QUESTION: What are the top three roles and responsibilities of a compliance officer? We are trying to define this job role very clearly before we determine we need one.
The top three roles and responsibilities of a compliance officer vary — it depends on what you are defining as a compliance officer. If you mean a true Chief Compliance Officer (CCO) that sits outside of IT, then the top three roles and responsibilities tend to be:
- Policy and Procedure Management — this is the definition, communication, training and attestation to corporate policies and procedures.
- Compliance Monitoring — evaluating and measuring the state of compliance across the organization.
- Investigations — managing investigations into wrong doing and anything that violates regulatory/legal requirements.
These three functions are part of a broader set of seven elements that the United States Sentencing Commission (USSC) has established as what an effective compliance program looks like. Read these seven elements of effective compliance and ethics programs on the USSC website.
If you are referring to an IT compliance officer, the duties are similar but more focused on IT as opposed to broader compliance. An IT compliance officer also tends to focus more on automation of IT controls.