When TD Bank agreed to pay $3 billion in penalties last year, the headlines focused on the usual suspects: rogue traders, overwhelmed compliance teams and outdated monitoring systems. But buried in the forensic details of $670 million in laundered drug money lies a more uncomfortable truth. The people who should have been watching the watchers were nowhere to be found. Or perhaps more accurately, they were there all along, quietly maintaining the very systems that failed to sound the alarm.
This is the paradox of the company secretary in modern financial crime prevention. They are simultaneously invisible and indispensable, functioning as the organisational equivalent of the cardiovascular system. When it works, no one notices. When it fails, everything else stops functioning. Yet unlike compliance officers or risk managers, company secretaries operate in a curious blind spot of regulatory scrutiny, wielding significant influence over the very governance structures that either catch financial crime or enable it to flourish.
What went wrong: The governance gaps behind global penalties
The recent wave of global AML enforcement reveals governance ecosystems where critical information disappears into institutional limbo and accountability becomes so diffused that it effectively vanishes. While company secretaries are rarely mentioned in regulatory reports, their role in board reporting and policy oversight places them at the heart of these failures or their prevention.
TD Bank: $3 billion fine
The bank ignored thousands of alerts and failed to file suspicious activity reports on over $670 million in flagged transactions linked to drug trafficking. This was not a system breakdown. It was wilful blindness with multiple layers of plausible deniability. Who was ensuring compliance concerns reached the boardroom? Who maintained the audit trail? When governance structures fail this completely, the fingerprints of company secretarial oversight are everywhere, even if never explicitly identified.
Nordea Bank: $35 million fine
Between 2008 and 2019, Nordea allowed high-risk Russian and Azerbaijani transactions to pass without scrutiny. This represents eleven years of slow institutional decay. How does an institution maintain such fundamental misalignment between risk and resources for over a decade without governance noticing? The answer lies in degraded information flows, documentation standards and escalation protocols, all areas where company secretaries serve as institutional guardians.
Starling Bank: £29 million fine
Rapid growth outpaced compliance infrastructure, creating dangerous gaps between operational reality and governance oversight. The most successful company secretaries understand they must be both growth enablers and growth governors, helping organisations move fast while ensuring speed does not compromise the systems that prevent regulatory catastrophe.
South Africa’s moment of truth
South Africa’s FATF grey-listing in 2023 created a natural experiment in governance under pressure. Unlike international counterparts who faced penalties after the fact, South African institutions now operate in anticipatory compliance, knowing every governance gap could determine whether the country exits the grey list or sinks deeper into regulatory purgatory.
The country has addressed 16 of 22 FATF action items by 2024, but regulatory pressure remains intense. Recent guidance, including SARB’s Guidance Note 5 of 2024, has raised expectations for governance and record-keeping to international standards. South African banks have not faced billion-dollar fines yet, but legacy systems and unclear accountability structures pose existential risks.
This context transforms the company secretary from a supporting player to a strategic asset. When transparency becomes national economic necessity, their role in maintaining institutional memory and ensuring information flows becomes a competitive advantage.
The invisible infrastructure of integrity
Modern company secretaries possess comprehensive organisational views that make them uniquely positioned to prevent institutional failures. They maintain beneficial ownership registers, ensure CIPC reporting compliance and support board education on regulatory obligations. But their strategic value lies in translating complex requirements into actionable governance frameworks.
Consider institutional memory in financial crime prevention. When suspicious transactions are flagged, who ensures decision-making is documented? When compliance concerns arise, who maintains audit trails connecting operational warnings to board responses? These are not glamorous responsibilities, but they form the connective tissue of effective governance.
Company secretaries operate in the institutional background, managing systems that enable transparency and accountability. When these work, credit goes to compliance or risk management. When they fail, blame rarely traces back to company secretarial oversight. This creates dangerous dynamics, where significant influence over governance outcomes exists without corresponding recognition or accountability.
The most perceptive company secretaries understand this paradox and use it strategically, focusing on creating frameworks that function smoothly under normal circumstances and remain robust under stress. But when governance failures occur, the lack of explicit accountability creates blind spots that can be exploited.
Four actions to strengthen the gatekeepers
To transform company secretaries from governance supporters into integrity sentinels, organisations need to move beyond traditional role definitions. Four strategic actions can strengthen their role in financial crime prevention:
1. Specialised AML training beyond compliance
Company secretaries require education that helps them understand how governance failures enable financial crime. Training should cover organisational dynamics that lead to institutional blindness; documentation standards that support oversight and escalation protocols ensure board visibility of emergent risks.
2. Documentation systems that create institutional memory
Effective governance requires systems connecting information across functions and time. Company secretaries should champion integrated platforms linking board decisions to operational outcomes, creating institutional memory that enables organisational learning rather than repetitive failure.
3. Governance-compliance integration
The most dangerous failures occur at functional intersections. Company secretaries can bridge these gaps through shared reporting systems, cross-functional committees and integrated escalation protocols, serving as connective tissue to ensure critical information reaches the right people at the right time.
4. Escalation protocols for timely response
Sophisticated governance systems are worthless without quick response capabilities. Company secretaries should design and monitor protocols, ensuring time-sensitive information reaches decision-makers with sufficient urgency, understanding both formal reporting lines and informal dynamics that accelerate or delay response.
The quiet line of defence can no longer be silent
The most effective company secretaries understand something that has escaped attention at TD Bank, Nordea and Starling: governance is not a filing system but rather an early warning system. Early warning systems only work when someone is listening.
As South Africa navigates off the FATF grey list, the question is not whether company secretaries will play a role in financial crime prevention (they already do). The question is whether organisations will recognise this role before it is too late or join the growing list of institutions that discovered governance value only after paying for its absence.
The paradox of the company secretary, simultaneously invisible and indispensable, is becoming untenable. As regulatory scrutiny intensifies and the costs of governance failure rise, organisations can no longer treat governance as a back-office function or company secretaries as administrative support.
The institutions that thrive will recognise company secretaries as strategic assets in fighting financial crime, guardians of institutional integrity and the quiet line of defence keeping organisations functioning when everything else fails. They are not on compliance sidelines but rather at the centre of organisational resilience, quietly holding the system together.
But in a world where governance failures result in billion-dollar penalties and national economic consequences, quiet competence is no longer enough. The time has come for this quiet line of defence to speak up, step forward and claim its rightful place at the centre of institutional integrity.
Issued by the Chartered Governance Institute of Southern Africa
