INTRODUCTION
When the compliance and business functions in financial services firms forge strong partnerships, compliance can have a powerful and meaningful impact on the firm’s revenues. Ultimately, those relationships can positively impact the organization’s long-term success.
It’s not always easy, but CCOs and their teams can change how the business units and firm managers view the compliance department.
Doing so will likely be even more important in the future than it is today.
In its projections about the direction financial services regulatory compliance is heading, Deloitte posits that by 2025, compliance will “become a core component of any financial service institution’s DNA.”
Incorporating some or all of the following best practices can help you build more effective working relationships with the business.
LEARN THE BUSINESS INTIMATELY
How well do you actually understand what each business unit in your firm does? How well do other employees on the compliance team understand business responsibilities, policies, and procedures? CCOs and their teams must invest the time and effort to understand the firm’s:
- Products.
- History.
- Sales and distribution channels.
- Marketing efforts.
- Operations functions.
Compliance does not need to dictate individual business units’ policies, procedures, or controls. However, compliance is responsible for ensuring those policies and controls adequately meet the firm’s needs.
Some firms incorporate department-specific training objectives when they hire new compliance team members. This practice encourages compliance staff to sit with the business units they will interact with to get a hands-on overview of what those departments do and how they work.
At a minimum, compliance needs to have a thorough understanding and a working knowledge of what products and services the firm offers, and of each department or company unit’s responsibilities.
This foundational knowledge provides a compliance officer the ability to determine whether current efforts go far enough (or go too far) toward meeting compliance mandates. Not being able to demonstrate an understanding of the business is also a sure way to not be taken seriously, even with the best of intentions about becoming a true business partner. But, where do you start?
Ask yourself these questions:
- What units or departments does compliance partner with today? What departments should compliance partner with?
- What is the current “feedback loop” for communications with those areas of the company, and how effective is it?
- How can you build on what you learn from other departments and share information across the compliance team?
- How can you effectively connect with the business outside of compliance tasks and responsibilities?
- Use what you learn to brainstorm actionable ways to improve your team’s knowledge and understanding of the business. That, in turn, will help create a stronger bond between departments.
Bain & Company suggests that taking a “cleansheet perspective”, charting a clear compliance strategy and investment roadmap, can help firms do this.
By identifying compliance standards, developing an operating model that defines the boundaries between compliance and business units, specifying how compliance will add value, and identifying ways to integrate compliance into the business itself, firms can create a cross-functional compliance program.
BE A TRUSTED SUBJECT MATTER EXPERT
It should go without saying, but in addition to having a solid, working knowledge of your firm’s business, you also need to know compliance, at least as it pertains to the specific products and services your firm offers.
Understanding compliance requirements, inside and out, and knowing how to apply and work within the industry’s regulatory framework, will give you the credibility you need to be effective at the helm of the compliance department. Business leaders from other areas of the firm should know they can come to you with questions, and should be confident that the information you share will be accurate and reliable.
Bear in mind that compliance risk and regulations for one product line may differ from those for another product or service. In addition, each regulator has different requirements.
There can even be geographic differences in what regulators focus on. As your firm’s compliance officer, you need to understand these variations so you can help protect your firm and its key stakeholders.
FIND WAYS TO SAY “YES”
For CCOs and other compliance professionals, one of the most important ways to fight the misperception that compliance is nothing but a roadblock for sales is by demonstrating to the business that your role is integral in supporting the firm’s growth – not just protecting that growth.
Operations, sales, and other departments should not be fearful of bringing ideas to compliance for review. In fact, in successful firms, the compliance function is simply part of the process for new product and service roll-outs, marketing campaign approvals, and changes to the operations and distribution processes. CCOs and their delegates may also serve on committees or project teams with business units, further strengthening the bonds between departments. Doing so helps ensure compliance has a voice throughout the entire process while also evidencing compliance department’s commitment to the firm’s success.
Rather than finding reasons to say “no” to proposed changes, effective compliance officers look for ways to say “yes.”
Of course, compliance should never be a rubber stamp approval; doing so would likely lead to myriad compliance problems later. Often, getting to the approval stage means the business needs to adjust its plans. A successful compliance/ business partnership involves explaining why things need to change and identifying creative ways to meet the business’ ultimate goals while maintaining the firm’s compliance.
BE ENGAGED WITH SENIOR LEADERSHIP
Compliance officers will enjoy a heightened level of respect and credibility in the firm when they are viewed as part of the firm’s senior leadership. While financial services regulations do not explicitly dictate that CCOs must be on the firm’s management team, the SEC stated in the final rule release for the “compliance rule” (206(4)-7) that compliance officers “should have a position of sufficient seniority and authority within the organization to compel others to adhere to the compliance policies and procedures.”
While compliance officers do not always enjoy a seat on the company’s board of directors, they should have a regular voice in board meetings.
