Home / Opinion / A compliance culture or function?

A compliance culture or function?

Over a dinner this week, there was a fascinating discussion about the role of compliance.

Compliance.

A culture or a function?

A view of complying and being subservient or of being proactively compliant.

Compliance as a painful enforced change or an opportunity to re-engineer and improve.

Compliance.

Threat or opportunity?

To be truthful, compliance can be all of the above or none. It is all down to attitude.

During the discussion, it reminded me a lot of the recent spat over our political affairs.

Our politicians have been caught with their hands in the till.

They haven’t been fiddling expenses as it has all been within the rules … except that this policy may be within the rules, but not within the spirit of the rules.

And this is the heart of compliance.

Interpreting rules as both the meaning and the intention.

This is why the phrase “legal but not legitimate” came up several times during the conversation on compliance.

The leverage of the bank was legal but not legitimate.

The CEO’s lack of knowledge of investment markets allowed products to be sold that were legal, but not legitimate.

The intention of best execution was to sell products that were appropriate, not high risk products that were legal but not legitimate.

And so on and so forth.

So the core of compliance is to look at the rule in both its meaning and intention, as well as its working.

This, to me, was the spirit of principles-based regulation but that’s gone away now.

The light touch approach is no longer relevant.

It’s gotta be hardline now.

But what is hardline?

The FSA define it as focusing upon outcomes-based regulation, rather than principles.

And complying with outcomes-based regulation means seeing the end-goal and working to achieve it, rather focusing upon the idea, the theory, the principle.

But whatever the approach, compliance can never really work whilst people see the ways to interpret the rules and bend them to their own way of working.

Like the politicians who can buck the system by working within the rules but not the spirit of the rules, compliance has to be more than just an idea, a theory, a principle.

It has to be a culture.

It has to be led from the top.

It has to be endemic to the whole way the institution works.

You see a business rots from the head, just as a fish does.

If the head of the business believes it is ok to buck the rules and interpret them to your own maximum advantage, then the culture of the business will be the same.

If the head of the business believes it is ok to use the expense system to line his or her pockets, then everyone who works for the business will be told this is the way to do things.

If the head of the business believes it is a good thing to leverage the bank to the hilt to gain maximum returns at maximum risk, then the rest of the business will do the same.

This came home to me when i think of our politicians, but also our banks.

For example, i worked with two banks last year that were merging.

One had a Chief Risk Officer (CRO) who made the final decision on every major investment or trade finance agreement with the bank. The CRO would be where the buck stopped and the CEO would defer to their judgement.

The other bank had a CRO who made a recommendation to the CEO on every decision of the bank, but the CEO made the decision.

The latter bank acquired the former.

The latter bank is now defunct.

It failed because the CEO was an ultimate risk-taker and, as it turns out, megalomaniac.

This is why compliance and risk need to be viewed as one and the same.

Compliance.

It is a culture, not a function.

The Finanser is sponsored by Vocalink

VocaLink_rgb_250x120

For details of sponsorship email us.

About Chris M Skinner

Chris M Skinner
Chris Skinner is best known as an independent commentator on the financial markets through his blog, the Finanser.com, as author of the bestselling book Digital Bank, and Chair of the European networking forum the Financial Services Club. He has been voted one of the most influential people in banking by The Financial Brand (as well as one of the best blogs), a FinTech Titan (Next Bank), one of the Fintech Leaders you need to follow (City AM, Deluxe and Jax Finance), as well as one of the Top 40 most influential people in financial technology by the Wall Street Journal’s Financial News. To learn more click here...

Check Also

2015: Time to Open Source Finance

Another key development of 2015 has been the open sourcing of bank services.  I’ve talked …

2 comments

  1. Great post and I couldn’t agree more. This is something we are trying to work towards by infusing collaboration into the compliance effort and instead of having a limited few handling compliance to decentralize the process across the organization and throughout the year to be continuously compliant instead of the ‘hills and valleys’ of today.
    The collaboration piece of it is no question a cultural thing and is one of the most difficult pieces of the continuous compliance process we find.

  2. Good to have this discussion. From my study on compliance in the payment industry I came to the recommendation of a ‘trust’ officer or a trust function within companies and self regulatory bodies as trust is a/the key asset in the payment, and banking, industry. Trust involves elements such as e.g. perceived risk and integrity, thus also with cultural elements. As such a compliance officer follows regulation but a trust officer will more pro-actively set up a framework of trust matching industry and regulatory compliance.

Click on a tab to select how you'd like to leave your comment

Leave a Reply

Your email address will not be published. Required fields are marked *