The increasing pressure from legislation, the supervisors and the gatekeeper function of financial institutions make the compliance framework and thus the role of compliance officer essential for financial institutions, for both large and small sized institutions. Just having a framework isn’t enough. It must also perform well in practice.

In addition, a well-designed compliance function contributes to the optimisation of a company’s business operations. Maintaining policy, ensuring proper separation of responsibilities and functions, creating awareness of risks and knowing the customers and their market contributes to a company’s success.

Setting up and optimising the compliance function and the role of compliance officer within a financial institution therefore requires both a thorough knowledge of laws and regulations, the customer base and a pragmatic attitude to actually get things done. Many financial institutions lack the time and knowledge to set up an adequate and high-quality compliance function that suits the nature and size of the institution.

Do you need support in setting up or optimising the compliance framework or the role of compliance officer? We have developed a roadmap to show how Enigma can assist you. If you have any questions, please contact one of our consultants. They will be happy to help you.

Thim Donkervoort
Thim Donkervoort
Senior Legal Consultant


Design of the compliance framework

For an effective and efficient compliance function, it is important that the compliance function is an integral part of the governance of the institution. Among other things, the framework includes the correct implementation of the following:

  • All relevant legislation
  • The ‘Three lines of defence’ model
  • Creating support for the compliance department
  • Identification and implementation of an appropriate risk appetite
  • Set up risk management through operational risk analysis and systematic integrity risk analysis (SIRA)


Elaboration in procedures and work instructions

After the framework has been set up, it should be elaborated into procedures and work instructions. This is reflected in for example:

  • The CDD /KYC process
  • The transaction monitoring policy
  • Training of employees


Assessing the operation of the compliance framework

After elaboration of the compliance framework into the relevant procedures and policy documents, the assessment phase begins: are all measures effective and are the procedures and work instructions actually executed?

Important topics in this phase are:

  • Incident management policy
  • Alert handling
  • Internal audit
  • Consultation with relevant stakeholders



The compliance officer reports his findings to:

  • The relevant supervisors
  • Management / board
  • Other stakeholders internally / externally


Consultation with external stakeholders

The compliance officer is the person who liaises with external stakeholders such as the supervisors, FIU-Netherlands and interest organizations.


Through years of experience within the Payments and Compliance domain, Enigma has developed a unique and above all pragmatic step-by-step plan in which the customer is intensively guided from start to finish in setting up and performing the compliance function. The goal: contributing to sound (operational) management, as expected from an institution with a gatekeeper function.

Compliance case Flow Money Automation

From frequent compliance sessions with the board, the organization is kept “compliance fit”. Whether it’s about implementing a solid know-your-customer policy or mapping out the regulatory aspects of international expansion: Enigma’s Risk & Compliance professional brings the necessary knowledge and experience to bear for the realization of well-considered board decisions.”
Niels Mulder – founder and COO Flow Money Automation

Compliance case CURO Payments

As a relatively small player, CURO Payments focuses on a number of niche markets with specific characteristics. Enigma consultants are able to create support within the company for the compliance agenda by making compliance part of the daily business. Knowing your customer and their business as well as knowing what is going on in the market is essential for good risk management, but also provides commercial opportunities.
Chris Visser – CEO CURO Payments

Our Risk & Compliance Experts

Arjan Bom

Senior Legal Consultant
Arnoud van Sterkenburg

Ian Kok

Senior Legal Consultant
Jaap Jan de Jong

Executive Consultant
Kaj van der Peet

Lex van Beurden

Senior Consultant
Maarten van Denzen

Senior Legal Consultant
Roland Hols

Roxane van der Laan

Executive Consultant
Thim Donkervoort

Senior Legal Consultant