Compliance Officer

Ensure that Sri Lanka's banks, insurance companies, and listed corporates comply with CBSL regulations, SEC requirements, AML/CFT laws, and corporate governance standards — protecting organisations from regulatory sanctions and reputational risk.

CompetitiveHigh demand Global career

Build My Roadmap Compare with Another Career Find Tutors for Key Subjects

Compliance officers are responsible for ensuring that an organisation complies with all applicable laws, regulations, internal policies, and ethical standards. In Sri Lanka's financial sector, the compliance function is governed by a dense and evolving regulatory framework: the Central Bank of Sri Lanka (CBSL) — which regulates licensed commercial banks, licensed specialised banks, finance companies, and payment service providers; the Insurance Regulatory Commission of Sri Lanka (IRCSL) — which regulates insurance companies; the Securities and Exchange Commission of Sri Lanka (SEC) — which regulates capital market participants, listed companies, and licensed stock brokers; and the Financial Intelligence Unit (FIU) of Sri Lanka — which supervises AML/CFT (Anti-Money Laundering / Combating the Financing of Terrorism) compliance across the financial sector. AML/CFT compliance has become the highest-priority compliance discipline in Sri Lanka, driven by the Financial Action Task Force (FATF) grey-listing of Sri Lanka in 2022 — which required Sri Lanka to demonstrate compliance with international AML/CFT standards as a condition of FATF grey list removal. Sri Lanka's exit from the FATF grey list in 2024 was a significant compliance achievement for the country's financial system, but AML/CFT compliance remains a dominant ongoing priority. The compliance function covers multiple regulatory domains in Sri Lanka banks: CBSL Banking Act compliance; CBSL Directions compliance (Foreign Exchange Act; Exchange Control Act; Know Your Customer — KYC; Customer Due Diligence — CDD); FIU AML/CFT compliance (Suspicious Transaction Reporting — STR; Currency Transaction Reporting — CTR; FATF Recommendation implementation); SEC compliance (for banks with broker and fund management subsidiaries); corporate governance compliance (Companies Act 2007; CBSL Corporate Governance Direction for Licensed Banks; IPO disclosure requirements for listed banks; Board and Board Committee governance). Outside the financial sector, the compliance function exists in any regulated industry: telecom (Telecommunications Regulatory Commission — TRC compliance); pharmaceutical (regulatory compliance with the State Pharmaceuticals Corporation — SPC); food and beverage (food safety and consumer protection regulatory compliance); and increasingly in any large corporate as part of the Enterprise Risk and Compliance (ERC) function.

What a Compliance Officer does daily

Regulatory compliance monitoring — tracking all applicable laws, regulations, and CBSL Directions; maintaining the compliance regulatory universe document; monitoring for new regulatory changes (new CBSL Directions; new SEC regulations; amendments to the Banking Act; FIU circulars); assessing the impact of regulatory changes on the organisation and directing the implementation of required changes
AML/CFT compliance management — Know Your Customer (KYC) and Customer Due Diligence (CDD) programme management; Suspicious Transaction Reporting (STR) to the FIU; Currency Transaction Reporting (CTR); sanctions screening (OFAC; UN Consolidated List; EU Consolidated List); Politically Exposed Person (PEP) screening; AML transaction monitoring system management; AML risk assessment of new products and customer types; AML training for all staff
Compliance testing and monitoring — conducting compliance reviews and testing across business units; reviewing transaction samples for regulatory compliance; assessing adherence to CBSL Directions in credit operations; checking foreign exchange transaction compliance; reporting compliance deficiencies to management and the Board Compliance Committee
Compliance training and awareness — developing and delivering compliance training programmes for all staff; ensuring staff understand AML/CFT obligations, CBSL regulatory requirements, and internal compliance policies; managing mandatory annual compliance training completion tracking
Policy and procedure management — developing and maintaining the organisation's compliance policy framework; drafting and updating AML/CFT policies, KYC policies, transaction monitoring policies, and regulatory compliance policies in response to regulatory changes
Regulatory examination management — preparing the organisation for CBSL on-site examinations; coordinating regulatory examination responses; preparing regulatory reporting submissions (CBSL compliance returns; FIU AML/CFT reporting); managing post-examination finding remediation
Corporate governance compliance — ensuring Board and Board Committee governance meets CBSL Corporate Governance Direction requirements; managing director declarations; Board composition compliance monitoring; related-party transaction compliance; Annual General Meeting (AGM) legal compliance; Companies Act 2007 compliance
Sanctions compliance — implementing and managing the organisation's sanctions screening programme; screening customer and transaction data against OFAC, UN, and EU sanctions lists; managing sanctions alerts and escalations; sanctions risk assessment for new products and geographies
Product and business activity compliance review — reviewing new products, services, and business activities for regulatory compliance before launch; ensuring regulatory approval is obtained for regulated products; assessing compliance implications of new market entry or new business model changes
Internal reporting and escalation — preparing monthly compliance reports for the Compliance Committee; quarterly compliance reports for the Board Audit and Risk Committee; escalating material compliance breaches to senior management; managing material breach regulatory notification requirements

Why this matters: Sri Lanka's FATF grey-listing in 2022 demonstrated the national consequences of inadequate AML/CFT compliance: grey-listed countries face elevated correspondent banking costs, reduced access to international payment networks, and reputational damage that affects foreign investment and trade financing. The successful exit from the FATF grey list in 2024 required years of intensive compliance system building across the entire Sri Lanka financial sector — and maintaining this compliance standard is an ongoing national priority. At the institutional level, CBSL regulatory violations can result in significant monetary penalties, licence suspension, or mandatory management changes — all of which can severely damage a bank's franchise value and depositor confidence. Compliance officers who build and maintain robust compliance frameworks protect their organisations from these existential risks. As Sri Lanka's corporate governance standards continue to improve — driven by SEC requirements for listed companies, international investor expectations, and the post-crisis focus on governance quality — compliance management is increasingly a strategic function rather than a back-office administrative role.

Step-by-Step Career Roadmap

What to do

Develop strong English reading and writing — compliance officers work extensively with regulatory documents (CBSL Directions; Banking Act provisions; FIU circulars) that require precise reading and interpretation; strong English is the foundational compliance skill
Build logical reasoning and rule-following discipline — compliance is fundamentally about understanding rules precisely and applying them consistently; those who develop disciplined, rule-oriented thinking from school are natural compliance practitioners
Read about financial crimes and regulatory stories — the news coverage of global bank AML failures (HSBC Mexico; Standard Chartered sanctions violations); Sri Lanka financial fraud cases; building the intuitive understanding of why compliance matters through real-world examples
Explore law and justice concepts — any introduction to law concepts; the Sri Lanka legal system; regulation and its purpose; building the legal and regulatory thinking foundation

Key subjects

EnglishMathematicsSocial StudiesCommerce

Skills to build

English reading and writing precisionLogical reasoningRule-based thinkingFinancial crime awareness

Suggested activities

Financial crime and regulatory news reading
Sri Lanka legal system exploration
English comprehension development
Mathematics logical problem-solving

Important notes

Compliance management is not a creative or entrepreneurial career — it is a disciplined, detail-oriented, regulatory management profession; those who need variety, autonomy, and commercial excitement in their work should consider whether compliance management aligns with their personality before committing to this path

💡 Backup / alternative options

AuditorRisk ManagerLegal career (LLB)Financial Analyst

⚠️ Important: Career paths and admission requirements change. Always verify the latest university entrance criteria, professional body requirements, and A/L subject combinations with official sources before making final decisions.