Legal guide – Compliance Officer’s Reports
Except where a specific exemption applies, an entity holding a BVI financial services licence (each a licensee) is required under the Financial Services Commission Act 2001 (the Act) to appoint an individual approved by the Financial Services Commission (the Commission) as its compliance officer (the Compliance Officer).
As part of his or her core functions, as articulated in the Regulatory Code 2009 (as amended) (the Code), the Compliance Officer must prepare and submit to the Commission an annual Compliance Officer’s report (COR) detailing the level of the licensee’s compliance with the Code and any other applicable financial services legislation.
Download a PDF of our Legal Guide – Compliance Officer’s Reports
When are CORs due?
There was previously no express deadline for the submission of CORs. However, as a matter of convention, a licensee would have up to 12 months after the end of the year to which the report relates to submit its COR to the Commission. Following the amendments to the Code as contained in the Regulatory (Amendment) Code 2019, which came into force on 13 November 2019, a licensee is now required to prepare and submit its COR to the Commission within 3 months after the end of the year to which the report relates. Accordingly, all licensees must submit their CORs relating to the 2020 compliance year by 31 March 2021.
What should a COR contain?
The Code sets out, in precisely the following terms, the minimum details that a COR should contain:
- the number of persons employed by the licensee;
- the names and positions of those employees who participated in any training, the content of material covered, the dates of any such training and a copy of the licensee’s training register;
- a list of any BVI laws that the licensee may have breached over the period under review and a summary of any remedial action and time frame taken to address any such breach;
- a copy of the licensee’s register of compliance breaches (which it is required to maintain under the Code);
- the total number of suspicious activity reports made during the year of the COR;
- a list of significant complaints (as defined in the Code) made by customers of the licensee indicating the dates of the complaint, the nature of these complaints and how they were handled;
- an indication of whether there has been a significant breakdown in the internal control structure of the licensee including any compliance risks that may be associated with the licensee’s business relative to:
- its existing risk management strategy, policies, systems and controls, and whether the internal controls remain sufficient and appropriate for the licensee’s business; and
- whether the strategy, policies, systems and internal controls are being implemented and complied with in an effective manner;
- confirmation of whether the licensee remains properly resourced, structured, and organised to enable it to effectively undertake its business activities, including serving the number and types of its customers; and
- confirmation of the level of compliance by the licensee with its reporting, filing and all other obligations under the Code and any other applicable financial services legislation.
Can a licensee request an extension of time to prepare and submit its COR?
There are no clear provisions in the Code or the Act governing whether and how the Commission would consider requests for an extension of time to file a COR. It is likely that the Commission will, as it did prior to the 2019 amendments to the Code, continue to deal with such requests on a case-by-case basis to determine whether the circumstances justify any extension being given or if any enforcement action ought to be taken where a COR has not been submitted by the specified deadline. Considering the likely discretionary nature of that exercise, licensees are well advised to submit their COR to the Commission on time to avoid the risk of any enforcement action being taken against them.
What enforcement action might the Commission take if a licensee fails to submit a COR on time or at all?
The Commission has broad enforcement powers under the Act which it may exercise in any case where it is of the opinion that a licensee has contravened any provision of the Code or any other financial services legislation. In exercising such powers, the Commission has several options ranging from the issuance of a warning letter against a licensee to the revocation or suspension of its licence. In cases where a licensee has failed to submit its COR, the Commission typically imposes a fine commensurate with the degree of non-compliance. However, repeated infractions could result in more severe enforcement action.
CORs assist both the Commission and the licensee in monitoring the licensee’s compliance with the Code and other applicable financial services legislation. Accordingly, it is enormously important for licensees to prepare accurate and comprehensive CORs that comply with the Code. In doing so, licensees not only avoid the risk of enforcement action for failure to submit a compliant and timely COR; they also benefit from the opportunity to assess their compliance functions against the background of this obligatory regulatory self-inspection.
If you need any further guidance on preparing and submitting a COR or determining whether a licensee is exempt from this reporting requirement, please email us or reach out to one of our lawyers using the contact details below.