Compliance
There is no single, clear-cut definition of the term compliance. In its literal sense, compliance simply means adherence.
A common definition is:
“The promotion and monitoring of adherence to external and internal rules that are relevant to the integrity of the organization. The rules and standards set by the organization itself are explicitly included in this.”
In recent years, however, the role of compliance has shifted. Rather than focusing solely on monitoring rules, it is increasingly about fostering integrity. For some organizations, the following definition therefore feels more appropriate:
“Compliance is strengthening the integrity of the organization, its governance, its employees, the market, and its data.”
In general, the responsibilities of a compliance officer include:
- Defining the scope of the compliance function
- Carrying out compliance risk assessments
- Advising on and co-developing internal policies that translate legislation and external regulations into practice
- Raising awareness of compliance among the board of directors, supervisory board, and employees
- Conducting or overseeing monitoring activities to ensure adherence to laws, regulations, and the organization’s own values and standards
- Engaging in consultations, both internally and externally
- Acting as a contact point in relation to legal requirements and internal integrity issues
- Serving as the primary contact for regulatory bodies such as the Authoriteit Financiële Markten (AFM) and De Nederlandsche Bank (DNB)
- Reporting on compliance activities performed
- Advising on sanctions
- Staying up to date with changes in laws and regulations, regulator guidelines, and relevant societal developments and expectations
Under Dutch financial supervision laws, including the Financial Supervision Act (Wft), the Anti-Money Laundering and Counter-Terrorist Financing Act (Wwft), and the Trust Offices Supervision Act (Wtt), financial institutions are required to have a compliance function in place.
The law does not explicitly require the appointment of a compliance officer. However, in practice, appointing a compliance officer is the most common and effective way to fulfill the compliance function.
For organizations outside the financial sector, there is no legal obligation to establish a compliance function or appoint a compliance officer. Even so, more and more non-financial companies are choosing to do so because they see the added value of compliance expertise.
Yes, the compliance function may be outsourced, provided that it is set up and carried out in an adequate manner. Factors such as the nature, size, and complexity of the organization must be taken into account, as well as ongoing control of critical processes including governance, operations, and client services. Even when the function is outsourced, the organization that outsources remains ultimately responsible for complying with legal obligations.
Our view is that the compliance function is best performed internally. However, if an organization lacks sufficient capacity or expertise, outsourcing can be a practical solution. In that case, an external compliance officer should always work closely with an internal contact person in order to jointly carry out the compliance function. The responsibility for compliance will always remain with the organization itself.
In 2001 the Association of Compliance Officers (VCO) was founded. The association regularly organizes member meetings to exchange knowledge and experiences. You can apply for membership through the VCO website, where the admission criteria are also available.