Compliance & AML in Estonia, Learning Management Systems & Our Certificates: A Webinar

Last month LGCA jointly with IGCA and RCA, an AML and compliance consulting group in Estonia organised a webinar on Compliance & AML in Estonia.

Panelists were:

– Stavros Fatta, CEO, LGCA, UK

– Mateo Jarrin Cuvi, Global Manager for Partners & Media, IGCA, UK

– Marti Kõrnas, Managing Director, RCA, Estonia

Here’s what was shared on compliance and AML in both Estonia and the rest of the world, plus plenty of great information on setting up your own learning management system (LMS) and IGCA’s certifications.

Why is compliance so important these days?

Stavros Fatta: Thank you very much for the for the introduction and joining us today. With regards to your question, we have seen in recent years that because of various corporate scandals, regulators and lawmakers have been enacting a growing number of local and global regulations which organizations need to comply with. There is no other way around it so non-compliance can have very serious and sometimes devastating commercial consequences for the brands. At the same time of course, embedding these compliance policies into a company’s culture requires further practical measures. Simply having compliance policies but not enforcing them may be almost as harmful as not having them at all. So, in our view, the most effective way of ensuring compliance is to train employees in the basics and how they apply to the business.

Marti Kõrnas: From my end, I would also like to bring in the perspective of morality, especially when it comes to AML or terrorist financing compliance. When organizations have those measures in place and they are implemented correctly, criminals are unable to move their funds, making crime less profitable and it may even cause some criminal organizations to cease their activities. To give an example, for a terrorist organization it’s hard to carry out any attacks on foreign soil if they’re unable to send funds to their targeted territory.

Mateo Jarrin Cuvi: I’ll just jump in with a quick kind of comment. Going back to my time in the international tax world, I remember speaking to a lot of tax lawyers and tax professionals, and they were just astounded by the number of new regulations that they had to follow, and they had to comply with. Which is a good thing in terms of curtailing all these cases of fraud and tax evasion and delinquent activity. You must follow FATCA these days, you must follow CRS, you must follow DAC6, you have all these regulations that are popping up, helping the industry move forward in a clean and proper and more efficient way. So, this is something that is a reality in all industries, this is not only limited to the financial services, but you also have compliance in every single aspect of life. Rules are there and we must follow these rules and that’s just something that we must deal with to the best of our abilities, in the best possible way that would be beneficial to our company.

Do you have any specific trends related to compliance that you we should pay attention?

Mateo Jarrin Cuvi: Compliance again is a huge field but we’re going to try to limit it to financial services in this case. I’ll let Marti handle the AML component since that’s his area of expertise, but in my case, the kind of focus point that has been of most interest and that has been the hottest topic these days is ESG. We’re talking about this very strong push or focus on the environment and environmental protection, on sustainability, and on governance. The governance part that interests me the most has to do with diversity and gender representation in the boardroom, having a diverse boardroom with many different sorts of ethnicities and religions and what not, just to kind of create an environment in which you have different perspectives, different opinions, different points of view that will all feed into a company doing their job better. If you have a boardroom where every single person is the same or at least comes from the same background, diversity and thinking outside the box is going to be limited. So, I think ESG is very important. Many stakeholders and customers are interested in what companies are doing to protect the environment, you see it with recycling efforts, with green energy, and a push towards sustainability and growing a company in the long term, in a responsible manner, in a way that it can be sustainable and self-sufficient to a certain extent. So, I think ESG is here to stay, ESG is something that is just going to grow in importance, and it’s something that I think every single company out there, regardless of their size, should focus on because these up-and-coming generations have a very great interest in these sorts of topics and these sort of characteristics in the companies that they invest in, and they support.

