Playing by the Rules: Corporate Compliance at Binance
Main Takeaways
In the new issue of Playing by the Rules, a blog series dedicated to Binance’s compliance program, we zoom in on our Corporate Compliance team.
Binance's Corporate Compliance covers a vast range of disciplines, including regulatory exam and audit management, product compliance, third-party due diligence, monitoring and testing, risk assessment and governance, policy, and learning and development.
The Corporate Compliance team helps ensure that Binance adheres to legal and regulatory requirements in every aspect of its operations, maintains robust compliance controls, and continuously improves its processes to remain at the forefront of the industry.
Binance is a massive global organization that employs thousands of people and serves users in many jurisdictions that have varying regulatory requirements for digital assets-related activity. In order to advance the freedom of money around the world responsibly and ensure our customers’ safety, we must be certain that every internal system and business process within Binance is designed and runs in a way that is compliant with all applicable rules and regulations. Considering Binance’s size and geographical diversity, in addition to the ever-evolving regulatory and crypto landscape, there is one team that serves all compliance program pillars to design risk-based approaches and drive transparency, this is a truly colossal task. The force in charge of this essential work is our Corporate Compliance team.
The scope of the team’s functions includes regulatory exam and audit management, product compliance, third-party due diligence, quality assurance, compliance risk management and risk governance, policy and program, and learning and development. Within Corporate Compliance, there are specialized teams to handle these lines of work.
For example, the Policy & Program team maintains and regularly updates the Anti-Money Laundering and Sanctions programs that apply to Binance’s suite of global products and services. The Product Compliance team works closely with the product and tech teams to ensure that risk-based AML/Sanctions controls are embedded into each of the company’s products and services. Whatever the specific focus, each of these teams is working to ensure that appropriate compliance measures are present at every level of the organization. At the helm of our Corporate Compliance team is Kristen Hecht, Binance’s newly appointed Deputy Chief Compliance Officer and Global Money Laundering Reporting Officer.
Binance’s Approach to Compliance
At the heart of Binance’s corporate compliance program is a risk-based approach that drives and shapes our commitment to user protection and compliance culture and strategy from the top down. It starts with carefully identifying the key compliance risk management areas for Binance, the industry, and the global regulatory environment. On this foundation, our Compliance team has developed a six-step process for identifying the organization’s core risk exposures, as well as a structured methodology for risk identification, assessment, mitigation, and ongoing monitoring. Our Corporate Compliance team then puts this methodology into practice.
Appropriate risk governance and leadership also play an essential role in effective compliance risk management at Binance. There are evolving internal compliance risk-governing advisory bodies within the organization that are tasked with compliance risk management and oversight responsibilities in line with global and local compliance standard requirements.
Additionally, for all regulated entities that report directly to a local Board of Directors and their relevant sub-committees, there is enhanced risk and compliance governance to ensure that regulatory requirements are met. This structure ensures the right level of focus and emphasis on regulatory compliance and fosters efficient decision-making by the leadership team.
The implementation of the compliance risk management program across Binance relies on close collaboration between various teams, accountability, and ownership. Regional teams and business units feel empowered to identify and escalate issues using the implemented risk processes and structures, which complements our top-down approach with an important bottom-up feedback component.
Testing Compliance Controls Across the Business
An organization of Binance’s scale consists of numerous business processes that flow within and across its units and divisions and there are controls in place to ensure that each of these processes runs in accordance with all applicable rules, policies, and regulations. The job of the Quality Assurance (QA) team within the Corporate Compliance department is to conduct QA testing of these business processes and align them with Binance’s policies and local regulatory requirements. The objective of the QA framework is to periodically assess the quality and effectiveness of controls, as well as to identify deficiencies and issues.
The QA team monitors and tests compliance controls by sampling cases and checking them against a predefined test script derived from relevant policy and procedure documents. Any errors and issues identified in the course of these reviews are communicated to stakeholders and teams responsible for rectifying them and the results of these reviews are reported to the company’s management.
