bankingciooutlook

The hard case for investing in Compliance

Alexander MacLean, Global Head of Compliance / Chief Compliance Officer, Aegon

Alexander MacLean, Global Head of Compliance / Chief Compliance Officer, Aegon

There has been a well-known quote around the Internet for several years: “If you think compliance is expensive, try non-compliance”, by former US Deputy Attorney General Paul McNulty. It dates back to 2009 and still holds true today. Maybe even truer, as fines for non-compliance in all areas have increased in the past years. And fines are given in more areas: where the earlier focus was on subjects like competition and bribery, since the turn of the century money-laundering, sanctions, and more recently privacy and data security have been added. Fines are said to often be only a third or even less of the costs for a company associated with a compliance mishap, as costs for investigations and defence are thought to be roughly as high as the costs of the fine, and then the costs of the remediation programmes and costs of reputational loss are still to be added.

So there is your hard case in the original meaning of the word hard: a rock-solid case indeed!

"Compliance is your license to operate: it is simply impossible and unthinkable not to invest in it and to keep up to speed"

If common sense, and experience, and facts can build the business case for compliance, why is it still difficult, or hard, for anyone in a Compliance role to get the investment they need to do their job. I will give you three reasons.

One is: prevention is not sexy! Think fires. Putting them out has always made heroes: going in with force and making lots of noise, spraying water and climbing roofs. Preventing them has never been sexy: knocking at the door with a notepad and checking the emergency exits and extinguisher best-before-dates. Think health issues like obesity: gastric bypass surgeons earn ten times as much as dieticians. Think the corporate world: crisis management has a higher status and better pay than auditing.

The second is that Compliance does not add to the “bottom line”: with their friends in Risk, Legal and Audit, Compliance officers are managing cost centers traditionally and are adding no value but are rather seen as “overhead” or as the infamous “headquarter charges”.

The third logically follows the second: the board will say: “we have already invested heavily in Compliance” or “in last year’s round of budget cuts, we held back on Compliance already”. And this is possibly the truest: Compliance budgets have grown, both absolutely and relatively. But still, more investments will be needed.

So where is our solid case? Three pillars to sell Compliance budget growth or the budget overrun later in the year:

• Sell facts: Compliance is your license to operate: it is simply impossible and unthinkable not to invest in it and to keep up to speed. There is not one successful competitor that is not investing in compliance. As the regulatory burden grows, and it grows fast in any industry, boards can simply not afford to under invest.

• Sell hope: no matter how extreme the regulatory burden is, there is a team that solves the puzzles and that brings oversight, and peace of mind.

• If all else fails, sell fear: you will have all board members’ attention, and their wallets open, as soon as you show pictures of execs behind bars, or headlines about reputations lost…

I wish us all very good budget discussions!

Weekly Brief

Top 10 Risk and Compliance Solution Companies - 2021

Read Also

Data Analysis in Storytelling: Common Mistakes

Data Analysis in Storytelling: Common Mistakes

Albert Chin, Head of Model Risk Management, Signature Bank
 Revamping Regulatory Practices with Innovation

Revamping Regulatory Practices with Innovation

David Cowland, Head of Compliance Operations, Fidelity International
Why we need MSSP? Managed Security Service Provider & the quest for cybersecurity experts

Why we need MSSP? Managed Security Service Provider & the quest for cybersecurity experts

MarekTrebicki, Cyber Security Services Risk & Control Associate Director, Standard Chartered Bank
Managing Risks Through a Transformation to the Digital Era

Managing Risks Through a Transformation to the Digital Era

Dan Bailey, SVP, Operational Risk Management at Gateway First Bank
Optimized Processes Enhancing VCs

Optimized Processes Enhancing VCs

Ben Marrel, Founding Partner, Breega