A top-down approach highlights the behaviour of regulatory changes in the financial institution and helps the Compliance Officer to build a strong Governance. This principle is also known as “tone at the top” in ethical and responsible business behaviour. From the highest management level throughout the rest of the organisation, the correct behaviour is emphasised. This allows sensitising the weakest chains in the organisation.

top down approach senior stakeholder
Having the support and ownership by senior stakeholders in the management committee and/or the supervisory board in compliance related projects helps to improve the Compliance Maturity.

Specification of the sub-levels and creation of building milestones in a project is vital.
In the top-down approach, a company must breakdown the different steps that are needed and create sub-levels that specify all the milestones to become compliant, or map all building stones with specifications.

A new law or regulation will be evaluated and the requirements will be listed by content or features. During the top down ”engineering” of the requirements, departments/stakeholders, functional changes within systems, applicable documents, updates in policies and procedures will be listed up. Timeframes, deadlines and dependencies are added to enhance the transparency.

This holistic view allows to perform an extensive gap-analysis. It also makes communication towards stakeholders easier if regulatory requirements are not met. The consistent application of policies and procedures throughout the organisation -regardless of the compliance aspects- will be stimulated from the beginning. Once all elements are clearly defined and understood, the requirements can be distributed for completion.
Senior stakeholder

Bottom-up Compliance is the approach whereby necessary changes are identified and requested mostly due to audit findings or issues. This reactive approach is more challenging in obtaining good results. However, in certain projects, the bottom-up principle is used by Compliance departments in test scenarios.
At the writing of this article, some financial institutions are still finalising their changes in the ex-post reporting under MiFID2.

To test the rollout of the ex-post reports and the developed subset of changes, a dummy account is used for testing purposes. All transactions in different asset classes performed during 2018 on this dummy account are known in advance. The content or outcome of the ex-post report can be verified based on the testing scenarios. This allows to intervene before sending out the mandatory yearly reports.
If the rollout of the report matches the assumptions, then one could have the comfort of knowing that the production environment can be activated.
This brings our role as Compliance experts closer to the business and will stimulate collaboration with all internal colleagues. And isn’t this a welcome evolution in the Compliance world?
Piet De Vreese - Pideeco Network Partner
Piet De Vreese Managing Director
Add your comment

Related articles

How does one write the perfect Suspicious Activity Report? Learn what an SAR is, how to construct the right narrative, u...

Audit Findings Mon 26 July 2021

Is Google bound to GDPR’s right to be forgotten? Learn about the ECJ’s decision of 2019 on the subject and how Goog...

Transparency Wed 02 October 2019

An AML EWRA overall risk assessment allows financial institutions to identify and appropriately manage the ML / FT risks...

Audit Findings Tue 18 June 2019

Why do most AML programs in banks fail? Learn how compliance culture, training of staff, transaction monitoring systems,...

Tone at the Top Mon 15 March 2021
Experts in risk management and regulatory compliance

Pideeco is a consultancy firm providing legal services, business solutions, operational assistance and educational material for professionals in the financial industry.

We are based in Brussels and we specialize in regulatory risk compliance services covering the Eurozone.

Pideeco combines professional Regulatory knowledge and technical expertise to safeguard your business’ reputational and operational risk. Our unique customer-centric approach helps us build strategical and legitimate cost-efficient remedies.

Working with us means reaching out to complementary people, allowing for original thinking and innovative vision.

Our Network Learn more about us