Having been in various forms of compliance for the last twenty years, here are my top takeaways that are designed to be direct, challenging and a warning to compliance teams to think differently and adjust their approach.

  1.  Management Reality. The reality of compliance is that most of the management see compliance as important to keep their right to operate but not important enough to err on the side of caution and do more than required because it is the right thing to do. Doing the basic required by the law and nothing more is standard behaviour and anything more is exceptional.
  2. Never let compliance slow down business. Compliance in management will always be doing the minimum and keeping the wolves at bay, but never doing anything that would slow down business, affect revenue negatively or cost too much that becomes noticeable. Management will entertain compliance for a while if it is not too noisy or expensive. No CEO wakes up every day thinking about compliance and what they are focused on. They only wake up and think like that when you cross the line and start slowing down business.
  3. Compliance is the fifteenth member of the management team. While members of the compliance team are sometimes invited to meetings and report to management, the role itself will never be a key member of the leadership of the company. Similarly, your budget is normally immaterial, small and inconsequential to the company. They will make you work for it; they will challenge you on it as part of the standard process - but it is just part of the process for costs management.
  4. Management would rather tick boxes. Compliance is still seen as a box-ticking exercise and unfortunately most things that compliance teams do involve boxes and their ticking. While teams keep doing that, management will be happy. They like to see compliance busy on these areas, so they stay out of other areas.
  5. There is no consequence for compliance failures. It is rare that a management team feels the effect of their compliance lapses. In most cases, unless they were directly involved in fraud themselves, they rarely lose their jobs nor suffer major consequences. The fees, charges, costs of compliance are mostly immaterial and a rounding error.
  6. Managers don’t accept the scare tactics of compliance. Everyone knows managers never go to jail and no one will be trapped at an airport on arrival into a country. While it has happened, everyone knows it is a remote risk and one not to worry about. Any scare mongering generally acts negatively and makes compliance looks lame.
  7. Hiring processes are broken. Hiring in management and leadership is so broken that a manager sacked for a compliance breach in one company will turn up at a competitor after a few weeks. In most cases, the competitor will know all the facts and still go ahead.
  8. The market really doesn’t see compliance issues (and their possible resultant charges from government agencies) as a material effect on the books of a business and loses interest in compliance issues after a week or so.
  9. Markets are too powerful. No one will downgrade a company based on compliance breach for very long. The market is far too powerful and will always look at the underlying business and write off the known compliance issues. Drops in the market due to a compliance issue will be reversed in a matter of days or weeks.
  10. Compensation drives behaviour, yet very few compliance programmes can impact the compensation plan of managers. If it is included in the plan, it is often small, negligible and rarely actioned.

Knowing these issues is the first step. The second step is accepting that they exist and acknowledging that you likely not change them in almost every company. The third step (post acknowledgment) will lead you to focus on the things that matter and not the things that you can’t change.