Compliance Audit

• Compliance Audit for Trust Offices
• Compliance Audit for Financial Institutions

The compliance audit is a process of independent control of the AML/CTF processes and their effectiveness in a company. In the Netherlands it is an obligation to undergo such audit for certain kinds of enterprises working in the financial area of business, such as trust offices. This obligation is laid down in the legislation, e.g. in Sound Operational Management to Act on Supervision of Trust Offices (Rib Wtt), where it is specified that the compliance audit must be performed independently and effectively. This means that the auditor must not be involved into any activities being audited, and must be independent from any hierarchy lines within the company. Therefore, companies which cannot financially justify having a full-time auditor position separated from operational and compliance activities, have a need to turn to an external auditor.

The audit consists of one or more visits to the premises of the client, reviewing the relevant client’s policies, rules and other kinds of internal documents, reviewing sample customers’ dossiers (if applicable), interviewing relevant employees, consideration of facts and issuing the audit report.

Naturally, a company may also request a voluntary compliance audit if its management or stakeholders deem it necessary to receive an assessment of sufficiency and adequacy of the compliance procedures and policies, and thoroughness in tackling integrity risks.