Skip to main content

Compliance Corner: The Important Role Your Company’s Culture Plays in Compliance

September 7, 2018
Read Time: 0 min

Creating a culture of compliance can help mitigate conduct risk.

Decades ago, the word “culture” referred to the customs and beliefs of a particular society. Today, it also refers to the way of thinking within an organization. While the concept of culture is relatively new to the workplace, its significance is more prevalent than ever. For some companies, it means staff amenities and flexible hours; for financial institutions, it means a compliant and ethical way of conducting business while protecting the consumer and the financial system.

In 2014, FinCEN made it clear that shortcomings seen in AML programs confirmed that the culture of an organization is critical to its compliance. Predating the FinCEN guidance was the significant shift in how examiners viewed BSA/AML compliance when it was moved under the Management component of the CAMELS rating system. Regulators see certain areas of compliance as a safety and soundness concern, as well as a direct reflection of the strength of the institution’s management team, including the Board.

Lately, the notion of conduct risk is moving to the forefront of every compliance officer’s mind. How can I ensure that our employees are conducting themselves in a way that will not harm the customer nor the institution’s reputation? How can I ensure my first line of defense is operating within our Board-prescribed risk appetite and limits? The answer: organizational culture.

 A Strong Culture Starts at the Board and Filters Down

Your institution’s culture, like strategic initiatives, starts at the Board level. The tone starts at the top. If your Board prioritizes compliance by allowing for adequate human and technological resources and remains engaged in monitoring and audit activities, you are off to a great start!

If you have an issue, we have a solution. Utilize our expertise to make big things happen.

Speak to an advisor

It is a compliance professional’s duty to arm the Board with the information they need to do their job. A compliance officer must continuously train the Board on new and emerging regulatory expectations and enforcement trends. This informs the Board’s decision-making activities which impact the tools a compliance professional has to do his/her job – including more resources and better technology. The downstream impact of these decisions is what drives employee decisions, and ultimately compliance and conduct risk.

Selling the Board on the cost of non-compliance will drive conversations around the compliance culture the Board should be setting thorough policies, procedures, and risk limits. This culture is then socialized to Senior Management and ultimately throughout the entire organization.

Measuring Culture and Mitigating Conduct Risk

Monitoring and audit activities provide the Board assurance that governance, risk management initiatives and internal controls are working. This is called the third line of defense. A strong culture of compliance is demonstrated when remediating issues take priority at the institution. Turning changes around quickly, having measurable tracking points throughout, and communicating progress to the Board are key.

Simple measurements can be very meaningful for the Board on whether the correct culture is present within the institution to mitigate risks such as conduct risk. One example is monitoring against customer complaints, specifically against a new product or service. Did the introduction of this product result in an increase in complaints? Is there an employee training issue, or do the features of the product need review?

On the flip side of consumer complaints are internal complaints - does the institution have a safe and trusted path for whistleblowers? The best way to combat culture disruptors is to allow for open and anonymous lines of internal communication. The risk of culture disruptors – human and otherwise – increase as your geographic footprint widens and staff levels increase.

Maintaining Culture Along with Employee Satisfaction

Ensuring that employees understand what their role is in the compliance and risk management puzzle will enable them to effectively do their job. Employees thrive when goals and expectations are clear. Each employee’s job description and annual review should include these standards.

Annual reviews can be tied back to audit and monitoring findings. This is a helpful way to hold employees accountable and emphasize the importance of compliance as well as the organization’s tolerance level for misconduct.

Maintaining a healthy organizational culture focused on being compliant and ethical is an ongoing challenge in today’s banking world. Thankfully, Boards and Senior Management are becoming more aware of its importance as reputation-ruining activities of certain large banks grace the front page of worldwide newspapers. Heightened awareness around the importance of strong governance help compliance professionals create the type of organizational culture examiners are on the lookout for in today’s regulatory environment.

About Abrigo

Abrigo enables U.S. financial institutions to support their communities through technology that fights financial crime, grows loans and deposits, and optimizes risk. Abrigo's platform centralizes the institution's data, creates a digital user experience, ensures compliance, and delivers efficiency for scale and profitable growth.

Make Big Things Happen.

 

Looking for Banker’s Toolbox? You are in the Right Place!

Banker’s Toolbox is now Abrigo, giving you a single source for all your enterprise risk management needs. Use the login button here, or the link in the top navigation, to log in to Banker’s Toolbox Community Online.

Make yourself at home!