Overview

The Certified Compliance Officer (CCO®) certification, issued by the International Security Certification Board (ISCB®), is an ANAB-accredited program under the ISO/IEC 17024 framework. This credential validates the competence of professionals responsible for implementing, managing, and monitoring organizational compliance programs, with a strong focus on anti-money laundering (AML), anti-corruption, corporate ethics, transparency, and data privacy.

The CCO® is internationally recognized as the standard for compliance professionals. Holding this certification demonstrates that the certificant meets rigorous global requirements for education, training, supervised practice, and adherence to ISCB’s Code of Ethics.

 

Eligibility Requirements

To qualify for CCO® certification, candidates must meet the following requirements:

  • Education: A bachelor’s degree in Law, Business Administration, Accounting, Engineering, or a related field; or a minimum of 2 years of professional experience as a Compliance Officer.

  • Training: At least 80 hours of sector-specific compliance training, plus 16 hours of ISO 19011:2018 auditing principles and techniques.

  • Professional Knowledge: Understanding of international compliance frameworks such as ISO 37301:2021, FATF 40 Recommendations, and applicable national regulations.

  • Professional Conduct: Commitment to the ISCB® Code of Ethics and professional responsibility standards.

 

Body of Knowledge (BoK)

The CCO® certification program is structured around four integrated competency frameworks:

Compliance

  • Foundations of compliance and ethics: governance, compliance culture, and codes of conduct.

  • Compliance program design and implementation: policies, internal controls, and monitoring mechanisms.

  • Communication and training strategies for staff awareness.

Accountability

  • Legal and regulatory frameworks: national and international obligations.

  • Reporting and documentation for senior management and regulators.

  • Auditing and monitoring: application of ISO 19011:2018, audit planning, execution, and reporting.

Privacy

  • Data privacy and information security: GDPR principles, organizational data governance, and protection frameworks.

Anti-Corruption / AML

  • Anti-money laundering (AML) and counter-terrorist financing (CTF): FATF Recommendations, risk-based approaches, customer due diligence, and suspicious transaction reporting.

  • Risk management: identifying, assessing, and mitigating compliance risks.

  • Investigations and enforcement: conducting internal investigations, applying corrective measures, and coordinating with regulators.

 

Expanded Domains: ISCB CAPA Framework®

The CAPA Framework® provides a more detailed structure of the Body of Knowledge, breaking down the four competency areas into 10 specific domains. Each domain contributes to the exam with a specific weight percentage:

  1. Legal & Regulatory Frameworks (15%) – National and international compliance obligations, sector regulations.

  2. Compliance Management Systems (12%) – Governance, program design, monitoring mechanisms.

  3. Functions of the Compliance Officer (8%) – Roles, responsibilities, reporting lines, organizational independence.

  4. AML/CFT and Anti-Corruption Programs (20%) – FATF standards, suspicious activity reports, KYC/CDD processes.

  5. Risk-Based Approach & Assessment (18%) – Identifying, assessing, mitigating, and monitoring risks.

  6. Data Privacy & Information Security (10%) – GDPR, ISO 27001, national data protection frameworks.

  7. Compliance Auditing & Monitoring (6%) – Audit planning, execution, ISO 19011 principles, continuous monitoring.

  8. Ethics & Corporate Governance (5%) – Decision-making, professional responsibility, ethical dilemmas.

  9. Technology in Compliance (3%) – RegTech solutions, data analytics, automated monitoring, AI in compliance.

  10. Investigations & Enforcement (3%) – Conducting investigations, corrective actions, coordination with regulators.

This detailed framework provides the foundation for both the theoretical and practical examinations, and in some jurisdictions (e.g., Colombia) candidates must demonstrate 100% competency across all domains to achieve certification.

 

Examination Format

The CCO® examination consists of both theoretical and practical components:

  • Delivery: Secure testing centers or remote proctoring systems (SMOWL).

  • Format: Multiple-choice exam with scenario-based questions and a practical case-study component.

  • Questions: 100 scored items (50 theory + 50 practical case-based questions).

  • Duration: 2 hours (theoretical) and 2 hours (practical).

  • Passing Score: Minimum of 80% internationally; 100% competency model applied in certain jurisdictions such as Colombia.

  • Languages Available: English and Spanish.

The practical component focuses on case resolution, drafting compliance reports, applying regulatory frameworks, and demonstrating risk-based approaches to AML/CTF and auditing.

 

Certification Validity and Renewal

  • Validity: 2 years from the date of issuance.

  • Recertification: Requires proof of 30 Continuing Professional Education (CPE) hours per cycle.

  • Renewal Process: Submission of recertification form, supporting documentation, and fee payment at least 60 days before expiration.

Failure to meet recertification requirements results in suspension and eventual revocation of the credential.

 

Rights and Responsibilities

Certified CCO® professionals:

Rights:

  • International recognition as a certified compliance professional.

  • Inclusion in the ISCB® Public Registry of Certified Professionals.

  • Authorization to use the CCO® designation in professional documents.

Responsibilities:

  • Maintain compliance with ISCB® ethics and standards.

  • Complete CPE requirements for recertification.

  • Notify ISCB® of any changes that may affect certification status.

  • Cooperate with ISCB® audits or investigations.

 

Why Choose CCO® Certification?

The CCO® certification provides:

  • Global recognition under an ANAB-accredited program.

  • Career advancement in compliance, AML/CTF, and corporate governance roles.

  • Professional credibility in regulatory environments.

  • Access to ISCB’s professional network and continuing education resources.

  • A structured process ensuring ongoing competence in compliance management.

 

Verification

All certificants are listed in the official ISCB® Public Registry, available through verification.ecertify.org. Employers, clients, and regulators can verify credentials directly.

 

Apply Now

Interested in becoming a Certified Compliance Officer (CCO®)?

  • Submit your application through the ISCB Certification Portal.

  • Ensure all required documents (training hours, supervised practice, ID, and payment) are included.

  • Applications must be submitted 60 days prior to the desired exam date.

 

This certification program is governed by ISCB® under ISO/IEC 17024:2012 accreditation by ANAB. Certification decisions are impartial, transparent, and based solely on demonstrated competence.