Compliance management

Compliance management or Compliance risk management is how we adhere to laws, regulations, standards, policies and codes of conduct that apply to the Organisation.

Internal policies are formulated in line with the rules and guidelines set by regulations, laws, or industry standards. To do this effectively the compliance department identifies, manages, and monitors activities to reduce the risks associated with non-compliance.

Our policies compel desirable, ethical, and safe behaviours in financial, environmental, information and data security, employee relations, and other business practices in order to better prepare ourselves to comply with the regulatory mandates.

Accordingly, we are cognisant of the need for a broader view of compliance and our risk assessment process encompasses compliance risk exposure.

The compliance culture

At People’s Leasing & Finance PLC our staff is committed towards protecting and nurturing the Company’s reputation and lives its values such as ethics, integrity, transparency and accountability every day, everywhere.

During the year, under review there have been many changes to policies and practices that have been implemented with the changing business environment. Our compliance driven culture is evidenced by the willingness of employees to readily accept and implement these changes and adapt accordingly. Further, our Code of Business conduct and ethics mandates compliance with all Laws, Rules and regulations. This compliance culture has resulted in its employees taking ownership towards their responsibilities in performing their day-to-day functions whilst being compliant with all laws and regulations currently applicable to the business.

The Company continues to maintain a record that has not been subject to any fines or actions implemented by regulators for the period under review for any instances of non-compliance.

The compliance function

The Compliance Officer reports directly to the Board Integrated Risk Management Committee (BIRMC) of the Board which assures it a significantly higher level of independence from business and other support functions of the Company.

In the year under review the Compliance Officer presented status reports on the status of the Company’s compliance at each of its meetings.

Our holistic approach is focused on 6 fundamental components; a strong compliance culture, policies and procedures, Training and Communication, Key Processes, Risk Assessment, Review and Monitoring and Required Resources which collectively deliver a cohesive and efficient compliance function with embedded compliance responsibilities throughout the organisation.

Key compliance requirements are subject to ongoing monitoring of the Compliance Department. The Company has implemented required procedures to ensure compliance with relevant laws and regulations and for the monitoring of the same. The compliance departments and several other departments are involved in the process. It is a constant cycle of updating knowledge, reviewing policies and procedures, reviewing and monitoring, training, communication and implementation.

As we are a Finance Company we are regulated by the Central Bank of Sri Lanka and as we are a listed Company we are regulated by the Colombo Stock Exchange and the Securities and Exchange Commission and ensuring due compliance with Regulations, Directions and Guidelines issued by these regulatory authorities forms an important function of the Compliance department.

Each department of the Company is responsible for ensuring that they follow internal policies, circulars, guidelines, Regulatory directives and guidelines and also applicable local laws. They are required to provide a confirmation of compliance at the end of each quarter and any deviations from policies and any violations of laws/ regulations are reported to the IRMC.

The Internal Audit regularly performs the necessary investigative activities, monitors compliance and carries out random checks including online checks. Recommendations pursuant to these activities are implemented by the heads of respective divisions. Recommendations leading to disciplinary action are dealt with by the Human Resources Department. These processes are closely interrelated, in line with the concept of a comprehensive compliance management system.

Compliance controls

Effective controls are the lifeblood of what makes compliance work. At People’s Leasing & finance PLC Internal controls are set up to ensure all corporate compliance obligations are met. Apart from policies, procedure manuals internal circulars, process trainings, entity control (Corporate Management guidance on corporate priorities) certain automated system controls and are also applied to reduce the risk or chance of an unwanted outcome.

Further, the Internal Audit Department plays a supportive role in ensuring compliance throughout the Organisation in conducting audits on a regular basis in the areas which are susceptible to the occurrence of fraud and unethical practices. The findings of these audits are reported to both the Board Audit Committee and the Board Integrated Risk Management Committee for evaluation and recommendation of corrective measures where relevant.

The Company promotes ethical behaviour through the Code of Business conduct and ethics of the Company and the Company Whistle Blower Policy promotes ethical behaviour and a robust and effective compliance culture within our business activities and serves as a valuable source of information on possible risks and specific violations of rules. Concerns raised by whistleblowers were duly attended to during the year under review.

The Company’s HR Policy too lays the foundation for inculcating an ethical work culture in the Company by recruiting employees with high level of integrity and adopting a policy for periodically rotating staff.

Compliance technology

Technology is used for compliance monitoring, customer screening, and compliance controls in line with the current industry practices.

Compliance training

The Company identifies the training needs of employees and provides training where necessary. Selected employees attended external programmes during the year under review which encompassed training sessions on Anti Money Laundering and Combating Terrorist Financing, Cybersecurity Compliance, and Regulatory Reporting Requirements for Licensed Finance Companies etc.

Additionally, all new employees undergo a staff induction programme to get them acquainted with the processes of the Company.

Our holistic approach is focused on 6 fundamental components; a strong compliance culture, policies and procedures, Training and Communication, Key Processes, Risk Assessment, Review and Monitoring and Required Resources which collectively deliver a cohesive and efficient compliance function with embedded compliance responsibilities throughout the organisation.