A Code of Practice for the Principles and Standards of Professional Behaviour for the Members of the Eurasian Compliance Association

The aim of this Code of Ethics is to support ECA members to deliver the highest professional standards in their service to their organisations.

Ethical behaviour emanates from the values, beliefs, attitudes and knowledge guiding the judgements of each practitioner. GRC and legal professionals have to make difficult decisions and complex choices daily. These range from how to communicate with internal and external stakeholders through to how to ensure the optimisation of compliant business performance in the control environment.

The ECA is committed to supporting its members to make the right choices. It is, therefore, important to set out clearly the principles that should guide the decisions of our members.

The Fourteen Principles

The ECA has arrived at fourteen core principles of professional behaviour:

  • Integrity
  • Accountability
  • Transparency
  • Probity
  • Loyalty
  • Good faith
  • Care
  • Compliance
  • Oversight
  • Leadership
  • Development
  • Impartiality
  • Proportionality
  • Sustainability

These principles underpin and enhance the existing procedures and regulations for ensuring standards of professional behaviour for Governance, Risk and Compliance professionals. This gives the GRC profession, organisations, and regulators the confidence that there is a system in place to respond appropriately if anyone believes that the expectations of the ECA’s Code of Ethics have not been met by its members. Should the ECA become aware of a violation of the Code’s principles on the part of any of its members, an investigation will be made. And, if the investigation’s outcome corroborates that a member breached the Code, a disciplinary hearing will be set, giving the member the opportunity to defend their position against possible withdrawal of membership. The ECA reserves the right to make the withdrawal of membership public.

The fourteen core principles should also underpin every decision and action across all control environments. They are meant to be used by ECA members in their day-to-day compliance operations and in their dealings. Indeed, these principles must be more than “words” on a “page” and must thus be embedded in the way GRC professionals think, behave, operate and comply daily.

The Code

ECA Members are expected to endeavour all their efforts to apply the ECA Code at all times.

ECA members are expected to uphold the fourteen core principles of professional conduct. ECA Code compliant professional conduct will be evidenced by a combination of the following behaviours:

GRC and legal professionals must:

  1. Understand the principles, standards and rules of national, regional and international regulation in their capacity as approved persons by regulators to do one or more activities – ‘controlled functions’ for an authorised organisation.
  2. Meet the requirements of the ‘fit and proper’ test and follow its guiding principles continuously.
  3. Comply with the Statements of Principle and Code of Practice of the jurisdiction(s) in which they are authorised to operate.
  4. Report timely and accurately anything that could affect their ongoing stability and the regulatory and operational reputation of their organisation to their regulators and to the competent department of their authorised organisation.
  5. Promote and enhance the compliance culture within their organisation at all times and foster the “Comply or Explain” principle enterprise-wide.
  6. Make difficult decisions with independence of thought, sound judgement and operational discipline.
  7. Manage conflict of interests and mitigate risk.
  8. Handle properly confidential and sensitive information and align with the organisation’s business strategy and risk management policy (risk framework, IT business risk, risk controls, risk management system, risk monitoring, risk communication and risk planning).
  9. Act proactively at all times and ensure that their colleagues truly understand, appreciate and conform with regulatory objectives through auditable trails in the control environment.
  10. Deal effectively with uncomfortable and challenging situations and escalate reporting procedures transparently, timely, and accurately when necessary.
  11. Put customers’ interests first at all times and deliver the highest possible quality of services to them without compromising the delivery of robust risk management practices including third party risk management.
  12. Communicate effectively and regularly with the Board of Directors and/or the competent Committee as the case may be.
  13. Participate meaningfully and regularly in GRC planning meetings.
  14. Participate regularly in professional trainings, conferences and seminars and pursue with dedication their continuous professional development plan.
  15. Contribute to the training and development of other colleagues.