Governance, Risk and Compliance (GRC)

Unleashing Governance, Board Oversight, Board Committees and Management    Governance Board of Directors and Board Sub-Committees Institutions such as banks, money service businesses (MSBs), payment gateways, financial technology (Fin-Techs), eCommerce, Manufacturing, trading, and other organizations need to develop and implement strong Governance Structures and Mechanisms to manage the affairs of the institution.       Shareholders are required to ensure that they hire a dedicated team to oversee the overall business and operations on their behalf, therefore to govern the institution the Board is formed and suitable and experienced members are hired to join the Board. The Board of Directors may be dependent and independent, depending on the applicable Governance requirements, such as the Code of Corporate Governance implemented by regulators in the country.  Board Committees The Board of Directors forms different sub-level board committees to dedicatedly oversee specific matters and i

KYC/CDD at Different Stages of Customer Lifecycle   Customers need solutions to their needs and wants and explore different financial options, to choose suitable institutions for collaboration and services. They need quick responses and easy solutions to their account opening and financing needs.  The financial objectives of the customers might include obtaining finance or funds, to utilize or invest in some profitable business or company or they may require other services that these financial institutions provide, such as credit card, payment gateway, digital payment solution, etc. When we talk about the financial service industry, such as banks, money exchange businesses, money service businesses (MSBs), remittance companies, insurance houses, payment gateways, etc. the needs of most of the consumers are linked with their financial objectives. 

Who Is Your Customer?  A customer is a person, including the individual, business, corporate, organization, etc. to whom the products and services are provided, as part of the business relationship. Customers are the source of business and profits for the organizations.  Customers are required to be treated with care and in an ethical manner, and regulatory authorities require companies and organizations to ensure that fair dealing policies and practices are adopted and implemented. Types of Customers? Customers may be real person or individuals or legal businesses or entities. Customers usually include  salaried individuals,  business start-ups, sole proprietors, traders, housewives, small and medium enterprises, corporate entities, not-for-profit organizations, charitable organizations, welfare trusts, governmental organizations, etc. Nature and types of customers vary from organization to organization.  Customers may belong to different jurisdictions or countries therefore; they pos

Introduction to Compliance Risk Assessment Before starting the Compliance Risk Assessment (CRA), it is important to know about some important factors that increase the importance of performing CRA. High competition, changes in business practices, complex products and operations, adoption of technology and digital payment mechanisms, increase in expectations of customers, and increase in numbers of financial crimes, including but not limited to money laundering, frauds, insider trading, human trafficking, market abuse, etc. have led to the emergence of new risks, including compliance risks. This is because, in order to control the above-mentioned broader risk factors, the organizations or institutions are required to take appropriate and robust measures, to ensure that these risks are managed to avoid losses, including financial and reputational losses. Regulators are also working to further, strengthen the regulatory frameworks, which are required to be complied with by the organizatio

01   What Is Compliance? Compliance means efforts put in by the management and employees of an organization or institution, to ensure that applicable Laws, Regulations, Standards, Rules, etc are complied with. 02   Is Compliance a One-Time Process? Compliance is not a one-time process or activity. Compliance is a continuous process, because Regulators all around the world, continuously work on improving the regulatory framework in different domains.  Regulatory authorities and bodies, revise the existing Regulations, Rules, etc. and they also issue new Laws, Regulations, Standards, Directives, etc. due to various reasons including changes in the market dynamics, business practices, emerging risks, use of technology, the introduction of digital payment mechanisms, etc.  Applicable requirements issued by the relevant Regulators are required to be complied with by the relevant organizations, institutions, companies, etc. for which those are issued by regulatory authorities.     Examples o

Introduction: One of the important Regulatory Compliance requirements of Anti-Money Laundering Frameworks is the performance of activities which is known as Customer Due Diligence.  Before onboarding, the customers are unknown to the company or business because of the non-verification of identification information of the prospective customer.  Due diligence is a process that is performed, to assess the possible risk of Money Laundering or Terrorist Financing (ML/TF), associated with the prospective customer. Due diligence enables organizations to avoid onboarding criminals such as money launderers or terrorists and associated people or organizations. Without performing due diligence, the organizations carry the risk of dealing with customers who may be money launderers, terrorists, or other criminals.   In the past, various organizations, especially banks have been  significantly   penalized by the regulatory authorities, due to the weak Customer Due Diligence (CDD) and Know Your Custo

Use of Data Analytics by Compliance Function   Data analytics or simply analysis of data in a meaningful form is the need for various functions and departments working in an organization. Similar is the case with the Regulatory or Compliance function, of the organization, which is established to ensure compliance with applicable regulatory requirements, by the management and employees of the organization. Data re quired to assess the compliance status may be dispersed in different departments and systems, which need to be identified and extracted on a timely basis. One of the problems is the legacy data, which may be incorrectly maintained, by the business and operation departments of the organization.  For example, the information related to account opened by the organization of different customers may be dispersed with different business departments or branches. Such information may contain errors or violations of applicable regulatory requirements due to various reasons including hu

What Is Regulatory Compliance To understand Regulatory Compliance, we need to know about Compliance first.  What is Compliance? In general terms, Compliance means the act of identifying and practicing the particular information, received from some reliable source. Now, if we think about Compliance by a business, entity, or organization, then Compliance will be defined as follows: Compliance means the identification, understanding, and practicing of the provisions of applicable laws, regulations, standards, policies, circulars, etc. that are issued by the State or the Regulatory authorities. Now, Regulatory Compliance means, compliance with the provisions of applicable regulations issued by the regulator. Who is a Regulator?  Regulator The Regulator is the supervising body or institution, which issues a license, provides directions, issues frameworks and regulations, and provides oversight to the entities or organizations, which are registered with it.  For example, The Securities and E