We have no appetite for deliberate or purposeful violations of these and conduct business with due skill, care and diligence to avoid negligence. All identified breaches of requirements are addressed as soon as practicable.
According to the Sanlam Group governance policy, compliance is one of the tight areas of governance. The Board is tasked with ensuring that all Group companies have appropriate processes and structures in place to identify, manage and report on their compliance obligations and exposures.
The Sanlam Group compliance policy outlines Sanlam’s compliance obligations. It is supplemented by the Group compliance principles and standards. Together these set the minimum standards for compliance to be applied by all Group entities.
Ultimate accountability and responsibility for ensuring and overseeing the management of compliance in Sanlam resides with the Board. The Board sets and oversees the implementation of Sanlam’s corporate culture and strategic pillars, including its compliance strategy and compliance risk appetite, in line with Sanlam’s long-term interests and viability.
Each entity has a robust and independent compliance function that advises, guides and assists the boards and senior management in discharging their compliance responsibilities. All compliance functions are appropriately authorised, positioned, resourced and provided with reasonable, ongoing access to all relevant employees, information and documentation to discharge their responsibilities.
At a governance level, the Board delegated the responsibility to oversee the management of compliance risk to the Risk and Compliance committee. The Social, Ethics and Sustainability committee also oversees certain aspects of ethics management. These committees’ specific obligations are set out in their respective committee charters.
For Sanlam to be resilient and sustainable, we have to be conscious of blind spots when considering our compliance landscape. A complete compliance universe ensures that the Group can comprehensively identify our responsibilities and regulatory requirements. We measure our level of compliance maturity by the completeness and reviews of documented compliance universes for each cluster. Compliance universes allow us to prioritise compliance priorities for the Board and management.
We track the number of completed compliance risk management plans for each compliance requirement identified as core in the cluster compliance universe as well as the number of compliance incidents, compliance events and compliance breaches. The latter are important indicators of the effectiveness of a compliance risk management system.
Financial institutions with a global footprint, such as Sanlam, experience additional compliance challenges due to the complexity of a growing body of international regulation which seeks to impose obligations on a global scale.
A growing number of jurisdictions are resorting to regulation with extra-territorial effect, so-called “long-arm” laws, to regulate a variety of areas such as consumer protection, data privacy, financial crime and tax evasion. Examples include the European Union’s General Data Protection Regulations (GDPR), the USA’s Foreign Corrupt Practices Act and Foreign Account Tax Compliance Act (FATCA), the Organisation for Economic Co-operation and Development’s Common Reporting Standards for exchange of tax information, the United Kingdom’s Bribery Act and Criminal Finances Act and the various sanctions regimes imposed by the United Nations, the European Union, UK and USA.
Where Sanlam entities are out of reach of even long-arm laws, peers and counterparties regularly introduce compliance obligations via so-called “soft-law” in the form of contractual obligations or basic terms and conditions for doing business. Examples of soft-laws include insistence on Sanlam’s commitment to contractual obligations to adhere to the GDPR as well as the USA’s Office for Foreign Asset Control sanctions regime and FATCA.
The Board and Executive committee adopted the Group compliance policy and the Group compliance principles and standards in 2017. These collectively form the basis of Sanlam’s response to challenges posed by the regulatory environment. These provide for appropriate structures and reporting mechanisms to address the anticipated requirements of group supervision.
At the heart of Sanlam’s actions is the promotion and continued enhancement of a corporate culture of compliance. A major focus for the compliance functions in the Group in 2020 will be to create greater awareness, understanding and acceptance of the respective roles and responsibilities of the Board, management and the compliance function in respect of compliance risk management.
The implementation of a Group compliance management system commenced in January 2020. This will ensure an improved flow of compliance-related management information to enable an effective compliance risk management process.