The AMF publishes the findings of its inspections on the role and involvement of the compliance function at investment services providers

This publication examines the role of the compliance function in cross-functional systems, which are usually managed and coordinated by the Human Resources Department (HRD), in order to ensure full compliance.

The AMF noted that the role and involvement of the compliance function was not identical at the institutions on the panel, for a variety of reasons. With regard to disciplinary measures, the compliance function is correctly positioned, which demonstrates the attention paid by each institution to compliance with ethical rules. On the other hand, in the area of remuneration, this function, although central, has limited access to the information it needs to carry out its duties in full, due to restrictions on access to the most relevant data on the variable remuneration awarded to employees at three of the four institutions on the panel. In this context, any conclusions as to the satisfactory nature of the compliance checks carried out are likely to be erroneous.

The AMF conducted this series of “SPOT” (Operational and Thematic Supervision of Practices) inspections at four investment services providers (ISPs) that carry out financing and investment banking activities (FIB), in order to have a homogenous panel and comparable information. The four institutions analysed all belong to large international banking groups.

The AMF examined the role and involvement of the compliance function in the following areas:

1. Assessing employee knowledge and qualification against regulatory and internal requirements;
2. Drafting, implementation and monitoring remuneration policies, in particular to ensure compliance with applicable principles;
3. Establishing and overseeing disciplinary measures, both to address regulatory breaches and to ensure compliance with internal rules;
4. Monitoring personal transactions through the personal transaction monitoring system.

1. Logically, the compliance function has the role of expert as regards the content of the regulatory training courses to be given. This consists of ensuring that the training courses indeed meet the regulatory requirements, are up-to-date and are appropriate for the employees targeted by this training based on their roles.
2. The regulations give a central role to the compliance function, which is responsible for advising the management body on the remuneration policy before it is approved. However, for three of the four providers examined, no evidence could be adduced that this advice was effective. In addition, the majority of the service providers do not give the compliance function access to key information and data relating to remuneration. This is reserved for human resources and line managers.
3. The AMF notes that the contribution of compliance teams to the development of disciplinary procedures remains limited, while the compliance function does play a central role in analysing regulatory breaches committed by the institutions’ employees.
4. Whether the institutions have chosen a single system for all staff or to categorise employees based on their access to confidential or inside information, all the institutions on the panel have set up a system for pre-approving personal transaction requests. This mechanism requires the approval of the compliance function, which, when examining these authorisations, ensures that the transactions comply with the rules applicable to the employee. In addition to these upstream checks, most institutions also entrust the compliance function with carrying out a posteriori checks, based on an examination of the supporting documents submitted, with the exception of one institution on the panel.

Among the good practices, the AMF identified the following points:

• considering the failure to follow regulatory training courses within the required timeframe as “risky behaviour” and reporting this as such in the annual employee evaluation;
• taking into account, as part of the annual employee evaluation, compliance with the applicable internal rules and procedures, and thereby valuing employee adherence to ethical obligations;
• having a specific tool for managing personal transaction pre-authorisation requests;
• implementing a system for monitoring regulatory breaches by employees of their professional obligations identified by means of controls carried out by the compliance function.

Among the poor practices observed, the AMF identified:

• not offering compliance function employees the opportunity to take the AMF Certification;
• not providing for sanctions, particularly of a financial nature impacting variable remuneration, in the event of serious or repeated breaches of the provisions governing personal transactions;
• failing to implement controls enabling the compliance function to ensure that any sanctions imposed are correctly recorded in the HR monitoring tools.

This "SPOT" analysis will be followed by a second part focussing on other market participants while addressing similar themes.

About the AMF
The AMF is an independent public authority responsible for ensuring that savings invested in financial products are protected and that investors are provided with adequate information. The AMF also supervises the orderly operations of markets.Visit our website: https://www.amf-france.org/en