role in ensuring proper AML procedures are in place.
    A CHECKLIST – 4 WAYS TO PREPARE FOR PERSONAL LIABILITY CONCERNS There are a few key steps any compliance officer can take to be better prepared for the knock on the door from regulatory watchdogs.
    1. REGULAR TRAINING OF EMPLOYEES
    2. ENSURED ACCESS TO RELEVANT COMPLIANCE RULES
    3. DETAILED REPORTING OF COMPLIANCE TRAINING
    4. MONITORING OF THIRD-PARTY RISKS
    With fines and penalties specifically for compliance officers becoming increasingly common, there unfolds a challenge of not only ensuring that a corporation is prepared for regulatory scrutiny around AML procedures, but that individual compliance professionals within the organization are equipped as well. While regulators around the globe are looking at compliance officers under a large magnifying lens, there are key steps that can be taken to ensure an organization and its compliance professionals are prepared, including regular training, consistent reporting, access to relevant rulebooks and monitoring of third parties

    Reply
  44. Eveshnie Reddy

    SOUTH AFRICA

    Agreed Nancy – personal liability will remain an abstract concept if it is not entrenched in regulation. Both on an individual and organisational level, any compliance-related matter only becomes effective if the directive is mandatory and entrenched in legislation. However, personal liability requires a more holistic approach given the central element of ‘human-ness’. Perhaps what is needed is a multi-interdisciplinary approach that consists of emotional intelligence training and competence testing.

    Reply
  45. Emmanuel Conteh

    SIERRA LEONE

    Here in Sierra Leone, compliance officers do have many challenges they do face with their various employers. The roles of compliance officers are not clearly and properly defined. There are always conflicts of interest. They are not independent and they do not report to the board. They do not have authority. Although they say they rely on you, they don’t give you the financial and human resources necessary to do your job, to educate employees and management and compliance officers are not connected to the operations.

    Reply
  46. Mooketsi Ramanteba

    BOTSWANA

    I agree with all the above comments. It is inevitable that as our laws are updated and aligned accordingly, the same standards that are applied to other professional fields such as Accountancy/Medical professionals etc, will ultimately be applied to compliance professionals. At the same time, maybe the question to ask is, how can compliance professionals protect themselves from personal liability? My view is that among the key things is, competency of the compliance professional, which comes through the requisite training as well as professional development. Interaction with other colleagues/professionals such as in our association will definitely help. like others have said, the compliance professional must always document their advice so that when there is willful non-compliance, the evidence is there to exonerate the compliance professional, and beyond that to also evidence that the professional exercised their mind in an informed and reasonable way, even when mistakes on the part of the compliance officer are identified.

    Reply
  47. Julius Eleuthery

    TANZANIA

    As compliance Officers we are called to work with integrity and diligently have in mind that it is through our decision which will determine the future of our organisation or the society which we are living. Again as Compliance Officers we have to make decisions which are in accordance with our legislations in our respective countries. Many compliance officers do face challenges when executing their responsibilities, less attention has been put on them and at some point their contribution towards organisation has been disregarded whereby at the end of the day when the organisation found in breach by regulator for example all blames turns to compliance. Furthermore lack of proper training and exposure to compliance officers cloud also be a challenge this is due to the fact that since compliance field as of recent has been a growing industry within African countries it comes with its Intricacies hence most of compliance officers do suffer a lot in trying to align themselves with the current technology. It is from this point our organisation has to be blamed for the consequences that might happen. At some point also even Compliance officers are liable to their mistake in the organisation. (How?) Compliance officers are said to be the second line of defence in many organisations where they are duty bound to advise the business in a right way to avoid any possible fines or penalty that might be posed to the organisation. This can be possible only if the compliance officer play their role appropriately to avoid individual responsibility. To drive point home one can say that in order to avoid shifting of liability either to compliance officers or to our organisation, due care should be exercised to every staff within our respective organisation and also to make sure we abide to our country’s rules and regulations to avoid un necessary fines from our regulators.

    Reply
  48. Amit Sunkoorah

    MAURITIUS

    Compliance Officers can be made liable for negligence or ommission as a duty of care, this has been demonstrated recently in Mauritius where the principle accountant, of Mauritius Comercial Bank was made personally liable for ommission of control and excessive power. The exercise of excessive power in the performance of his duties leading to ommission of the duty of care by a professIonal led to Money Laudering and charged under the FIAMLA. I would agree to the fact that the mere ommission by a professional should make him personally liable because an organisation is employing someone based on his skills and abilities to perform his duties conferred to him with integrity and professionalism. He or she failing to do so is negligent and unprofessional by him or her only and not by the organisation unless there has been instructions by the board of directors to perform tasks in a such a manner for a common interest.
    Below is the case of MCB mentioned above:
    Port-Louis, Mauritius (PANA) – Mauritius Commercial Bank (MCB), the country’s largest bank, was on Friday found guilty of money laundering by a court in Port Louis.

    In the case led by the Independent Commission Against Corruption (ICAC), the MCB was accused of failing in its task of regulating its internal control system against fraud of 886 million rupees (Rs. 35 = $ 1) to the detriment of the National Pension Fund (NPF), which was uncovered in 2003.

    In their judgment, magistrates pointed out that the MCB failed to conduct regular internal audits, so that fraudulent transactions were not detected for years.

    They also pointed out that Robert Lesage, an MCB employee, remained without adequate supervision and had excessive powers.
    I agree with this judgement and the MCB employee was rightly found guilty.

    Reply
  49. Freedom Frederick Gudu

    GHANA

    Very valid augments embellished with practical examples above. Very thoughtful and valid indeed. One of the surest ways of finding yourself facing criminal or civil sanctions is by directly involving yourself in the activity that prompted the compliance action to begin with.
    For compliance professionals to avoid being personally liable, we must ensure a strong culture of compliance, monitor our third-party vendors, make sure our compliance programs are complete and always up to date, and act on information immediately. By doing all you reasonably can in your own capacity to minimize corporate wrongdoing, you’re also minimizing your own likelihood of facing individual criminal or civil sanctions.

    Reply
  50. Márcia António

    ANGOLA

    The fact that the compliance professional can be held personally liable in the line duty is a good reason for him or her to seek certification to ensure that the knowledge and ability to perform the duties have been acquired. And at the same time, it is a reason why companies that employ compliance professionals must pay them properly, not only for their qualifications, but also for the importance and risks that come with the function.

    Reply
  51. Denis Rodrigues

    CAPE VERDE

    The challenges of the Compliance Officer, is the theme of the moment especially in African region, because it is essentially a new theme! Cape Verde, which by imposition of international partners such as the FATF, GIABA, US, USA, we have recently been confronted with the publications of new notices by the Central Bank of Cape Verde, entity responsible for regulating the banking sector regarding AML /FT . The truth is that we have legislation that is a combination of the Fourth European Directive with American legislation which makes the penalty regime has based on American practice. The Compliance Officer in Cape Verde is subject to the following penalties can be banned for 10 years from the financial system by decision of the Central Bank, and is at risk of being condemned the penalty of imprisonment from 4 to 12 years, is at risk of individual penalties around 2,500 USD to 25,000 and in cases considered particularly serious the amount of the penalties can increases to USD 4,000 to USD 30,000, we are talking about penalties in a small country in which Compliance is new in the Financial Institutions and the Central Bank that by irony still does not exist the position of Compliance Officer. Because of all these responsibilities, I agree with my friend and colleague that in a recent training on the Compliance Function, he said that the best decision to take was to resign from the position because the risks do not compensate when compared to the current salary banks pay the Compliance Officer in Cape Verde …. and he said a great truth !!

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *