In part one of this blog post, we unpack the drivers behind the surge of demand on compliance investments and skilled staff, including new agencies that take a behavior-based approached to regulation, as well as an expansion in their powers. In part two, we talk about how compliance officers can help transform their organization into one that is conduct-risk-aware.
Compliance functions now have considerable influence on the board and its decision-making process, according to Roger Miles, behavioral risk lead at Thomson Reuters. The majority of boards (74%) now have an increased focus on conduct risk, and the chief risk officers or heads of compliance in 70% of organizations directly report to the board on conduct risk.
Compliance practitioners should seize this opportunity to lead “the transformation that regulators are looking for, to help build and promote a responsive business culture that encourages intelligent, behaviorally aware risk taking and decision making,” wrote Miles.
To jumpstart this transformation, Miles advises compliance officers to encourage all staff to work “risk-aware.” This means educating everyone in the organization about why good conduct is good for the business, and that poor conduct comes with a wide range of costs beyond fines — including negative effects on customers.
“Conduct breaches are not just about paying fines in your local jurisdiction. They have wider business impacts on capital (prudential reporting, capital adequacy, brand value, share premium, cost of borrowing) and ultimately on the ability of the business to maintain self-determination (strategic governance and control),” he said in an email.
While conduct breaches come with obvious business costs such as the possibility of a senior manager getting suspended as a result of a violation, they may also bring unexpected damages.
“Businesses hit by a major conduct-related enforcement may also find themselves the targets of shareholder activism, boardroom coups and hostile takeover,” Miles said.
Miles also encourages compliance leaders to take a look at the current state of their compliance training programs, and making sure that training content is up to date. They should also add new training programs on behavioral risk awareness and new conduct regulations in the company’s jurisdiction.
While this could involve requesting more resources from the board, Miles said that “the signs are this will be more sympathetically heard than in the past.”