For many in the financial sector including asset management, Compliance is still a drag. It need not be. Structural Compliance i.e. procedurally integrated Compliance makes it easier – and better. The usual question „make or buy?“ can only apply to an initial concept if not yet in place. If necessary, buy some elements but essentially mould them, i.e. make it – thus have it structural. This also obviates the question whether one should have as much ‚Compliance‘ as necessary (i.e. dictated by the regulations) or as possible (to be safe) – as if it was a contagion besetting business operations.
The simple purpose of Compliance
Purpose and process – these should go together and one should be recognisable in the other. This is the first requirement of simple Compliance. Only if the original purpose is reflected can Compliance be integrated and effective. When processes are delineated from the purpose they can be organic and natural. The Compliance in many (financial) organisations tends to grow without a relation to its original purpose. This is not just costly and burdensome, it is also risky.
Not seeing the forest for the trees
Sometimes, Compliance grows and occupies ever more people in organisations, inside and outside the function proper. What is normally described as „Core Compliance“ i.e. the prevention of insider trading and the processing of information among other tasks is regularly the lighter lot, because it is more remote from the business. Anti-money laundering and sanctions Compliance („AMLS“) is trickier because it weighs on transactional processes in loans, derivatives and payments. Bonds and equities are in scope but fraught to a lesser extent due to the nature of those business lines.
The Compliance conundrum
Particularly in AMLS, many institutions have a host of processes which they derive from the regulatory framework which is the same for the industry. Then there is the systems environment of programmes and applications with their interfaces with the respective bank’s core system. With these semi-fixed parameters, Compliance processes should evolve towards routine and clarity along the pattern of a decision tree, also in international financial institutions. In fact, the opposite is often the case; decision-making gets protracted and unsystematic with decision-makers typically preferring to err on the side of caution. Yet, there should not be much room for „caution“, even if this sounds counter-intuitive. Exerting caution happens out of uncertainty and such uncertainty is a far wider field than it has to be or should be. At the end of the day, financial institutions and other organisations find themselves laden with a growing population of Compliance employees, procedures and systems but without swift and effective processes or clear determinants and responsibilities as the regulation was designed to engender. This leads to the presumption of yet another Laffer curve – where the optimum and the maximum are two distinct points. This differentiation is not about being light touch but about false security and tick-the-box exercises which are not only useless but detrimental. The regulators are demanding a risk-based approach but this is not always visibly reflected by institutions. Auditors and regulators seem to take a stance of compromise or tolerance for a slow coming-of-age in the Compliance function – at least for the time being. Embracing regulation means being able and willing to handle it with a clear purpose. Handling is best done by means of robust organisational and procedural frames, i.e. structural incorporation of regulatory compliance. Do organisations want to be compliant with externally set rules? Not naturally but smart process design can help to make it feel natural. More than that, together with lessons learnt from Organisational behaviour people in organisations can be motivated – and even go beyond that. This brings up the question of how integrated Compliance should be in asset management or trading operations. The answer is: procedurally very integrated – this pertains to standard processes. Concrete action in single cases must however be carried out completely independently – in line with the idea of the regulatory rules.
Hence the recipe for effectual Compliance which is accepted and not feared or loathed is routine integration in work and independence of investigation judgement. The essential ingredient is the constant visibility of the purpose and here it is good to remember John Stuart Mill and the school of utilitarianism. The sole question should be whether a Compliance process is good or bad for the intended purpose. The purpose in turn is derived from regulation. My observation is that several other factors have a bearing on Compliance processes, most of those are related to the shortcomings of people as role-holders. Sometimes, national competent authorities allow a form of communication which is unsystematic and informal. This may be helpful at times for a certain period but is squarely detrimental when not complemented and superseded by more tangible and formal forms of communication. Regulatory Compliance should not leave room for much interpretation or be undetermined. A supervisory whisperer has no place here.
Steve Jobs
Too much of a good thing?
Compliance becomes counterproductive when it is inflated and features as much as possible instead of as much as necessary without being scant. It is not to be grafted upon but cultivated, hence the term Compliance culture. Culture is not religion. Culture determines our everyday behaviour in a subtle, unassuming way. This is the goal of Compliance. True Compliance knows no idolatry. This is why procedures matter, first and foremost. But they must be and be perceived as natural, logical and not overbearing.
Compliance is regulation-induced and not a soft subject. Ingraining Compliance in the culture of an organisation, not just as whistleblowing but as a setup, makes it a „soft“ subject – soft as in flexible, not as in easy, because in this regard, people are a soft matter. Where Compliance needs to provide guidance, should it lead in front or from behind? Clever management leads from behind (remember Steve Jobs quoted above) but if you need more hands-on leadership, let it be structural i.e. procedural. Apply the Starbucks principle of bringing processes as close to the client/officer/trade as possible – thoughtfully. Otherwise, it is difficult to stay the course. Remember that not just people, also processes can spin out of control (and purpose). Compliance matters are a usual suspect for this.
The experience fallacy
Sometimes experience is just another word for witnessing a display of events – watching situations pass by without understanding their causes and make-up. Events turn into valuable experience only if matters are – often unwittingly – mentally processed and perhaps applied only later when the need arises. This is fair enough for individuals. The master level, the black belt of experience comes when organisations come to learn or truly „experience“. This gives a whole new meaning to the MiFiD term of systematic internaliser and by the way, this is also important for Compliance functions. Too many organisations keep making the same mistakes over and over again and any improvement is piecemeal and by accident rather than systematic. TPS – the Toyota Production System is a rare exception and not easily replicable in financial services. Becoming a systematic internaliser would be crowning the Starbucks principle of bringing the systematic process as close to the client interface point as possible. Take a leaf from Starbucks book beyond coffee making. Or take one from Aristotle, Nicomacean Ethics and lead a (more) contemplative lifestyle as an organisation.
Here, the link between Organizational Behaviour and Compliance becomes obvious (one of those occasions). Be naturally compliant by employing OB considerations. Do it reasonably, sine ira et studio. Again, this is no religion – procedures matter, rites do not.