Marti Kõrnas: From AML’s side, I think the biggest trends are, first and foremost, the automatization of KYC measures and transaction monitoring. Also, data protection as all the data that is being exchanged between the financial institution and the technical service provider must be properly handled as well. A second point would be information exchange between financial institutions themselves and the regulators. There’s an Estonian start-up who is actually addressing this problem and I think their thesis is quite correct that money launderers have advantage due to their networks, they don’t have the same restrictions on data sharing that legal companies might have, and thus the information travels more freely but in the case of financial institutions information is kept within either one institution, maybe there’s partnering companies that they might share the information with, and the same problem is with the regulators as well. Money laundering reports are being submitted and if they are actual cases or persons identified to be included in either a money laundering scheme or terrorism financing, that information isn’t related back to other financial institutions so they can check if they have also been involved in a known scheme.

Mateo Jarrin Cuvi: Let me jump in here just to add a point to what Marti’s saying. I don’t know if you are familiar with the DAC6 regulation in the EU, which basically calls for reporting arrangements or dealings to European regulators, and it’s based on five hallmarks. Basically, the hallmarks are quite vague, they’re not super specific. So, what I’ve heard from a lot of compliance professionals and a lot of people in the tax world is that, at the end of the day, what companies are going to have to do is, “Oh, well, I don’t know whether this falls under one of the hallmarks so I better just comply and submit the data to the regulators.” So, what I think might happen is that regulators are going to be flooded with people reporting all these cases, and then pouring through all that information and all that data, you basically need to set up some very sophisticated systems that will kind of flag certain cases and lead to finding those cases that led to tax advantages or tax evasion or whatnot. Big data is a huge part of this and pouring through all of this is going to be a complicated matter.

Stavros Fatta: Talking about trends in compliance, in our view technology will play a big part, so we do believe that regulations and compliance is becoming more and more complex. We have seen also local regulators applying their own regulations. Following Brexit, we have FCA now coming up with its own approach, so it’s really hard for the compliance officers and the compliance internal teams in any kind of organization, whether it’s a bank, an insurance company, a fund, an investment services firm, etc. It will be hard to keep up with all the daily tasks and all these continuous obligations for reporting. So, technology will play a big role and we have seen compliance portals coming up, regtech companies coming up with solutions around all the type of requirements. So even for onboarding clients and we have seen advanced eKYC solutions coming up and customer due diligence solutions and technology will play a big part even in applying regulation or AML practices to cryptocurrencies as well and crypto exchanges. So ESG also as you mentioned, it is a trend, it’s a global thing and we have one environment so I believe that the approach will be the same globally following the leading position of the European Union on this because the European Union is ahead for more than 10 years, even applying a carbon exchange. So even now China is following the European approach in terms of this. So, technology is there, and I believe that the compliance officer of the future will be a completely different person from what we know now, they will need data analytics skills, BIs and technical skills in programming, etc.

How compliance is being handled by Estonian businesses and are there any challenges specifically in the Estonian market?

Marti Kõrnas: The very helpful material for answering that question would be FUI annually published yearbook and analysis state they have conducted in 2020. Most of the biggest challenges that was highlighted by the FUI, and it mainly concerns smaller obligated entities such as accounting, law firms, corporate service providers, which links up with today’s discussion topic, is that employers do not emphasize training their employees properly and they don’t have any kind of recordkeeping for any kind of additional training that their employees might have received. The challenges being that that the AML due diligence measures that are applied might be done by an employee who might not understand the substance of the actions that need to be taken or they might not recognize any kind of red flags when it comes to either AML or terrorist financing. So, yes, I would say the biggest challenges would be raising awareness of all those kinds of issues within the sphere of obligated entities.

Are there any specific opportunities available regarding compliance in Estonia?

Marti Kõrnas: Yes, one of the points that Stavros mentioned in the last question regarding regtech, now we are seeing all kinds of start-ups popping up here in Estonia as well. Veriff might be one of the best known. So, I think the biggest opportunities in the compliance field would be in regtech and automatization.

How can IGCA’s certifications help Estonia’s business owners and AML professionals?

