How do you build a successful compliance department? If you ask that question of employees and senior leaders in some firms, you might hear “to enforce the rules” or worse, “sales prevention.”
Compliance in any organization is charged with enforcing the rules, but that shouldn’t be seen as the department’s core function. And, rather than preventing sales, one of the compliance department’s overarching goals should be to enable the business.
In firms where the culture of compliance is strong, where compliance is interwoven into the fabric of every action or decision the firm makes, compliance is able to simultaneously protect the firm and find opportunities to help the business meet its sales and growth goals.
Support the Business
Rather than fostering an image of compliance as law enforcement intent on catching the firm and its employees doing something wrong, many compliance departments today have turned the tables, becoming trusted business partners. As Deborah Marcus, Head of Compliance, Americas, at Moelis explains: “Compliance isn’t there to hinder their work, but really to help it happen in an appropriate way, and to demonstrate what can go wrong when rules aren’t being followed.”
Instead of simply looking for violations and conducting tests of policies and procedures once a year, compliance officers in those organizations are engaged in discussions about new products and service offerings, and actively participate in talks about procedural changes.
In firms where compliance understands that one of its core functions is to enable the business, compliance officers don’t look for reasons to say “no” to proposals from other departments. Instead, they apply their knowledge of applicable regulatory guidance, rules, and regulations to find ways to say “yes.”
Jason Scoffield, CCO at Audax Group, explains the ultimate goal of a strong compliance department: “What’s most interesting about compliance is taking the regulation and figuring out how to apply it to specific business needs. Compliance works best when it is so integrated that people don’t even have to think about it.”
Protect the Firm’s Reputation
Of course, the other core mandate of a compliance department must be to protect the firm and its reputation. To do this successfully, compliance officers need to be able to communicate effectively internally – with people at all levels of the organization. As Kelly Pettit, CCO at General Atlantic, puts it: “Once you understand the business, you can then appreciate the risks that are relevant and applicable to your firm.”
Compliance is ultimately responsible for protecting the firm from risk, but it cannot do so in a vacuum; everyone in the firm needs to play their part. Senior leaders who may not be well-versed in compliance regulations nevertheless need to understand the risks the company faces and be able to envision strategically how the compliance department’s efforts will have a long-term impact on the firm. When the executive team “gets it”, they can be staunch supporters of compliance, helping create and define a company culture where compliance is second nature.
Similarly, compliance officers and their teams must also be able to deliver compliance messaging and training to rank-and-file employees in every department of the firm in a way that will be understood. Even in firms that have adopted state-of-the-art compliance technology platforms, the risk of human error still exists. Compliance officers should not underestimate the power of ongoing training and support. When every employee understands the “whys” behind the rules and can see how their roles fit into the larger compliance mandate, the role of protecting the firm from risk no longer rests entirely with the compliance department.
Ethics and Integrity Count
Compliance, in most financial services firms today, is no longer limited to complying with the letter of the law. More than ever before, Chief Compliance Officers and their staffs are tasked with serving in advisory roles for the organization in addition to monitoring and ensuring compliance with applicable regulations. This, in turn, creates opportunities to help compliance fulfill its core functions: to enable the business while protecting the organization from risk.