Our solutions for the compliance function
- Best practice compliance software to document and automate your compliance processes from policies, risks, controls, compliance reviews, and reporting activities.
- Fixed prices compliance software implementation.
- Optimisation of usage.
- Application security,
- API integration with GRC, risk management & internal audit software.
- Compliance specialists to assess, improve, and embed compliance functions.
- Both strategic and hands-on operation consulting.
- Real-time compliance reporting & assurance (to all stakeholders).
- Improve compliance via maturity modelling.
- Improve tone-at-the-top, culture, integrity, committed leadership (all with maximum usage of soft controls).
- continuous process improvement as a capability build within the organisation.
- For clients who aim to outsource their compliance function, we provide remote compliance managed services with local representation (feet-on-the-ground).
- From Suriname for transaction & reporting oriented repetitive compliance work.
- From South Africa for (SAP) security, IAM, active directory and authorisations.
- All with global and local (your region) specialists for specific areas, regulations or topics.
Flexible compliance specialists pool
- A pool of compliance experts from all around the world, including our service centres to support our clients in their operations (all lines of defense) or change projects.
- Focus to provide resource availability plus flexibility.
- All our specialists are trained in our software solutions.
- Both repetitive work as high value consulting.
- For financial institutes we provide operational (1’st line) and 2’nd/3’rd line managed services from Suriname.
- 1’st line operational support to realise best practice banking compliance. This includes client onboarding, risk profiling, KYC/CDD analysis, UBO-analysis, FATCA/PEP CRS/GDPR/AVG, World-check, BKR, OFAC, Enhanced and event driven DD, and black list management.
- 2’nd line is compliance auditing / monitoring to guide and review process execution.
- 3’rd line to provide independent assurance to board and stakeholders.
- We focus on your repetitive work,
- Provide staff availability and flexibility (up- and downgrading).
- Resulting in increased job satisfaction for your staff.
- High staff retention.
- Focused knowledge transfer.
- Technology forces effective and efficient process execution.
- Experience experts for strategic and operational (hands-on) advise.
- Effectiveness, efficiency and quality improvement is included in our managed services.
Reliability & trust
- We meet your objectives and requirements.
- Our repository of automated controls and application security provides reliability.
- Reliability and continuous insight for all stakeholders creates transparency and trust.
Cost efficient savings
- Efficient process execution with technology and well-educated staff.
- One-time-right quality consulting (less hours, higher value) at competitive prices.
- Managed services reduce 30% costs (compared to European standards).
- With our technology resulting in high quality process execution.
- Best in class consulting including content (frameworks).
- Embedding new way-of-working (make it stick).
- High quality managed services seamlessly integrated in your process.
- We make you best-in-class for you to add value.
- Full project support.
- Building your capabilities to continuously improvement.
- Quality assurance over the transition is included in our managed services.
Client experiences compliance
reach new heights with our world class technology software
meet all compliance regulations
continuous dialogue with all your stakeholders inside and outside your organisation
company wide dashboards providing real-time insight
Full transparency towards all stakeholders
Compliance technology (and Regtech)
Technology solution categories
Together with our technology vendors, we help our clients to select, implement, enhance & protect their compliance technology solutions.
We support in:
- Building the compliance technology vision and plan.
- Align with other governance bodies and implement software solutions.
- Select the right technology from requirement analysis, RFI, RFP to contracting.
- Providing demo’s and realising sandboxes to give you an understanding of the functionalities.
- Set-up and (fully) execute the technology plan.
- Do the market inquiry and provide reference clients (visits).
- Technical realisation of the software (on-premise of together with the vendor in the cloud).
- Customise the compliance software.
- Implement your way-of-working, organisation structure, policies, processes, risks, controls and report in the software.
- Provide and implement content and frameworks.
- Train you staff in the usage of the software.
- Implement capabilities for you to continuously improve.
- Integrating technology solutions (API connectivity).
- Securing your compliance software and data.
RegTech software applications are plotted in the picture to the right (with an indication in percentages of different type of software)
Top compliance technology partners
Assess and position
- Strategic compliance direction and capability assessment, including management of the function, ‘tone-at-the-top’, commitment, capabilities, vision, strategy, continuous improvement.
- Effectiveness of governance (positioning, alignment with other lines-of-defense, and reporting lines).
- Your capabilities to prevent, detect, and respond.
- Compliance function maturity (scans).
- Your process to independently do internal investigations.
- Compliance risk assessment methodology.
- Compliance technology positioning and assessments (regtech, GRC software, and tooling related to sanctions & embargoes, TPDD, GEH, S&D).
- Operational compliance capability assessments, including policies, risk and control treatment, methodology, plans, handbook, dashboards, and reporting obligations.
- IT compliance, including ERM (SAP) authorisations and security.
- Content and frameworks reviews.
- (Financial sector) compliance monitoring (2.5 line of defense).
