What's changing
Labuan FSA has refreshed its expectations for the compliance function within licensed entities. The guidelines reinforce the independence, authority, and reporting lines of the compliance function — and set a transitional period for entities to align.
The four-eye policy
A central principle is the four-eye policy — key decisions and approvals should not rest with a single individual. Segregation of duties ensures that material actions are subject to a second, independent check.
- No single person controls a key process end-to-end
- Material approvals require a second authorised reviewer
- Clear segregation between operational and oversight roles
Independent reporting lines
The compliance function must have a direct, independent reporting line to the Board (or a Board committee), free from undue influence by the business lines it oversees.
- Compliance reports directly to the Board or a Board committee
- Adequate authority, resources, and access to information
- Independence from the revenue-generating functions
What entities should do now
- 1Review your current compliance-function structure and reporting lines
- 2Assess where the four-eye principle is not yet enforced
- 3Document segregation of duties for key processes
- 4Confirm the compliance officer's authority and Board access
- 5Close any gaps ahead of the July 2026 deadline
Frequently asked questions
In conclusion
The refreshed guidelines raise the bar on compliance-function independence and segregation of duties. Reviewing your structure now — and closing gaps before July 2026 — keeps you ahead of supervisory expectations.
Ready for the new compliance-function rules?
We review your compliance structure and reporting lines against the latest LFSA guidelines.