The views and opinions expressed in this article are those of the thought leaders as an individual, and are not attributed to CeFPro or any particular organization.

What are some best practices for managing disconnect across international expectations and enforcement?

Rob: First, have adequate and intelligently deployed compliance and legal resources. Be cognizant of regulatory and enforcement expectations within each of the jurisdictions relevant to the corporate’s operation. In doing so be mindful of manufacturing, fabrication, and back-office locations.  It is a mistake to think exposure is limited to HQ.  It is equally a mistake to concentrate all compliance and legal attention on the perceived “bigger” enforcement authorities.  Routine and frequent risk assessments of operational challenges, and changes engendered by geographic growth, acquisitions or new product lines are essential to managing global risk.

Zandi: I agree completely with Rob. I would also add that there needs to be a good deal of communication between the business, compliance, and regional and HQ functions and offices. Disconnects may arise from simple misunderstandings or assumptions based on perceptions of a certain jurisdiction’s laws that are unfounded. It’s important for all stakeholders to listen and hear each other.

Can you provide an overview of the impact that regulatory disparities have on assessment of risk and compliance resources?

Rob: Differing rules and differing regulatory and enforcement expectations and appetites can wreak havoc with how to distribute legal and compliance resources within company operations.  Corporates function best when they can assess business and compliance risks.  Mismatched and uncoordinated regulatory regimes make this very difficult. This situation also greatly enhances compliance fatigue.  Shifting enforcement and regulatory sands place legal and compliance in the position of constant reassessment of risk and how best to address oversight by local and international authorities – without the benefit of certainty.

Zandi: Regulatory disparities often create disconnects between the business and compliance and between regional and HQ functions in corporations. Such disparities can also create justifiable frustration: if something is legal in one jurisdiction, what right does another jurisdiction have to prohibit that activity across the entire company? Again, the key here is communication. Taking the time to help all business units and regions understand regulatory requirements benefits the corporation overall in terms of compliance and can ultimately increase corporation-wide efficiencies.

What are some challenges that institutions are facing with AML/KYC and beneficial ownership?

Rob: This is an area where US, EU and other national authorities overseeing AML compliance have been moving most aggressively.  Corporates need to assess and upgrade where necessary their due diligence procedures and third-party support in these areas.  Beneficial ownership is being redefined and it substantially broadens the meaning and its reach, which increases the effort necessary to obtain this information for internal compliance processes. What used to be largely a formulaic beneficial ownership inquiry, which looked primarily to percentage ownership, has become more nuanced and focused on control.  This is harder to determine.

Zandi: Again, I agree completely with Rob. Regulators everywhere are becoming more demanding in their pursuit of shell companies and in identifying the true beneficial owners of entities and assets. In the U.S., under the AML Act of 2020, regulators are going even further, taking some of the inquiry out of banks’ hands and creating a national beneficial owner registry management by FinCEN. Regulations are also expanding to include industries not previously subject to AML/KYC regimes.

What are some examples of approaches to meet regulatory expectations?

Rob: Increased and intelligent use of digital compliance technology.  This will not replace the need for the professional and human component of compliance, but digital and AI programs can sort and centralize — on user-friendly compliance dashboards — broad legal and regulatory requirements across the Globe.  These programs can also synthesize significant compliance data, organize trainings, and provide metrics for ongoing compliance assessments.  To the issue of the human compliance component, the increased professionalization of compliance and the growing number of graduate programs focused on compliance will elevate the skillset of the compliance profession and improve responsiveness to increased regulatory expectations.

Zandi: Keeping an honest line of communication open with regulators can help tremendously in meeting regulatory expectations. Regulators are often more willing to work with corporations that they view as competent and trustworthy as opposed to corporations that they view as hostile. Additionally, regulatory expectations can shift over time and discussing such changes (or perceived changes) with regulators can help corporations ensure they are accurately interpreting regulatory expectations and staying on the right side of those expectations.

Rob and Zandi will be speaking at our upcoming Fraud and Financial Crime Summit, taking place on September 20-21 at One America Square