- Compliance staff quality and requirement assessments.
- Provide ad-interim Compliance Officers.
- Specialist consulting on topics and regulations (eg, export controls, trading compliance, integrity & soft controls).
- Board Audit Committee and Supervisory Board consulting.
- Risk & compliance (awareness) training & ongoing counselling.
- Executing compliance testing and independent investigations.
- Strategic improvement program using maturity modelling and our vision towards the compliance function of the future where the focus changes from testing to continuous insight providing trust to boards, stakeholders, and society.
- Value improvement, and (integrated) governance.
- Technology selection & implementation and usage improvement.
- Operational process improvement, code of conduct, risk treatments, policy compliance check, systematic case tracking, sanctions and disciplinary measures, self-disclosure / reporting obligations.
- Compliance framework and content provision.
- SAP authorisations & security compliance.
- Continuous transaction monitoring.
- We support to make all improvements stick by guiding your staff through all changes and periodically monitor the execution of your new way-of-working.
- Embed learned skills and realise a culture of continuous improvement.
For those clients who don’t have the right capabilities, or just want to outsource their compliance function, we provide managed compliance services. This includes embedding the new way-of-working over your organisation and BR1GHT.
Compliance managed services
For those clients who don’t have the right capabilities, not enough staff members, want to make fast quality improvement steps or just have the strategy to outsource, we provide managed compliance services out of:
- Suriname. Both ‘high value’ consulting plus repetitive compliance activities with a focus on energy trading, financial institutions and external auditors (ISQM). Our services include controls effectiveness testing, pre-accumulating compliance files, compliance testing, transaction & reporting oriented work, project management office activities, and so on. Read more for details related to banking compliance.
- South Africa. IT-compliance, including (SAP) authorisations, application security, automated controls testing and identify & access management. We also run specific data-analytics or process mining programs. All our teams are skilled in the latest technology.
- We provide both co-sourcing and full outsourcing. The biggest difference is that with co-sourcing our teams work fully under our client’s management supervision, in their IT-environment, and in their risk & quality management systems. With full-outsourcing, all risk & quality requirements are clear and written down in a service level agreement and we agreed that we can fully comply with them.
- Teams in Suriname and South Africa always work together with local BR1GHT people at your location. These local ‘linking pins’ make sure that we always understand your needs and if issues pop-up, we can immediately solve them. They are responsible for the seamless integration of our and our client’s staff.
- We have our proven methodology for onboarding to guarantee a controlled transition called ‘the 12-successfactors of change management’.
Flexible compliance specialists pool
Our compliance managed services supporting your business operations
- Client onboarding (establish risk profile, KYC/CDD analysis)
- Corporate structure charting, UBO analysis
- FATCA, PEP, CRS, GDPR/AVG analysis
- World Check, BKR, OFAC, FATF, EU, UN, Google checks
- Periodic Revisions of Client Files (risk rating/client profiling)
- Enhanced DD, Event driven DD, escalation & Investigation special cases
- Internal Blacklist Management
- Transaction Monitoring (AML, WFT, CFT) alerts and follow-up.
- Compliance Reporting (all, including FIU/AFM (unusual transactions reporting).
- Digitalization projects (e.g client file digitalization).
- Provide assurance towards 2’nd line/3’rd line facilitate reviews/audits.
- Support 2’nd/3’rd line with flexible compliance / audit resources (representation).
- Project support to implement control & assurance
Our compliance managed services supporting your 2’nd and 3’rd lines of defense
- Provide specialists to 2’nd line risk assessment, including technology to make risks visual and ‘living’.
- Specialist pool of compliance auditors / review specialists for the compliance function.
- Support in training, compliance awareness, ethics and integrity as baseline.
- Provide specialist auditors for compliance or audit function.
- Provide RegTech tooling and realise a strategic plan to incorporate a company–wide IT-landscape where controls monitoring is driving strategy execution, operational excellence and trust.
- AD/IAM & application controls continuous monitoring platform as managed services.
- Support in building dashboard and continuous stakeholder communications to realise trust.
The digital transformation is reshaping organisations with an increasing pace. Digital solutions using RPA, IoT and mobile are being implemented in the business to save costs, improve business processes or to build client intimacy. But what are the risks of these new digital solutions, how do you control them and what does digital mean for your control environment? In a series of publications, we will dive deeper into these questions and take you with us in our Digital Control journey Towards Continuous Monitoring.
In this publication you will read all about:
- What are the risks of new digital solutions, such as RPA, ML, IA,
- The need to continuous monitoring,
- Wat is continuous monitoring,
- How 2’nd and 3’rd Lines of Defence can use continuous monitoring,
- How to use continuous monitoring to provide assurance,
- Upskilling risk and internal audit specialists.
If you would like to know more about continuous monitoring, please contact us. We can provide you with concrete examples of implementations.