Return to site

"Compliance" has a Branding Issue

To me it is about contributing to a safer and more just society, not simply mitigating risk to profits

· financial crime,market abuse,compliance,risk management

When financial institutions talk about "compliance" what they are referring to is compliance with the laws and regulations of the countries that they operate in, "compliance risk" refers to the risk of the institution or its staff breaching those regulations and "controls" are the people, processes and technologies put in place to mitigate that risk; compliance is important.

The United Nations (UN) estimates that over 1.6 trillion dollars of illicit money flows through the global financial system every year. Just to put that into context, 1.6 trillion dollars is greater than the Gross Domestic Product (GDP) of Russia, Spain or Australia; a country who decided to base their economy on monopolising global financial crime would have appeared at number 12 on the global GDP rankings of 2018. This figure represents (amongst other things) the proceeds of arms, drug and human trafficking, poaching, terrorist financing, slavery, fraud and government corruption but does not begin to quantify the impact of market manipulation on innocent investors.

The complexity of the impact of market abuse (and the fact that institutions find it notoriously difficult to detect) means that there are no readily available estimates for the total cost to the victims, couple that with an inability of the public to put a face to the people who ultimately lose out and it is all too easy to dismiss infringements as technicalities. However if we recognise the scale of the effects that such behaviour can have (consider for example the collapse of Barings bank or the systematic manipulation of the LIBOR), and the fact that large volumes of the investments that lose out are made to fund the retirement plans of 100s of millions of citizens around the world, then the human cost begins to come into focus.

Whilst regulators and enforcement agencies are clear that the rules governing the sector are in place for the betterment of society, that message is largely lost by an industry which chooses to frame what could be a hugely positive contribution to society as a risk to maximising profit margins. Clearly companies have a responsibility to their shareholders in that respect and investment in controls must be justified, however I believe that taking such a simplistic view of the issue has likely contributed to the ineffectiveness* of said controls by encouraging a box-ticking approach to meeting regulatory requirements rather than the adoption of a more holistic entity-centric strategy that I feel would yield far better results.

Personally I see the implementation of effective "compliance risk controls" as an opportunity to identify and act against the criminals, terrorists, rogue states and other malign actors who abuse the financial system for their own ends, rather than as a mechanism to avoid fines and reputational damage. Through denying such entities access to banking services and financial markets the industry has the potential to play a central role in creating a safer and more just society, and since technology is such a critical part of the solution, working with global financial institutions to improve the situation offers me the opportunity (given the right circumstances) to make a significant contribution to that goal.

*The UN estimates less than 1% of that illicit 1.6 trillion USD circulating in the global financial system is successfully intercepted.

I am currently working with Matt Pockson and a team from DMW in defining an intelligence-led, entity-centric approach to managing the risk posed by market abuse and conduct regulations at a global FS client, so if anything in this post has a struck a chord or piqued your interest feel free to get in touch to find out a bit more.