Through consistent and regular reviews, Corporate Compliance Quality Assurance promotes a culture of continuous improvement and helps to ensure that compliance controls are robust at different levels within the organization.
Handling Regulatory Examinations and Audits
Binance regularly undergoes external regulatory examinations and audits. Preparing for them is a collaborative process that involves stakeholders from the broader Compliance team, Internal Exam and Audit, Operations, and Legal, among others. The shared goal is to ensure that Binance’s policies, procedures, and operations meet the regulatory and legal requirements in the many jurisdictions around the world where we operate.
As the global regulatory environment and associated compliance requirements are still evolving and not yet fully formed, we work hard to ensure that we understand the changing landscape and continue to operate in a compliant manner.
In each jurisdiction, Compliance, Legal, and Operations work closely together with local experts to ensure the compliance requirements are followed and applied to the services we provide. When the time comes for a regulatory exam and audit, whether regularly scheduled or spot, the Corporate Compliance team collaborates with the relevant local teams to provide any necessary support. Many team members are former regulators and examiners themselves and can thus assist in a meaningful manner.
For regulated entities, the exam and audit process is led and managed by the local responsible persons and ultimate decision-making sits with the Board of Directors and Senior Management (including compliance and risk) located in the applicable country. Corporate Compliance is there as a shared resource to assist and support local teams through the exam and audit process.
Employee Compliance Training at Binance
The core goal of our Compliance Program is to ensure each Binance employee has sufficient awareness of compliance requirements and understands the importance of a robust company-wide compliance culture, which underpins our commitment to protect our users. We require each employee to undergo regular compliance training. Through these mandatory training programs, the Compliance Learning and Development Team promotes a culture of compliance in the organization and ensures that all employees understand and adhere to legal and regulatory requirements.
Every Binance employee must go through a series of Global compliance training modules that cover essential topics, such as anti-money laundering and counter-terrorism financing, sanctions compliance, anti-bribery and corruption, preventing market abuse and staff dealing policies. These trainings include assessments that each employee must successfully complete within a limited period of time.
In addition to mandatory training, the Compliance Training team identifies Binance's specific compliance training needs using a variety of methodologies, including surveys, interviews, knowledge evaluations, as well as monitoring relevant regulatory developments. Based on the assessment of training needs, the team creates e-learning training programs that comply with up-to-date regulatory requirements, industry best practices and the organization's policies. The team also develops advanced training programs tailored for the leadership team that focus on the compliance duties and obligations that a leader should understand.
Binance also encourages and sponsors employees to obtain globally recognized accreditations through professional organizations such as the Association of Certified Anti-Money Laundering Specialists (ACAMS) and Association of Certified Sanctions Specialists (ACSS).
The overall effectiveness of the training programs is evaluated by collecting feedback from participants and conducting assessments to measure knowledge retention and application. The results will be used to identify any gaps or areas of improvement for necessary revisions to the training materials or delivery methods.
Final Thoughts
Binance's Corporate Compliance team plays a key role in maintaining the integrity and security of the organization while ensuring adherence to applicable rules and regulations. The ever-evolving regulatory landscape for digital assets demands a comprehensive and proactive approach to compliance. By focusing on the key areas detailed above, the Corporate Compliance team fulfills our commitment to protect users according to global regulatory standards.
Further Reading
Risk Warning: Digital assets are subject to high market risk and price volatility. The value of your investment can go down or up and you may not get back the amount invested. You are solely responsible for your investment decisions and Binance is not liable for any losses you may incur. Past performance is not a reliable predictor of future performance. You should only invest in products you are familiar with and where you understand the risks. You should carefully consider your investment experience, financial situation, investment objectives and risk tolerance and consult an independent financial adviser prior to making any investment. This material should not be construed as financial advice. For more information, see our Terms of Use and Risk Warning.