Interview with Nisrine Sayah

We interview Nisrine Sayah, Director of Operations and Compliance and Internal Control Officer at A Plus Finance.

DEALCOCKPIT: Can you introduce yourself?

Nisrine Sayah: I am Nisrine Sayah, Director of Operations at A Plus Finance. I joined A Plus Finance in 2014 as Compliance and Internal Control Officer and took over as General Secretary in 2016. My responsibilities quickly grew, encompassing a broader spectrum and a more transversal vision of the investment firm's activities. As of 2023, I am Director of Operations, having also taken over the financial management of the company. As Director of Operations, my duties include compliance, internal control, human resources, financial management, and all transversal aspects of the company’s activity.
A Plus Finance is an investment management firm founded in 1998, and a recognised actor in investment financing of societal and environmental impact with 2 main and complementary areas of activity, Real Estate Investments and Private Equity.

DC: What is the role of a Compliance and Internal Control Officer?

Nisrine S.: The role of RCCI is first and foremost an independent regulatory function, subject to a professional licence issued by the AMF (Financial Markets Authority).
The main role of an RCCI is to ensure that the investment company complies with its programme of operations, to ensure compliance with the authorisations issued by the AMF, and to ensure that all activities and operations are carried out in compliance with the applicable laws and regulations, as well as with professional guidelines and internal procedures.
The Compliance Officer also has a training, information and advisory role vis-à-vis senior management and employees.
In large organisations, these responsibilities are entrusted to compliance and internal control teams; in smaller companies, the responsibility lies with the Compliance and Internal Control Officer.
The RCCI therefore identifies the applicable rules, in accordance with the legislation and regulations to which the management company is subject, implements internal procedures to ensure compliance and assesses the risks of non-compliance and the possible penalties incurred by the company in the event of non-compliance.
The RCCI also has a 2nd level control role in order to identify any breaches and draw up recommendations to improve processes.
It's an essential cross-functional job, often overlooked because the absence of any notable events is a sign that things are running smoothly. Collaboration with other teams is crucial, particularly with asset funders (sales teams), asset managers (management teams) and asset servicing (middle and back-office teams). Asset servicing is the support function that guarantees the first-level compliance of activities, making it possible to meet the requirements of internal controls (Compliance Officer) and external controls (statutory auditors, custodians, and regulatory authorities).

DC: The role of the Compliance and Internal Control Officer is far more than a mere support function. Would you consider it the cornerstone of all investment funds?

Nisrine S.: When a financial management company applies to the AMF for authorisation to become an asset management company, it must at least have a governance structure, a management team and a Compliance and Internal Control Officer.
The work of the RCCI is intended to be collaborative, an essential partner in the success of projects, involving close cooperation with teams. The RCCI plays a crucial role in supporting and advising the teams, and has a very broad remit. He is also the correspondent for the supervisory authorities. Versatility and the ability to propose solutions are crucial skills in this day-to-day role.
The RCCI draws up a control plan enabling it to assess the operational, reputational, sanction, conflict of interest and regulatory risks (legislative, regulatory and internal).

DC: Can you illustrate the specific domains in which your company chooses to invest?

Nisrine S.: A Plus Finance was founded in 1998, initially as a private equity business, investing through public funds that offered tax advantages on income or wealth tax (ISF at the time). Initially, our clients were mainly non-professionals.
Since 2012, the management company has developed a property management business. Since then, we have considerably expanded both our Real Estate business and our Private Equity business, through the management of professional funds. Today, we manage a portfolio of over one billion assets. Despite our relatively small staff of just under 25, we have succeeded in reaching a predominantly institutional client base, representing over 85% of our total client base.
Over these 25 years, our business has evolved considerably, and naturally the compliance and internal control function has followed and accompanied this transformation.

DC: What are the key criteria driving these investment decisions?

Nisrine S.: There are many criteria. First of all, we examine the investment targets in terms of their conformity with the investment strategy of the fund(s) concerned.
In-depth due diligence is carried out by the management teams to validate the investment thesis, and the file is submitted to an investment committee. All members with voting rights, including the company's managers, may then vote. The RCCI is a member of the investment committees with a right of veto, enabling him to validate compliance with the strategy defined for each target fund and to ensure compliance with regulations.

DC: Regulations are often perceived as constraints. How do you manage to align business and compliance if and when decisions diverge?

Nisrine S.: Management companies are regulated entities, and regulation is not an obstacle to business. We must therefore comply with French regulations, but also with European regulations, with decrees derived from the latter and transposed in France. Faced with these multiple regulatory and organisational requirements, it is imperative to work together and put in place internal procedures as well as 1st, 2nd and even 3rd level controls with the help of partners in charge of periodic controls.

