Posted August 14, 2017 by Ruaraidh Thomas
Compliance technology is helping firms to achieve smarter, faster detection and investigation of potential misconduct. But how can you inspire a culture of willing compliance in your organisation?
The financial services sector has attracted more than its fair share of criticism in recent years thanks to subprime mortgages, the Libor scandal and FX rate rigging, money laundering, and the Panama Papers. And don’t forget the odd rogue trader.
Inappropriate behaviour in the UK alone has cost transgressors £53bn over the last 15 years, according to data from New City Agenda, so it is little surprise that regulators are demanding change with ever-increasing volume.
But the aim is not just to mete out huge fines; instead, the objective is the creation of a healthier culture across the industry. While measures such as the UK’s Senior Managers Regime and the EU’s Market Abuse Regulation are strengthening risk management and ensuring incentives do not encourage inappropriate practices, the transformation of culture in financial services is a slow one.
Culture is built person by person, meaning it is everyone’s responsibility. Success can only be measured by whether there is a focus both on positive outcomes for customers and there is a happy, healthy, and motivated workforce that is encouraged to behave in a socially responsible manner.
Cultural improvement, after all, is not about ticking boxes for the authorities, nor is it about enduring ever-tightening – and sometimes easily circumvented – regulations. To work, organisational culture needs to be fully understood, managed, and owned by the organisation and all of its stakeholders.
Unfortunately, boards are often too removed from the lower echelons of the business and rarely get to hear directly from staff about how ‘things get done.’ But collectively, these accounts, and the personal beliefs that support them, amount to a firm’s culture. What is really needed is a neutral model capable of expressing and even quantifying ‘culture’ so boards can gauge it properly.
So, how can you measure culture? Benchmarking can be achieved through a balanced scorecard approach, using metrics such as profit, efficient use of capital, and revenue growth. Customer satisfaction, staff engagement, risk metrics, and community and brand trust metrics also contribute to painting an accurate picture of how a business is doing at any given point.
This approach may even locate weaknesses in current culture and highlight areas for improvement. But more is required if compliance teams are going to manage the constant influx of regulation and ensure their whole organisation responds to it.
Fortunately, there is a third strand to instilling a positive culture. Compliance technology, often referred to as 'RegTech,' has the potential to help firms and employees move forward, by helping staff to self-report transactions that may be flagged, for instance.
Pre-crisis, regulation was, in the main, light-touch and principles-based, but since 2008, there has been a shift towards the increasingly prescriptive which, for compliance teams, has meant bringing in more resources.
In fact, research commissioned by DST has shown that about half (49%) of respondents have seen compliance headcounts rise over the past five years, and 41% of those we asked intend to increase that figure over the next 12 months.
This is no surprise, as analysing and implementing the new demands which flow from the thousands of regulatory pages written since the crisis continues to be a challenge.
RegTech, specifically designed to meet the requirements of new regulation, could be instrumental in easing the pressure. What’s more, it could also facilitate a shift towards a more positive organisational culture.
Any transformation may initially be seen as being too ‘big brother,’ but if it is helping firms achieve smarter, faster detection, and investigation of potential misconduct then surely this is a step in the right direction for the industry?
By incorporating new technologies, such as behavioural analytics and metrics, and using machine learning to reduce the risk of data breaches, compliance can help rebuild trust and advance the cause of culture management. The pervasive nature of technology is also such that most aspects of a financial institution’s operations can be monitored and managed by the compliance team, giving greater assurance all round.
RegTech also gives a resourceful hand in getting the job done properly and efficiently, assisting with every process from calculations and modelling to fulfilling new operational processes. It can be deployed to automate the ‘heavy-lifting’ of simple, high-volume tasks, leaving compliance professionals to engage with more strategic work.
Automation of data-intensive processes in compliance can, for example, be instrumental in removing error and the progressive development of a negative cultural attitude to such tasks. Technology also has the capacity to remove so-called ‘key man risk,’ ensuring that no one individual can step beyond due process without good reason or authority.
It could be argued that technology serves both to define and maintain good practice as it helps enforce personal accountability in line with regulation, especially where auditable trails of activity are created.
As systems continuously adapt to new regulations, alerting senior managers to their changing responsibilities becomes a part of the regime. Ultimately, transparency and proper accountability become the norm.
With many firms at the mercy of disparate and disconnected systems and siloes of risk data, standardisation across the organisation may take time.
Reaching the ideal state will typically require the reworking of processes and even redesigning operating models to ensure the flow of data in and out of compliance is unhindered.
This may be achieved in-house, but may also mean a partnership with the right supplier that has the agility, yet scale, to tackle several major projects at once across the organisation. So there is little doubt that there will be fascinating developments to come in the RegTech sector.
Managing Director Applied Analytics