The compliance department ensures that a business adheres to external rules and internal controls. In the financial services sector, compliance departments work to meet key regulatory objectives to protect investors and ensure that markets are fair, efficient and transparent. They also seek to reduce system risk and financial crime.
These objectives are designed to support consumer confidence in the financial system. Financial services organizations also are subject to regulatory business rules that govern advertising, customer communications, conflicts of interest, customer understanding and suitability, customer dealings, client assets, and money as well as rule-breaking and errors.
Four elements of independence by:
Implementing a written compliance framework that is approved by the governing body and establishes a distinct and empowered compliance function.
Naming a Chief Compliance Officer (CCO) with a functional reporting line to a committee of the governing body that is comprised entirely of non-executive (outside) directors, in order to ensure autonomy.
Ensuring that the CCO and staff members of the compliance function do not perform business responsibilities.
Allowing the compliance function unfiltered access to information needed to carry out its oversight role.
Without a compliance function, you cannot reliably build or maintain trust with others. Trust is fostered through three elements: (1) repeated interactions with another person; (2) honest communication with that person; and (3) following through on commitments. Organizations cannot ensure that they are meeting element (2) or (3) unless they have adopted rules about proper communications and proper follow through. The head of the organization can’t be confident that others are being honest in their interactions unless the organization has adopted rules about honesty and trained people about the importance of honesty and candor. The leader cannot be confident that people are following through on commitments unless there are rules and norms that have been adopted and emphasized throughout the organization.
Compliance is part of your organization’s duties to its community and stakeholders. The first reason is most basic. If you run a business (whether for-profit or nonprofit), you benefit from your community’s basic services. In return, you owe duty to comply with the law. Furthermore, if you use the resources of others (investors, creditors, donors), you need to be able to assure them that you are regulating the conduct of your employees and that you are complying with applicable rules and regulations.
If you have no compliance function, you invite reputational damage. I like to note Warren Buffett’s adage that it takes 20 years to build a reputation and about five minutes to lose one. Research shows that people want to interact with organizations that have a reputation for honest dealings. It’s therefore no surprise that leaders consistently rank reputational risk as their number one worry.
Compliance enhances consistency. Without a compliance function, decisions are ad hoc and made in a vacuum. Articulated values, ethics policies, and codes of conduct provide reference points for making decisions a matter of routine. As Peter Drucker explained, “All events but the truly unique require a generic solution. They require a rule, a policy, a principle.
Compliance can serve as a driver of change and innovation. Some people also view compliance as inherently conservative. They think the purpose of compliance is to rein in conduct. Again, that’s not true. Compliance instead can serve as a powerful tool of long-term change. If every day behavior stems from training and codes of conduct, and codes of conduct stem from values, articulation and modification of values over time can profoundly influence organizational behavior. In the words of system theorists, values can be a leverage point, and compliance ultimately focuses on the driving values of an organization.