Task-specific procedures and internal controls that ensure that transactions are conducted and recorded in compliance with legal obligations and elective values.


Supervising the day-to-day or week-to-week functioning of your compliance systems to assure real time execution in accordance with your program standards; and conducting due diligence of counter-parties responsible for outsourced operations.


Assessing risk implications of business activities or plans, as well as, periodic review of system records and operations to identify transactional violations and compliance program deficiencies.


Arrangement of responsibility, authority and reporting that provides direction to staff for implementing institution compliance policy and apprises senior management and the directors about compliance program performance.


Process of remedying regulatory violations, responding to customer feedback, amending procedures and controls, correcting internal oversight deficiencies and implementing policy and system revisions or updates.


Communicating compliance policies, procedures, directives, regulatory requirements, product information and service goals, including maintaining staff expertise.

Predicated on the United States Sentencing Guidelines for Organizations, this spelling of compliance provides an accessible framework for designing your compliance management program.


The SMAART Triangle


Taking pains to craft the six building blocks of the Working SMAART framework is only the first step to creating a comprehensive compliance management program. How you put these blocks together is what shapes your program’s particular features.

The foundation of your program determines your compliance culture. Systems and Training are the fundamental blocks upon which that culture is constructed. Systems define your compliance core values and the manner by which they are pursued. Training conveys these values to staff, managers and directors and perpetuates the message during changing times. Systems and Training form the base of the SMAART Triangle.

Layered above the compliance culture foundation are the blocks of Monitoring and Response. These two components work together to provide the dynamic adjustment of your compliance program to the institution’s interaction with its business environment. Monitoring assures that systems are applied effectively to deliver your products, services or transactions in a compliant manner. Response reacts to transactional deviations, programmatic weaknesses and strategic changes by generating a feedback loop that modifies Systems and Training to keep pace with market circumstances.

Atop the SMAART Triangle sit the twin peaks of Assessment and Accountability. These two capstones marry oversight and governance to assure that compliance core values are achieved and that the organization is answerable for its record of performance.

Our construction of the SMAART Triangle is not complete without recognizing two more unifying concepts that help bind these elements into a single compliance whole. First, the S-M-A slope of the triangle corresponds to the unifying concept of “controls,” as in internal controls. The SMAART framework is ultimately a structure for risk management and no risk management system functions without internal controls. Systems, Monitoring and Assessment are the control elements of the SMAART compliance risk management methodology.

Second, the A-R-T slope of the triangle is bound together by the key concept of “communication,” as in effective internal communication—without which an organization cannot long survive. The Accountability, Response and Training elements of SMAART are interwoven as a network of constant information exchange that reinforces the compliance lessons learned in an ever-changing market environment. The communication flows occur both up and down the organization as depicted by the A-R-T slope of the SMAART Triangle.

As with any useful acronym, there is as much importance in the content of the separate letters as there is in the way they are combined. The Triangle is ultimately a vehicle for conveying the content and the inter-relation of the SMAART components. It provides a structure beyond the acronym’s spelling that sets forth affinities across the six components that should help you guide your institution’s adoption of Working SMAART as the path for building your compliance controls, communication and culture.