Surviving regulatory inspections is all about managing expectations, understanding your weaknesses, anticipating how investigators will perceive them and preparing your staff to respond. The human factor can make or break an inspection and may present the biggest risk if you are not fully prepared. While you cannot completely control what your employees will say, careful consideration and preparation could minimise problems.

Here are some useful tips for surviving regulatory inspections

star employee
  1. Decide on which individuals will fare best in an inspection.

    The individuals chosen to represent the company must be fluent in organisational policies, processes, the operating model and control environment. They must be able to competently answer questions and provide clear explanations. The individuals should be able to perform under stress and be adaptable to manage unexpected questions and requests.

training
  1. Train the individuals that will represent the company.

    Trainees should know about the company, its policies, controls, inspection etiquette, presentation skills, techniques used by investigators to elicit responses, the type of questions that may be asked and how to respond effectively. They need to know how to provide technical information or explanations when asked.

Interview do’s and don’ts
  • Answer all questions honestly
  • Be prepared and have evidence on hand
  • Avoid phrases such as “I think”, “never”, “next time”, “we usually do it this way”
  • Avoid qualifiers such as “typically”, “normally” and “usually”
  • Stop speaking once the question is answered
  • Ask for explanations or interpretations of what you do not understand
  • Maintain a friendly and cooperative attitude
  • Maintain eye contact
  • Volunteer information or answer a question that has not been asked
  • Attempt to answer hypothetical questions
  • Point out deficiencies or errors
  • Feel the need to respond to every comment
  • Make statements about your personal views
manage questions
  1. Managing rapid-fire questions with composure.

    Individuals should be trained on how to listen effectively and respond accordingly, particularly in instances when regulators adopt a “rapid fire” questioning approach.

caution
  1. Be cautious when committing to take responsibility for an action.

    Actions should be committed to after conducting the appropriate analysis and assessing impact.

confused
  1. Know your areas of weaknesses in advance.

    Assess your business to identify areas of control weaknesses and act to address the deficiencies prior to the inspection. Provide baselined project plans and be able to answer questions regarding project slippages.

Common areas of deficiency include:
  • Lack of a comprehensive policy framework and AML programme
  • Inadequate record keeping
  • Failure to conduct enhanced due diligence
  • Failure to implement a practical risk-based approach
  • Failure to risk rate client at onboarding and at regular intervals
  • Failure to conduct customer due diligence
  • Failure to conduct customer due diligence for legacy clients or present a suitable plan of action
  • Failure to document controls
  • Inability to identify suspicious and unusual transactions
  • Inadequate reporting mechanisms
  • Failure to identify limitations in systems
  • Failure to identify third-party risks
listening
  1. Listen and seek to understand.

    Understand what is being asked and formulate an appropriate response. Pick up on concerns and cues as these could assist in understanding if the interview is going well.

planning
  1. Prepare, plan, do and check.

    Preparation is key for a successful inspection. Ensure that your evidence file is maintained, that staff members are made aware of impending inspections and that your risk management and compliance programme is understood and can be explained. It is often useful to conduct a readiness inspection and simulation prior to the actual event.

How can we assist in preparing you for an inspection:
  • We can conduct a readiness inspection to assess your control environment and provide a detailed report on deficiencies identified and recommendations to address gaps
  • Deploy a team of experienced consultants to assist with remediation, enhanced and ongoing due diligence support
  • Offer SME advisory support
  • Design frameworks and methodologies
  • Build automated transactional monitoring systems and rules
  • Business analysis
  • Regulatory project management
  • Develop training material and facilitate training to staff members and executive management

Credit : Sholane Sathu