Part of an organisations risk control framework is to provide effective and efficient policies, standards and procedural guides. These documents set the operating principles, provide the rules and controls that will help enforce policy and show staff and management how things get done or should be performed in line with policy & processes.
Within the realms of financial crime prevention, these documents are key in detecting, deterring and preventing financial crime. Quite often, we do find that some firms do not know the differences, intent, purpose or format of how these documents should look like, what they mean or should be doing.
The distinction between what, why and how to do things are mixed up in the design, application and the effectiveness of the documents. The end user (i.e. employee) is muddled up by long, overly complex and less attractive documents that the end result quite often is an employee tends not to read the documents. This is a disadvantage to the employee and a risk to the organisation from an operational, regulatory and reputational standpoint.
Challenges and Opportunities
Quite often, Kaizen and its experienced practitioners are asked to design a policy or procedure for a firm’s financial crime transformation programme. When asked as to the “governance process” for change and the need, the general answer is we simply need a new policy or procedure for XYZ Limited.
After a few questions and probing, we come to the conclusion that the organisation either doesn’t have a policy or procedural document in existence or they have a single document covering several facets of the financial crime programme. (i.e. a single combined policy for AML, Sanctions & AB&C).
There are several challenges here. There is a clear gap in operational risk control, a mis-match and deficiency in both the application and direction on what to do, when to do it and how to do it. Organisations therefore need to understand the differences in the hierarchy of the document type in order to know what they need.
This is achieved by knowing what each document stands for, what it should contain and what format it should take. The diagram and further guidance below gives us an idea of what this is like:
They are ‘high level’ statements which sets out your primary goal, expectations and defined processes and let your employees and management know why they need to do certain things defined by law or regulations. Examples are your AML, Sanctions or AB&C Policies.
They are an acceptable level of quality and expectation of performance which lets your employees and management know what the code, rule or minimum level of comparison is on any given principle, conduct or process. Examples are 3rd Party Due Diligence Standards or Code of Ethical Conduct.
They are a document that sets out an official established way of doing things. They are often identified through a ‘step by step’ guides with end to end process flows that define a series of actions conducted in a certain order or manner. Their aim should be to serve as a training material and help reduce variation. Examples are KYC Procedures, Transaction Monitoring Procedures etc.
These are sets of rules that are more advisory in nature and aim to streamline certain processes. They are issued to serve as a supplement to a procedure and provide additional support and context to a process. Examples within Financial Crime prevention are Wolfsberg Principles, a firm’s guideline on types of ID&V alternatives etc.
Our Point of View
Organisations in their fight against financial crime need to be able to arm themselves with the right people, the right skillset and the right experience in identifying, managing and preventing financial crime. This cannot be achieved if the documents meant to identify the risk, define the business’s risk management framework and prescribe the work flow processes and controls aren’t fleshed out in writing and within a holistic, practical and effective manner.
Kaizen has a set standard when we draft such documents for our client. The rule is that to guarantee effectiveness and efficiency of our documents, they must be:
- Simplistic in nature
- Exhibit clarity
- Demonstrate consistency
- Show adaptability with existing documents
- Be relevant & realistic
- Connect seamlessly with supplementary documents
We need the drafting of the document to follow a standard consistent pattern which will increase the probability of the documents being read and followed; both consistently & correctly, by our client’s staff.
How we Help Companies Succeed
Kaizen takes pride in designing bespoke policies, standards, procedures and desk book guides. We do not believe in delivering an “off the shelf” documentation, but rather we do the following:
- Listen to the clients need
- Analyse the draft request
- Determine suitability of choice
- Identify the gaps
- Gather information by observing the client’s operations
- Recommend and agree a desired/efficient format
- Commence drafting
- Consult with appropriate stakeholders
- Conduct a test run to determine suitability
- Finalise and secure approval
- Evaluate effectiveness post delivery
We aim to deliver on a draft that is simple, understandable, applicable and tailored to the exact need or recommend style needed to achieve purpose and effectiveness.
The ‘value add’ delivered is that the documents are easy to read and follow and several functionalities within the word document such as “the use of hyperlinks, charts, process flows, tags etc” are purposefully inserted to aid user friendliness and encourage employees to read, understand and apply the guidelines within the document.