Compliance should have a strong, strategic voice, providing complete, thorough, and regular reports to the board on matters within the compliance department’s purview. Reports should, of course, provide any information the board requests, but there’s also an opportunity for CCOs to share the compliance department’s achievements and help strengthen the case for allocating sufficient resources to the compliance function.
CCOs in firms that have implemented effective regulatory technology (RegTech) solutions have a wealth of metrics and insights available at their fingertips. Those metrics include up-to-the-minute details about potential compliance violations, employees’ responses to acknowledgements and certifications, and activities such as political contributions and gifts and gratuities. All of this data can be parsed by individual department or unit, helping identify potential areas that require attention quickly.
Leveraging this information in reports to the board and in regular firm management meetings can position CCOs as important members of their firms’ strategic leadership teams.
CHAMPION EFFICIENT PROCESSES AND POLICIES
The relationship between the business function and compliance is also strongest in firms where the compliance department is a champion for the business, especially when it comes to individual departments’ policies and procedures.
Department- and process-specific procedures need to comply with both firms’ internal policies and with the firm’s regulatory requirements. There is a big difference, however, between policies that are written to meet the letter of the law and policies that are written to reflect the spirit of the law – those that reflect the firm’s actual practices.
Policies will be most effective when the business units responsible for carrying them out understand what the policy requires, why the requirements are stated as such, and how to effectively meet those requirements.
Evaluate compliance policies, training and communications with an eye toward achieving better understanding. Do those messages simply state the company’s policies, or do they provide context, background, and examples? Although it seems simple, putting policies, training, and communications in layman’s terms can go a long way in improving policy effectiveness.
You can also improve policy adoption rates and compliance even further when employees know where to go with questions, and feel comfortable reaching out to compliance staff for help and guidance when needed. When you have worked to develop meaningful ties between the business units and the compliance department, such requests for interpretation should happen regularly, as employees will want to understand and comply with the firm’s policies.
In firms that have implemented effective RegTech solutions, it is simple for employees to meet their requirements with just a few mouse clicks or taps on their devices’ screens.
While a seemingly simple thing, making it easier for employees to comply with policies can positively influence the way they see the compliance department as a whole.
ADVOCATE FOR APPROPRIATE SYSTEMS AND TOOLS
One of the perennial areas of friction between compliance and the business goes back to the view of compliance as a cost center rather than a revenue center, and that compliance rules and processes stifle growth, rather than stimulating it. Because of this, budgetary allocations for compliance operations can be limited. Firms are often more likely to direct budget dollars to sales, operations, marketing, and other areas that are more directly and visibly responsible for firm growth.
This can make it difficult for CCOs to feel like they can stay on top of a shifting regulatory landscape, let alone partner meaningfully with the business. A CCO faced with the mandate to do more with less at the same time the firm seeks to increase revenues can be a recipe for disaster. Enter RegTech.
Today’s RegTech solutions give compliance department leaders the capability to effectively do more with less. Some of the many ways RegTech can help bridge the gap between compliance and business functions include the following:
- Gives business leaders real-time insight into employees’ and the firm’s activities.
- Offers real-time, on-demand metrics CCOs and business department leaders can leverage as they work together to achieve the firm’s growth initiatives. As Forbes noted in a recent Forbes Insights article, “the same insights that can flag problems can also spotlight solutions.”
- Puts compliance on employees’ and managers’ screens as part of their everyday routines. In doing so, compliance becomes less of an unknown “must have” and more of a familiar part of the way the firm conducts business.
- Saves the company money. “Compliance professionals can use their technology solution to pinpoint potential problems and inform decision-makers.”
RISK MANAGEMENT GOALS DOVETAIL WITH BUSINESS PARTNERSHIP EFFORTS
At the end of the day, a CCO’s primary responsibility is to ensure the firm and its personnel comply with all applicable policies and procedures.
This mandate and the desire to build a partnership between compliance and business functions are not mutually-exclusive goals.
Building relationships and effective partnerships with the business function will be easier in some firms than others; easier in some business units and departments than others. It’s also not an overnight process. Meaningful partnerships are based on mutual trust and respect, which must be earned.
Any CCO who wants to strengthen the firm’s culture of compliance should begin by strengthening the bonds between the compliance department and other areas of the company. Taking a genuine interest in understanding the firm’s goals, adopting a realistic approach to addressing challenges faced by the business, and collaborating to find and implement solutions designed to help the firm – and its leaders – succeed, should give compliance officers a solid foundation on which to continue building.
Download “Best Practices for Partnering with the Business” for ways to build and strengthen the role of compliance at your firm including:
- Learning the business intimately
- Becoming a trusted subject matter expert
- Finding ways to say “yes”
- Becoming engaged with senior leadership
- Championing efficient process and policies
- Advocating for appropriate systems & tools