ABSTRACT
Compliance as a discipline is well developed, with dedicated education, qualifications, and well established compliance institutes. External compliance may be achieved using a range of approaches. At the more basic level, periodic manual sign off by management of compliance with external requirements is used. The objectives of external compliance are to: provide assurance that the organisation is complying with all material external requirements; and provide a framework to assist in achieving that compliance. Compliance as a function is a critical component of any operational risk management framework. To be most effective, the compliance function should be: an integrated component of operational risk management; cover both external and internal compliance; linked directly to the external regulatory requirements; linked directly with the internal controls that have been identified and assessed as part of the risk and control self assessment process; and Supported by a strong compliance culture which includes formal and well understood escalations and follow-up actions.
