ComplianceAugust 27, 2018

The three C's of compliance

The Three C's of Compliance
Watch Video
Engage our consultants to review your compliance program

Compliance management as a strategic advantage

As the regulatory environment has become more complex, there are increasing expectations for bank directors to manage their responsibilities for compliance oversight. Financial institutions that can find ways to transform compliance management from a burden to a benefit can successfully elevate compliance to be a strategic advantage.

How can an institution successfully elevate compliance management to be a competitive advantage?  

Initially, to successfully elevate compliance management to be a strategic advantage, compliance must be embedded within an institutions’ culture from the top down into everyday activities. Core values can be articulated into practical considerations, like “fairness”, and directors can lead by example with credible challenges for better or more information. 

What key factors drive a culture of compliance?

Within the overall framework of a compliance management system, consider the 3 C’s that support the core elements of a strong compliance culture:  communication, confirmation, and correction. To be successful, these 3 C’s need to be embedded throughout the institution:

There needs to be robust and informative communication tailored across all 3 lines of defense and up to senior management and the board;

  • Preventive and detective controls, manual or automated need to be working effectively to confirm that risks are being mitigated and managed correctly; and
  • There should be timely action plans put in place at the root cause of issues to ensure any problems are promptly and fully corrected.

Do you have any tips for integrating these elements within the institution?

Yes. Initially, consider distinguishing between compliance activities that are done for good business reasons regardless of regulations; and those done only because of regulations.   There may be a different approach used between these two groups.

Can you provide an example of the first group – compliance activities that are done for good business reasons?

Your complaint management program is a good example of a compliance activity that makes good business sense, regardless of regulations. Information gleaned from monitoring complaints can be useful to many areas of the bank by presenting opportunities for improvement and increased customer satisfaction. How involved are your lines of business in collaborating with compliance in managing complaints?  Are there opportunities to be innovative, strategic, and more creative in communicating with your customers than the approach you are taking today?

Do you have any suggestions for compliance activities that are done only because of regulations?  

There are many instances where regulations mandate activity, such as certain notices or disclosures.  However even in these instances, compliance can be a trusted partner in supporting fresh ideas and new initiatives by communicating early and helping business partners stay within the lines as new products or services are being rolled out.  For example, in developing marketing materials, it is both efficient and effective for compliance to be part of the creative process early to identify trigger terms or misleading statements.  It gets more costly and disruptive if compliance is brought in only at the end of a creative process.

Do you have any additional suggestions to help elevate compliance management to be a strategic advantage?

Overall, compliance talent focused a lot on regulatory knowledge - there may be an opportunity to help compliance develop their “soft skills” to provide support, energy and excitement for new ideas and growth strategies. Too often in the past compliance may have said “no” before considering ways to say “yes.”

With that, compliance should be invited to have a “seat at the table” and an opportunity to help support strategic initiatives at every level of decision-making. Having a knowledgeable, enthusiastic partner will help to integrate compliance considerations as a normal way to do business. 

After all, successful compliance management is an essential element in maintaining trust between a financial institution and its customers. There are some prominent examples out there right now that illustrate what can happen to an institution’s reputation, brand and stock price when that trust is breached.  Having a strong compliance culture built-in as a way of doing business will go a long way in helping bank directors do their job in compliance oversight while supporting long-term strategic initiatives.