ESMA on organisation compliance function

ESMA has published guidelines for the organisation of the compliance function in investment companies. These guidelines come as a result of the requirements of the MiFID (and the Wft) in the field of compliance function organisation, and apply to all European investment companies, including banks that render investment services or perform investment activities. From 28 November 2012 all investment companies are expected to comply with these guidelines. These guidelines can also be very useful to other financial bodies to help them measure the quality and efficiency of their own compliance function.

In this news item we will take a better look at these guidelines.

What are guidelines and what is their status?
ESMA has the authority to issue so-called guidelines. The purpose of these guidelines is to ensure that European regulations aimed at financial markets and their participants, like the MiFID, are consistently put into place, complied with and monitored. Although guidelines do not have any (formal) legal power, on the basis of the European regulation national supervisors and participants on the financial markets must ‘make every effort’ to comply with these guidelines. Guidelines have therefore clearly less of a voluntary nature than for instance interpretations or guidance.

What are the implications of the guidelines on the compliance function?
The guidelines issued by ESMA concerning certain aspects of the MiFID-requirements for the compliance function (ESMA/2012/388) consist of eleven specific guidelines covering three topics. These topics are as follows:

  1. Responsibilities of the compliance function (guideline 1 to 4)

  2. Organisational requirements to the compliance function (guideline 5 to 10)

  3. Evaluation of the compliance function by national supervisors (guideline 11)

Each of these eleven guidelines covers another topic. Per topic first the general principle is described and then different, concrete stipulations concerning content are laid down. Some of these stipulations are relatively principle-based and general, others are more rule-based and detailed.

We will now take a look at the guidelines concerned with the first two topics. The third topic is specifically aimed at the role of supervisors such as the AFM and is less relevant for investment companies.

Responsibilities of the compliance function
Topic 1 is covering the responsibilities of the compliance function and consists of four specific guidelines. These are:

  1. requirements regarding periodical compliance risk assessments
  2. obligations regarding monitoring
  3. reporting obligations
  4. opportunities to give advice

The first guideline states that ESMA sees a supervising as well as a clearly advising role for the compliance officer. Apart from this the guideline states expressly that the compliance function, in the performance of its activities, must be aimed at the most important compliance risks the company has to deal with. In order to keep view of the most important risks ESMA expects investment companies to regularly perform a ‘compliance risk assessment’.

The results of the periodical compliance risk assessment and particularly the most important signalled risks must be the basis of a prioritised monitoring programme put together by the compliance function. The purpose of this is to establish whether the investment company complies with all relevant laws and regulations. ESMA states explicitly that the monitoring programme should not be explicitly ‘desk-based’, but that one also has to establish, by means of inspections for instance, whether procedures are complied with in practice. Guideline 2 makes a number of other demands on the monitoring activities.

The third guideline describes the nature and the content of the internal reporting obligations of the compliance officer. While the MiFID only demands reporting ‘in case of affairs concerning the compliance of legal rules and internal rules’, stating in particular which measures have been taken in the case of signalled shortcomings, ESMA lays down in its guideline an extended list of the topics to be incorporated in the reporting. Among other things, one must indicate which inspections have been carried out by the compliance officer, the most important compliance risks according to the compliance officer and how relevant changes in law and regulations are guaranteed within the organisation.

The last guideline of the first topic is more general and stipulates among other things that a ‘compliance culture’ must be promoted within investment companies, that employees involved in rendering investment services must be trained continuously and that the compliance function must be taken into account with regard to important adjustments in the organisation and the development of rules of conduct and procedures within the company.

2. Organisation of the compliance function
The second topic concerns the organisation of the compliance function and consists of six specific guidelines. These are as follows:

  1. efficiency of the compliance function
  2. continuity of the compliance function
  3. independence of the compliance function
  4. efficiency of the compliance function in smaller investment companies
  5. combination of the compliance function with the internal monitoring function
  6. outsourcing of the compliance function

The fifth guideline seems quite general at first sight, but has many details in the supporting guidelines. This guideline stipulates that the compliance function must dispose of sufficient means, authority and expertise and have access to the information relevant for the adequate performance of its tasks.

Guidelines 6 and 7 regulate the ongoing implementation and ensuring the independent interpretation of the compliance function respectively, while guideline 8 gives (small) investment companies the obligation to keep a good record of how they interpret the compliance function within the scope offered by the MiFID for smaller parties.

The ninth guideline describes the circumstances and conditions under which the compliance function may be combined with other functions in the investment company. To conclude, guideline 10 prescribes very specifically which requirements need to be met should an investment company (a part of it) want to outsource the compliance function.

What to do?
The guidelines issued by ESMA offer a clear interpretation of the norms of the MiFid concerning the organisation of the compliance function, which are sometimes relatively open. This not only gives financial companies a more concrete view of the supervisor’s requirements regarding the organisation of the compliance function, but they also see more clearly how at the same time the scope for their own interpretation is also limited by this.

Although ESMA and the AFM have hardly given any publicity to the Guidelines, investment companies are considered to comply with these from 28 November 2012. Charco & Dique recommends all investment companies, the larger as well as the (very) small ones, to test in the short term whether the compliance function in their organisation is organised according to the guidelines issued by ESMA and which improvements need to be carried out. It is true that guidelines have no legal power, however they have to be considered as a far-reaching form of ‘guidance’. Deviation from the guidelines is permitted, but the investment company will have to have a good case for doing so.

Although the guidelines are formally only aimed at investment companies, the stipulations are also very useful for other types of (financial) organisations to evaluate or improve their compliance organisation. Charco & Dique recommends that other financial bodies should therefore also use the guidelines when (periodically) evaluating the compliance function. Charco & Dique can help you with this.

Examples of activities we can perform for you:

  • Testing whether your compliance organisation is organised according to guideline requirements, such as the scope small investment companies have in completing the compliance function effectively
  • Helping you think about the way in which you can best give form to the guidelines’ requirements
  • Drawing up an implementation plan to improve your compliance organisation
  • Drawing up and implementing procedures and measures
  • Temporary or permanent filling of the function of external compliance officer

For more information you can contact Charco & Dique via telephone number +31 (0)20-4165403 or e-mail address