DC: How do you implement strategies to anticipate and manage the potential risks associated with your company's investments?

Nisrine S.: Firstly, it requires a sound knowledge of the regulations and the risks associated with the company's activities. This enables internal procedures to be formalised and a reliable and exhaustive control plan to be put in place, covering all the activities carried out, the transactions carried out, the funds managed and the employees involved. The Compliance Officer carries out second-level controls to check that the regulations applicable to a transaction are being complied with, that the management company's internal procedures are being followed, and that the first-level control has been carried out in a satisfactory manner. When processes evolve, procedures and control plans must adapt. Where a risk is identified by a control, measures should be put in place to mitigate that risk, resulting in a lower level of net risk.
It is crucial to keep abreast of market developments, legislation, and regulations, and to constantly adjust procedures and controls to provide the most informed advice possible. Ongoing collaboration with teams and constant adaptation are the keys to anticipating and effectively managing potential risks.

DC: When a risk is identified, how do you manage it?

Nisrine S.: That depends on the context of the operation. The approach is generally to introduce new processes and additional controls to reduce the level of risk. If, despite these measures, the risk is still deemed too high, the decision may be taken not to proceed with the operation.
This approach may seem simple, and in fact it is. Either we manage to mitigate the risk by adapting our internal processes, or the risk remains too high, in which case the company decides not to proceed with the operation, be it an investment, a new client or a partnership. In all cases, the priority is to protect the company's interests by avoiding excessive risks, and the decision not to proceed with a transaction may be the best option in these circumstances.

DC: How do you deal with incidents of non-compliance when they occur?

Nisrine S.: As with the risks, the seriousness of the situation can vary from low to high. When a transaction is not compliant, this simply indicates that the transaction in question, examined by the Level 1 controllers and/or the Compliance Officer, has not been deemed satisfactory.
Recommendations are issued for each level of non-satisfaction, which are then passed on to the team to for resolution. The identified error is corrected, and if all the recommendations have been followed, the next inspection is deemed satisfactory, and the compliance status is restored. This is a continuous process of improvement and correction to ensure that operations comply with current standards and regulations.
By reacting quickly to incidents of non-compliance, by rectifying errors and implementing recommendations, the company can maintain a high level of compliance in its operations.

DC: What IT systems do you use to facilitate this internal control process within your organisation?

Nisrine S.: We do not have any specific software or tool dedicated to internal control. However, we generally use the tools provided at team level. For example, if a CRM system or a dealflow monitoring tool is used, the Compliance Officer will have access to this system to carry out their investigations. When specific tools are put in place, the Compliance Officer is also responsible for adding specific checks to his control plan to assess how they are used, how often they are updated, how they are monitored, etc. Sometimes, external service providers offer tools as part of third-level controls, allowing an external view with a level of control above that of the Compliance Officer. These providers can bring a broader external perspective, with in-depth knowledge of practices in the investment management industry.
External service providers also play a crucial role in providing regulatory, legal and other monitoring services. They are able to share information on market best practices and provide advice on how to improve internal processes. These partnerships contribute to our regulatory and legal surveillance, which is essential in a sector as fast-paced as ours.

DC: As far as Data Rooms are concerned, you place your trust in DealCockpit and we thank you for it. This is not always common practice in investment funds. How is DealCockpit different from other tools?

Nisrine S.: The key difference that led us to choose DealCockpit is that the tool is French. This is an essential factor for us, as it guarantees a high level of security, which is crucial when critical and confidential information is shared as part of fundraising. The security of Data Rooms is an essential aspect, and numerous investors for whom we open these Data Rooms are very attentive to the quality and security of these tools. DealCockpit offers renowned security, which is particularly important when dealing with institutional investors such as banks or insurance companies.

DC: Thank you for the feedback. Lastly, do you have any advice on optimising internal processes for investment funds?

Nisrine S.: It is essential for the governance of investment funds to attach sufficient importance to the role of the Compliance and Internal Control Officer. This position should be promoted within the structures, and represented in management or executive committees.
This allows the Compliance Officer to be sufficiently informed and implicated in strategic decisions in order to provide a better support to the organisation.
To conclude in a more global sense, the administrative and control functions, which are not necessarily talked about, are the cornerstone of any activity, ensuring the smooth running of the whole structure. Adequately valuing these functions not only strengthens internal cohesion, but also contributes to the overall maturity and efficiency of the company. Seamless communication between all the parties involved, including the administrative and management teams, is crucial if all the chains are to be properly interwoven and function harmoniously.
By recognising the value of these functions, we can avoid frequent staff turnover, which can lead to a loss of maturity within teams, a reduction in speed of execution and less overall cohesion. This holistic vision of the company, in which each function plays a valuable role, is necessary to guarantee long-term success and growth.