Skip to content
VerifyED

Legal & Compliance Verification

How to Verify a Compliance Officer Certification

Compliance officers are not licensed by state governments, but several specialized certifications signal domain expertise — particularly in healthcare, financial services, and data privacy. Here is how to verify the major ones.

· 7 min read

Quick answer

There is no single compliance officer license to verify. Identify the specific domain (healthcare, financial services, privacy, anti-money laundering), then verify the relevant credential with the issuing body: SCCE/HCCA for healthcare compliance, ACAMS for AML/financial crimes, IAPP for privacy, or ABA/CRCM for banking compliance.

Healthcare compliance credentials

The Health Care Compliance Association (HCCA) and its parent organization the Society of Corporate Compliance and Ethics (SCCE) issue the primary healthcare compliance credentials. Verify at hcca-info.org or corporatecompliance.org.

  • CHC (Certified in Healthcare Compliance): The flagship HCCA credential. Requires qualifying experience in healthcare compliance plus passage of the CHC examination. Renewal requires continuing education every two years.
  • CHPC (Certified in Healthcare Privacy Compliance): Specialty credential for HIPAA privacy and healthcare data compliance professionals.
  • CHRC (Certified in Healthcare Research Compliance): Specialty for research compliance professionals at academic medical centers and research institutions.
  • CCEP (Certified Compliance and Ethics Professional): SCCE's general compliance credential, applicable beyond healthcare.

To verify: go to hcca-info.org, navigate to the credential verification tool, and search by name or certificate number. Confirm Active status and renewal date.

Anti-money laundering and financial crimes compliance

The Association of Certified Anti-Money Laundering Specialists (ACAMS) issues the leading AML compliance credential:

  • CAMS (Certified Anti-Money Laundering Specialist): The global standard for AML compliance professionals. Required or preferred by most banks and financial institutions for BSA/AML roles. Verify at acams.org via the member directory.
  • CGSS (Certified Global Sanctions Specialist): ACAMS specialty credential for OFAC and international sanctions compliance.

CAMS requires renewal every three years through continuing education. An expired CAMS is a significant gap for AML Officer roles at regulated financial institutions — FinCEN and bank regulators expect current credentials.

Privacy compliance credentials

The International Association of Privacy Professionals (IAPP) issues the primary data privacy credentials. Verify at iapp.org.

  • CIPP/US (Certified Information Privacy Professional — United States): U.S. privacy law focus (CCPA, HIPAA, FERPA, etc.).
  • CIPP/E (CIPP — Europe): GDPR and EU data protection law focus.
  • CIPM (Certified Information Privacy Manager): Privacy program management credential.
  • CIPT (Certified Information Privacy Technologist): Privacy engineering and technical implementation credential.

IAPP credentials require annual renewal through continuing education (CPEs). For DPO (Data Protection Officer) roles, CIPP/E combined with CIPM is the typical credential stack for GDPR-regulated organizations.

Banking and regulatory compliance

The American Bankers Association (ABA) issues the CRCM (Certified Regulatory Compliance Manager) credential for bank compliance professionals. The CRCM covers consumer protection laws, fair lending, BSA, and other regulatory requirements for depository institutions.

Verify the CRCM at aba.com via the ABA Professional Certifications directory. The credential requires continuing education for renewal and is recognized by bank examiners and regulators as a competency signal for compliance officers at federally regulated banks.

FINRA Series licenses — separate from compliance certifications

Securities compliance professionals often hold FINRA Series licenses (Series 7, 24, 14, 4, etc.) in addition to compliance certifications. These are verifiable through the FINRA BrokerCheck tool at brokercheck.finra.org — enter the individual's name to see all current and lapsed FINRA licenses, registrations, and any regulatory actions.

For broker-dealer compliance roles, always verify FINRA registration separately from certification credentials. A compliance officer at a registered broker-dealer may need to be personally registered with FINRA as a principal (Series 24) or in other capacities.

Red flags

  • Claimed CHC, CAMS, CIPP, or CRCM not found in the issuing organization's verification tool
  • Expired compliance credential not disclosed during hiring
  • Domain mismatch — healthcare compliance credential presented for a financial services compliance role
  • FINRA BrokerCheck shows regulatory actions, bars, or suspensions for securities compliance roles
  • Degree from a diploma mill cited as compliance education background

Verification checklist

  • 1. Identify the compliance domain (healthcare, AML, privacy, banking, securities)
  • 2. For healthcare compliance (CHC/CHPC): verify at hcca-info.org
  • 3. For AML/financial crimes (CAMS): verify at acams.org
  • 4. For privacy (CIPP/CIPM/CIPT): verify at iapp.org
  • 5. For banking (CRCM): verify at aba.com
  • 6. For securities roles, run FINRA BrokerCheck at brokercheck.finra.org
  • 7. Verify educational background against the institution — check for diploma mill red flags

Verify compliance program accreditation

Compliance and legal studies programs vary widely in quality. Use VerifyED to confirm whether a school is regionally accredited and legitimate before relying on its credentials.

Search Schools and Accreditation →