Mateo Jarrin Cuvi: Sure, I’d be happy to. Let me just frame the issue by introducing IGCA and what we do to provide a context for the listeners. The International Governance and Compliance Association is a relatively new association, we’ve been around for close to a year and basically, we work on a two-prong kind of model. On the one side, we offer certifications to professionals in the financial services. We have certifications in anti-money laundering, we have certifications in KYC/CDD, and we have certifications in compliance. Eventually, we’ll roll out a few more certifications in international economic sanctions, risk, governance, and a diploma in governance, risk, and compliance. We work with training partners, Stavros with LGCA, they’re one of our training partners, so that’s on one side of things.

On the other side of things, we work as a network of compliance professionals. We’re looking to set up a place where compliance, risk, and governance professionals can exchange ideas, can share their expertise, participate in webinars and interview series, hopefully COVID permitting, we will eventually have some regional and in-person events, etc. So, we want to certify professionals, and, at the same time, we want these same professionals to come together in one space to improve the compliance industry and make things better, easier, more efficient, etc.

So, what I’m hearing from Marti is that one of the main kind of objectives for Estonia is to raise awareness, and I think our certifications are very well equipped to raise awareness and bring a general holistic, comprehensive understanding of compliance, AML and KYC/CDD to a professional. It could be someone young who just graduate university and wants to join the compliance world or it can be someone who has more years of experience but not necessarily in compliance and they were kind of pushed and forced to do compliance, which is the case in many instances.

Our certifications are global in the sense that we don’t focus on a specific area, we look at things from a holistic, comprehensive point of view, so they’ll give a very good framework and a very good base for someone who is doing this task or someone who wants to get into the compliance world. Our certifications are all self-paced, they’re online, you can do them from the comfort of your home or office or if you’re at the beach. So, I think it fits in well with what Estonia needs in terms of raising awareness and kind of covering that gap that Marti has been mentioning.

Marti Kõrnas: Just a quick point to follow up, in Estonia we currently do not have any kind of legal qualification for AML specialists.

Mateo Jarrin Cuvi: So, in addition to this, you could become an IGCA professional in AML, you become a certified professional as part of IGCA, as part of our organization. That goes along with the setting the framework and the base and whatnot and preparing people to carry out that role at a very high level.

Can you elaborate a bit on LGCA and its courses and how can they be beneficial to our listeners?

Stavros Fatta: As Mateo mentioned, the London Governance and Compliance Academy is an accredited training provider of IGCA. LGCA is a multi-accredited UK learning provider, a member of the European Institute of Management and Finance (EIMF) group, which is a leading provider of professional education in Europe, specialized not only in compliance, but also in accounting, finance, management, business skills, etc. So, we have invested in technology, and we do offer solutions for compliance officers in terms of training, and we are servicing more than 1000 regulated entities at this stage.

From this experience working with companies all over Europe, UK and globally with other regulators as well, what we have noticed during the last two years of COVID is that the majority switched to online, so then the whole training is now delivered online, either this is a live online session with a team or individuals, and we do also offer e-learning courses through our LMS platform. Our e-learning platforms are compatible with any browser, any mobile or tablet devices, and this is suitable for employees. Nowadays people want to be able to access the training anytime anywhere, on non-working hours or even on weekends, and the good thing is that the compliance officer or the human resource manager of a company can have an admin role within this portal and they can view the data, they can analyse the data, they can see the results of the training, how much time it took each person to complete it, the passing rates and everything. And these data, this information including the electronic certificate, which is unique for every for every participant, for every employee or graduate, is accessible for any audits. So, we have seen compliance officers giving access to the portals to auditors or regulators to prove that they have been training their employees towards the various regulations. Our platforms also support a huge range of libraries including more than 200 soft skills covering all the departments, so we we’re not only training compliance offices and compliance teams, but we’re also training all the employees in any position in a company and in various skills.

