Compliance Policy

Sterling is a well run business with a strong culture of compliance and a mature approach to GRC led from the top down. Sterling is governed by a board of directors, including two Non-Executive Directors, with deep experience of governance and risk best practice. Sterling has an established risk register to form the basis of the risk assessment process.

Leadership-endorsed risk management fosters a responsible corporate culture to GRC Risk assessment forms the basis for effective internal controls and compliance program. Our approach involves:

  • Documented policies, guidelines and procedures ensure protocols are followed and enforced
  • Structured dissemination of laws, regulations, corporate policies and prohibited conduct
  • Well-defined monitoring, auditing and reporting with commitment to remediation
  • All identified risks are graded based on risk type, impact and likelihood of occurrence
  • Changes to policies and internal controls are actioned via the risk register
  • Risk register is reviewed during monthly board and management meetings
  • Full range of policies to ensure internal staff aware of requirements
  • Policies and procedures are reviewed annually and updated based on regulatory and market changes
  • All new staff inducted and trained on key policies
  • Existing staff retrained as policies change / at regular intervals
  • Sterling Partners managed through on-going Accreditation process
  • Internal and external training to ensure policies are understood and followed
  • Use both face-to-face and e-learning training as appropriate
  • Training officer responsible for roll out and tracking of results
  • Recently rolled out Cyber Security and Data Protection training to ensure market best practice
  • Risk register and compliance is reviewed and updated during monthly board and management meetings
  • Regular audits are conducted on partners as part of Partner Accreditation to ensure partner compliance
  • Compliance officer leads regular and random internal audits
  • CEO takes responsibility for addressing identified issues with Board oversight.