Editorial Note: At ComplySci, we understand the tremendous value compliance professionals can gain from networking and learning directly from their peers. For the CCO Spotlight blog series, we are sitting down for candid conversations with Chief Compliance Officers from some of the firms we work with. This blog series will share those CCOs’ thoughts, ideas, and best practices for compliance programs with our readers. The views expressed in this blog post are the CCO’s own views and do not necessary reflect the views of their firms.
For this installment of our CCO Spotlight series, ComplySci’s President, Amy Kadomatsu, interviewed Murray Markowitz, Chief Compliance Officer for Kroll Bond Rating Agency (Kroll), a global full-service rating agency with more than 370 employees and more than 35,000 ratings issued as of November 2019.
Amy: Murray, thanks so much for joining us! I’d Love to hear more about you and your background. Can you tell us a little bit about your path to becoming a CCO?
Murray: Sure! Like so many people in my generation, I knew from a young age that I wanted to be CCO of a bond rating agency… In all seriousness though, I went to law school right after college. After earning my law degree, I was in private practice for ten years where I focused on corporate transactions law, structured finance law, secured financing, and venture capital matters. I got to a point where I wanted to do something different, wanted to use analytical skills that I didn’t get to use in my practice.
I wound up getting a job rating structured finance transactions as a bond rating analyst at Moody’s Investors Service. When the financial crisis hit a few years later, the organization focused its efforts on building up its compliance function. With my background and experience, I was identified as someone who could be helpful in those efforts to strengthen the compliance department. We did a lot of work, introduced a variety of new policies and procedures, and ultimately built what I think was a formidable compliance department. Finally, I was recruited five and a half years ago to become the CCO at Kroll, which is the largest bond rating agency in the U.S. that was established after the financial crisis.
Amy: The CCO role is a complex and evolving one, combining compliance oversight, legal acumen, being a strategic business partner, understanding big data analytics, as well as being a culture-carrier for the firm. How do you balance all of these in your day-to-day work?
Murray: First, you have to understand who your audience is at any given moment. This is critical when you’re dealing with senior management and business line leaders. CCOs must understand not only the business the company is in today, but also the businesses the company plans to get into in the future. Taking this approach helps you build relationships with people throughout the company while also helping the organization understand potential compliance requirements so that it can plan out controls before jumping into a new business.
Of course, individual employees are looking to the compliance department for meaningful guidance on the spot, not a lesson on strategic planning. So, CCOs also need to be effective in getting their messages across and tailoring the message to the audience. My team and I work hard to make sure people understand what we’re trying to tell them, and we adjust our messaging and communications when we have concerns that something is getting lost in translation.
Amy: What would you describe as your superpower? In other words, what has made you uniquely successful in your role as CCO for Kroll?
Murray: One of the things that’s really been helpful to me is that I think I’m quick when it comes to pattern recognition. I can look at things and point out to people that what we’re seeing is analogous to something else, so we can get to the main point more quickly and separate the other things.
Another important super power is that I believe it’s better to listen first instead of simply talking right away. Doing so allows you to hear what other people with different perspectives are saying. You may come away from a conversation or meeting thinking the thing you went into the discussion is no longer true. That doesn’t happen unless you are receptive to what other people have to say.
I also think it’s important to build relationships and trust by being approachable, but also by being tough when it’s necessary. You cannot do this job effectively by keeping everyone at a distance.
Amy: Since you started at Kroll, you’ve been at the forefront of transforming the compliance function there. Can you tell us a little more about what you’ve done to create a “culture of compliance” at the firm?
Murray: I’ve been very lucky that at Kroll, the firm’s founding was grounded in the belief that industry ethical standards needed to be higher than they’d been in the past. In other words, ethics were built right into the company from the start. I firmly believe that you cannot only have the compliance department being responsible for the firm’s compliance. Tone from the top is important. But when the messaging from the top is that compliance is important, but the attitude and actions of the company’s leaders convey something different, employees will pick up on that quickly. I’m very grateful that’s not a problem at my firm. At Kroll, senior management and the board of directors know that reputation is everything and that ethics are central to maintaining reputation.
One of the other things I feel fortunate about is that our company’s analysts are highly skilled professionals. This makes it easier to get the compliance messaging across. I have a receptive audience and sympathetic leadership, so I never feel that I’m working at cross-purposes with the organization.
Amy: What are some of the trends you see transforming your role?
Murray: One interesting trend is this emphasis on compliance as a sort of guardian of the company’s culture. I do question whether the compliance department, which is a policing function, is the right place for that responsibility. Should compliance play a role? Definitely. But there are also other parties who should be involved in maintaining the culture of the organization. Compliance should be partnering and functioning in concert with other departments like Human Resources, as well as with individual business lines.
Amy: What do you think about technology innovation and transformation? Do you think that makes a CCO’s job easier or more complicated?
Murray: I think there is definitely a need, and an opportunity, for compliance professionals to take greater advantage of technological solutions and to use available data. There’s no question in my mind that data can be extremely valuable. Technology solutions can also help with things like pattern recognition. However, we tend to gather more information than we need and sometimes we don’t know what to do with it.
We need to view data output with a critical eye; we sometimes get a lot of “noise” from our technology solutions. It’s important to separate the meaningful from the noise. To do that requires good judgment and a solid understanding of what you’re doing. CCOs should understand what they need technology to do for them, and make sure their technology solutions get them there.
Amy: It sounds like part of the challenge for today’s CCOs is the changing nature of the needs of the compliance organization. How important do you think it is for a CCO today to have a broad background?
Murray: I think a legal background is still relevant and helpful. So much of what a CCO does in a regulated industry is reading regulations and understanding laws, both of which are skills that are right in a lawyer’s wheelhouse. But, if all you’re doing is reading those things and writing policies and procedures without determining their effectiveness, you’re not likely to be very effective in your role. If you conduct the same training every year and continue identifying the same violations over and over, you need to look at what you’re doing wrong and adjust the training and messaging.
Amy: Do you have any predictions for 2020?
Murray: The only prediction I’m certain of is that the Earth is not going to crash into the Sun in 2020. When it comes to compliance, it’s tough to see where things are going at the moment.
I think privacy issues will continue to be important, and the rules are far from settled. We’ve seen California develop its own set of principles and the rest of the country is starting to move in that direction. That means firms need to think about the information they’re getting, where it’s coming from, what the firm is doing with it, and how the information is processed. Firms also need to evaluate disclosure requirements under the evolving rules.
Another issue I predict will become more important is the evolution of the #metoo cases we’ve been hearing about for the last couple of years. I think we’re going to see more changes in the ways firms conduct investigations, an enhanced focus on board training, and continued emphasis on firm culture. Compliance will have an important role to play in making sure people understand what’s appropriate and what’s expected at the firm.
Amy: Thanks again for your time and your willingness to share your thoughts, Murray! I just have one final question for you: What is your guilty pleasure?
Murray: I’m currently in a rut where I’m doing the daily New York Times crossword puzzle. Sometimes I’ve gone a year without touching them, but I keep coming back. Word puzzles force mental flexibility on you; I really enjoy the challenge.
Want more CCO Spotlight? Read CCO Spotlight with John McGuiness, StepStone Group