A top-down approach highlights the behaviour of regulatory changes in the financial institution and helps the Compliance Officer to build a strong Governance. This principle is also known as “tone at the top” in ethical and responsible business behaviour. From the highest management level throughout the rest of the organisation, the correct behaviour is emphasised. This allows sensitising the weakest chains in the organisation.

Having the support and ownership by senior stakeholders in the management committee and/or the supervisory board in compliance related projects helps to improve the Compliance Maturity.
Specification of the sub-levels and creation of building milestones in a project is vital.
In the top-down approach, a company must breakdown the different steps that are needed and create sub-levels that specify all the milestones to become compliant, or map all building stones with specifications.

A new law or regulation will be evaluated and the requirements will be listed by content or features. During the top down ”engineering” of the requirements, departments/stakeholders, functional changes within systems, applicable documents, updates in policies and procedures will be listed up. Timeframes, deadlines and dependencies are added to enhance the transparency.

This holistic view allows to perform an extensive gap-analysis. It also makes communication towards stakeholders easier if regulatory requirements are not met. The consistent application of policies and procedures throughout the organisation -regardless of the compliance aspects- will be stimulated from the beginning.
Once all elements are clearly defined and understood, the requirements can be distributed for completion.

Bottom-up Compliance is the approach whereby necessary changes are identified and requested mostly due to audit findings or issues. This reactive approach is more challenging in obtaining good results. However, in certain projects, the bottom-up principle is used by Compliance departments in test scenarios.
At the writing of this article, some financial institutions are still finalising their changes in the ex-post reporting under MiFID2.

To test the rollout of the ex-post reports and the developed subset of changes, a dummy account is used for testing purposes. All transactions in different asset classes performed during 2018 on this dummy account are known in advance. The content or outcome of the ex-post report can be verified based on the testing scenarios. This allows to intervene before sending out the mandatory yearly reports.
If the rollout of the report matches the assumptions, then one could have the comfort of knowing that the production environment can be activated.
This brings our role as Compliance experts closer to the business and will stimulate collaboration with all internal colleagues. And isn’t this a welcome evolution in the Compliance world?
Piet De Vreese - Pideeco Network Partner
Piet De Vreese Managing Director
Add your comment

Related articles

An AML EWRA overall risk assessment allows financial institutions to identify and appropriately manage the ML / FT risks...

Audit Findings Tue 18 June 2019

Diem is the cryptocurrency created by Facebook based on blockchain technology. Learn how it works and how it will revolu...

Transparency Tue 23 July 2019

Conduct Risk has been the hot topic of the past years. From principles to outcomes, discover how to articulate your busi...

Transparency Mon 28 May 2018

What is an Enterprise Wide Risk Assessment or EWRA? Learn how it helps entities understand what part of their business ...

Compliance expert Mon 17 June 2019
Experts in risk management and regulatory compliance

Pideeco is a consultancy firm providing legal services, business solutions, operational assistance and educational material for professionals in the financial industry.

We are based in Brussels and we specialize in regulatory risk compliance services covering the Eurozone.

Pideeco combines professional Regulatory knowledge and technical expertise to safeguard your business’ reputational and operational risk. Our unique customer-centric approach helps us build strategical and legitimate cost-efficient remedies.

Working with us means reaching out to complementary people, allowing for original thinking and innovative vision.

Our Network Learn more about us