I think it would be a good idea to share my screen and show you a little bit how companies and individuals in Estonia can benefit from this collaboration between RCA, LGCA and IGCA. Allow me to share my screen to guide you through. LGCA.uk is our page, so anyone can go there to have a look at our accreditations and partnerships. We are accredited by more than 20 international associations. Being part of the EIMF group, you can play around, you can go to the partner section and have a look at our accreditations and the training preparation that we are offering for individuals to get certified. So, we do prepare people to sit the exams at a very high success rate, we are running at a success rate of 80 to 85 percent in almost all the certificates that we do. You can also have a look at the European Institute of Management and Finance website, which is our group, and AML Compliance, RCA’s website.

We have created this training academy section here where you can read a few things about our collaboration and what we are aiming to offer to the local market. So, by clicking here, you will go into this platform, which is the LMS platform that we have created. You can sign up from here and log in. So, by logging in you have access to various courses, these are some of the most popular certificates that we have, and we show at the homepage level, but as soon as you log in you will be able to have a look into all the courses. So, this is a platform, this is an academy which is a B2C academy, so professionals, young graduates, some directors, managers who are in the industry and they want to get certified, they want to build skills, learn more about specific compliance topics, they can sign up, they can register into a course and watch it online.

What we also offer in collaboration with RCA for the Estonian market is branded portals. So, if a company is interested to train employees, they should contact RCA and us and refer to RCA of course to get the special promotion and special pricing for the LMS platform and the libraries that we offer. We can then have a detailed demo for you on how we can create an online internal academy for you, a self-paced one for you in collaboration with RCA.

Now within this platform we have a huge catalogue, so as soon as you contact us, we can share the catalogue that we have with all the courses around a variety of topics, and these can also be added within your internal academy to train your employees. As I said, it’s not only compliance, but we also have a huge variety of micro learning videos around a variety of topics, including compliance essentials, cyber security, customer support, project management skills, etc.

Now igca.org is the website for the International Governance and Compliance Association, where you can see the various designation letters that you can be getting by completing a course and the various types of memberships that are available. A user, now by logging into the platform, he has access as to a variety of courses, I’m clicking now as an example to this AML course that we offer for the certificate in AML by IGCA, where you can start your course here. You can see it as a full screen, there is an introduction, you can also download an e-book, there is also study material where you can download, and you just read the content and press play and you can start watching the courses. What we can also do for you is if you contact us with the RCA code, we can not only offer you a demo, but we can also send you the portal with your brand and your logo within 48 hours to test drive it. So, we give you the chance to have a look at the content and see how this suits your company, to get a hands-on feeling of the platform and the courses to proceed to train your team. And this is another type of courses, for example, that we do offer which is small short courses of 10 minutes for people to understand and learn about the basics because sometimes there are employees that they cannot even understand the basics of what is my money laundering, so it it’s really important for our customer support employees and KYC onboarding employees, all the employees that have a role in a touch point within a company, they have to understand the basics, they need to know what is a placement, what is a layering, what is an integration, they have to be familiar with all these terms and they need to understand as soon as they see a transaction, as soon as they see a behaviour that is not okay and it’s triggering an alert, they need to know what to do, how to do it, how to inform and take the correct action according to the internal policies of the company. So, in our view, together with RCA, we have joined forces and local expertise, and we strongly believe that we can cover any training need of any organization within the Estonian market.

Concluding Remarks

Mateo Jarrin Cuvi: In terms of final thoughts, compliance is here to stay, it’s been here for a while but it’s growing in importance, it’s growing in the amount of work a company must do. To retain your reputation, to retain your brand name, to attract more shareholders or stakeholders or investors or customers, compliance is something that must be done, and it must be done well. I would say you have to go beyond just ticking the boxes and doing the minimum to pass the test from the regulatory authorities, you must go a step beyond and do an excellent job that will reflect well on the company and lead to better results and more sales and whatnot. So those would be my parting thoughts.

Marti Kõrnas: As we’ve discussed throughout this webinar, I would strongly success if you are in any ways related to a compliance field, because I also completed these courses before our cooperation started, the courses are really well built up, you can go through them at your own pace, so you don’t have a physical presence where you need to be in a classroom, let’s say, for 45 minutes straight, but you can go through the course as you wish and are able to do it.