Risk and Compliance

Given EFG Hermes’ continued expansion into both new jurisdictions and product lines, the need for sound, prudent compliance and risk policies becomes increasingly vital. In line with this growth strategy, the Risk and Compliance Department has taken material steps to manage the various rules and regulations governing new sectors and geographies, allowing us to develop solid frameworks that govern the Firm’s compliance and risk strategies in accordance with global best practices.

2018 marked another fruitful year for the department with continued efforts to further integrate active risk management and monitoring to provide independent oversight of the Firm’s control framework as the scope of its activities continue to widen. Our 32 talented and dedicated compliance officers worked diligently throughout the year to ensure that each of our business lines adhered to appropriate statutory provisions, official regulations, and internal policies. The 39-member Risk Management team also worked to ensure all operational, market, credit and liquidity risks were identified, assessed and accordingly mitigated using adequate controls. Both teams report to the Group Chief Risk & Compliance officer.

Internal Audit

The Internal Audit function covers EFG Hermes Holding in its entirety including its subsidiaries, business lines and support functions. The team is composed of twelve centralized auditors and twenty nine field auditors responsible for performing systematic reviews and periodic spot checks in line with the Audit Committee’s pre-approved strategy for the year. The Audit plan follows a risk-based approach, meaning the frequency of reviews depends on the assigned risk level for each department and the previous internal audit score (as of the last audit engagement). High and medium-risk departments are reviewed annually, while low-risk departments with an ‘effective’ rating are reviewed every other year. Through our continuous auditing efforts, IA performs follow ups on previous audit findings to ensure they have been adequately addressed and closed out. Consistent with the expansion of the Firm in different markets, IA provides a wide variety of services which includes in depth assessment of operations, adherence to regulatory requirements and monitoring of corporate governance. Additionally, the Firm’s Finance platform is fully integrated in our annual audit plan.

The Firm adopted TeamMate an internationally recognized internal audit management software with the goal of enhancing and automating the entire internal audit process. In 2018, TeamMate the Internal Audit team successfully utilized the system by executing the full audit cycle through the system, which includes Engagement Planning, Fieldwork, Automated Reminders and Follow-ups, Performance Analysis and Dashboards.

To support our ever-expanding set of financial service offerings, the Internal Audit function worked with numerous business lines as business partners throughout the year to enhance operations and ultimately build a risk and control library for the business as a whole. To support the growing operations of the Non-Banking Financial Institution (NBFI) platform, Internal Audit established reporting lines with field auditors and built a monitoring program that will serve as a framework to enhance our oversight of company operations. Every year, Internal Audit works on creating an environment that fosters continuous improvement.

2018 Highlights

  • Successful renewal of the ISO certification, further building on our success in becoming the first regional investment bank to receive ISO 22301 certification from BSI in 2016.
  • Completed GAP analysis for all networks and systems including two external systems for valU and EFG Hermes Leasing. The division is actively working to include all NBFIs in the analysis, having already completed one full cycle this year.
  • Completed the second and last phase of the Cyber Security Compromise Assessment for all EFG Hermes networks and systems with successful results.
  • Drafted a new proxy voting policy, which will be reviewed and updated as necessary to address new and evolving proxy voting issues and standards.
  • Completed audits on all the Firm’s NBFI platforms as well as frontier market operations.
  • Completed the annual update for all existing risk and compliance policies and procedures for risk and compliance.

Employee Awareness

Integral to the successful continuity of the compliance function is the effective communication of the Firm’s strategy, policies and procedures to all employees. The team continues to take part in the HR on-boarding package to orient staff on key audit, compliance, and risk issues at least once a year or on an as-needed basis if a high-risk situation arises.

The Firm, under monitoring from Compliance, continued in 2018 conducting the four mandatory training courses on Anti-Money Laundering (AML), anti-fraud, cybersecurity and the sustainability awareness course that employees must take and be evaluated on annually. In further alignment with global standards, a policy was drafted and a course was launched on the EU’s General Data Protection Regulation (GDPR) for all EFG Hermes employees. The GDPR is a European Union (EU) data protection and policy regulation framework for all individuals within the EU and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA.

Market Developments

To support the EFG Hermes’s expansion into frontier markets, the division played an active role in preparing the Firm to potentially enter the Nigerian market via the acquisition of Primera Africa, a top-ranked brokerage house in Nigeria, during the first quarter of 2019. In 2017, EFG Hermes directly entered Pakistan, Kenya, and Bangladesh while in 2018 it received regulatory approval from the FCA to operate in the United Kingdom out of its London office. In light of this, the Risk and Compliance division drafted a policy during the year to govern activities in the UK.

With the rapid expansion of the Firm’s product offerings and market presence, EFG Hermes Brokerage established a structured products desk in 2017, which has helped enhance the division’s product mix across the Firm’s footprint and enabled it to access return payoffs to meet risk requirements. In 2018, the desk expanded its product offering, and the Risk and Compliance Department was instrumental in assessing and approving these products during the pre-launch phase.

To support Securities Brokerage’s new fixed-income desk, which was established in 2018, Internal Audit set up policies and procedures to govern the desk’s activities. The division continued to make headway on expanding the Firm’s MENA presence and bolstering its standing in the region. In the UAE, the team upgraded the license for EFG Hermes UAE Limited based in the DIFC from category 3A to category 2, which allows the Firm to provide underwriting activities, expanding the scope of its activities in the UAE.


Following the successful launch of EFG Hermes’s installment sales service solution valU and the newly founded EFG Hermes Factoring, the division established a risk management framework to govern the operations of these two new business line given the nature of their client base.