Meet our new Compliance Officer
Please join us in welcoming Siphokazi Mato to the Networks Unlimited team - she joins us as our new Compliance Officer. Her role is to make sure that the company functions in a legal and ethical manner while meeting its business goals.
Compliance officers are responsible for developing compliance programmes, reviewing company policies, and advising management on possible risks, and thereafter for ensuring that the organisation adheres to policies and procedures, especially regulatory and ethical standards. They perform regular audits, design control systems and help to design and implement company policies.
Having graduated previously with a Bachelor of Arts (BA Law) and Bachelor of Laws (L.L.B.) Degree, Siphokazi notes that there are many legal requirements in the compliance arena that constantly need to be considered, and that a legal background helps the incumbent to better manage the demands of the role.
“Preparing a compliance risk assessment requires an in-depth study of the relevant legislation/regulations/directives and/or policies in order to effectively apply these to the organisation, as well as assess whether the relevant controls we have in place are adequate to address the risk involved,” she explains.
“Furthermore, having an attorney in the role means that you have a compliance officer who can provide legal opinions on how the relevant legislation will affect the organisation.”
We sat down with Siphokazi and asked her some questions.
What are your primary responsibilities?
Firstly, I must prepare a compliance risk assessment on all areas of Networks Unlimited’s business and/or of the relevant legislation, regulations and directives and/or policies, in order to effectively apply this to the company. I need to evaluate whether the relevant controls in place are adequate to address the risk involved.
Thereafter, it’s all about developing and monitoring the compliance risk management plan (CRMP) by ensuring that Networks Unlimited is implementing the policies and/or plan. Additionally, I must carry out research on any new legal developments and ensure that Networks Unlimited is brought up to speed on any new amendments that need to be effected.
Why is it so important for doing business?
Compliance is necessary to ensure that Networks Unlimited conducts its business in compliance with all national and international laws and regulations, as well as professional standards relating to the company’s particular business arena. The penalties and imprisonment for non-compliance can have disastrous effects on the organisation.
What role is the Protection of Personal Information (POPI) Act going to play in terms of compliance requirements in South Africa?
POPI is a win for all involved, as it allows a data subject to have ownership of their personal information as well as monitor its transfer. However, this means that organisations will need to have more stringent measures in place to ensure that all the personal information held is done so with the requisite consent, and used only for the purpose for which it was intended.
Furthermore, the Act requires organisations to educate their employees about POPI, as well as ensure that the necessary measures are in place to ensure legal compliance. This piece of legislation requires ongoing monitoring of the controls in place. Having a compliance officer will improve and mature an organisation’s business practices.
How important is compliance for other countries where we do business, as well as South Africa?
Compliance has become significantly important all over the globe, particularly in Europe and some countries in North America that we do business with. It thus became imperative for us in Africa to follow suit.
What other pieces of legislation from other countries must also be factored in?
There are numerous laws, regulations, standards and practices with which we need to ensure compliance. However, when we speak of Data Privacy Laws, the most common ones are the European Union’s General Data Protection Regulation (GDPR), the US Privacy Act, the UK’s Data Protection Act and the Malabo Convention in Africa, to name a few.
What tools are available to assist you?
Checklists and developing numerous CRMPs - as mentioned above - will be extremely beneficial and will make conducting audits a more seamless process. Additionally, as an admitted attorney, it is important for me to keep abreast of any new developments in laws, standards and norms which affect our areas of practice, and review these to ensure that we make any necessary changes required for the business to remain compliant.
Taking relevant courses in this area of practice will ensure that I also remain current and up-to-date with all relevant compliance standards.