Feedback from our compliance monitoring thematic examination
We have published feedback from our 2024 compliance monitoring thematic examination.
The examination evaluated adherence to key elements of Principle 3 of the sector-specific codes of practice and section 2 of the AML/CFT/CPF handbook. Specifically, we assessed how firms:
- tested compliance with internal policies, procedures, and applicable legal and regulatory requirements
- verified the effectiveness and implementation of systems and controls
- took timely and appropriate action to address identified deficiencies
Key findings
Overall, our thematic examination showed a good level of compliance with the obligations relating to compliance monitoring with no key trends identified. Consequently, firms in the main were seen to be monitoring, managing and mitigating their risks effectively.
Areas where we identified the most findings were in relation to internal systems and controls specifically:
- ineffective testing
- inadequate policies and procedures
- inadequate and/or inaccurate records
When compliance monitoring is ineffective, weaknesses in a firm’s control environment may be missed or overlooked, and the board may not have an accurate understanding of the level of risk present in the business. This increases the risk of non-compliance with legal and regulatory obligations and may result in a conduct risk crystalising or an increased risk that the business may be involved in facilitating financial crime.