by Robert Powell, Director of Compliance, IPC
Today, financial institutions face increasing pressure to comply with changing regulatory requirements. And now – in less than a year – here comes MiFID II with more stringent regulations and an impact on a wider range of financial firms. The cost monetarily and in reputation for non-compliance has never been greater. Non-compliant behavior has resulted in fines of more than $200 billion for the major financial institutions.
Consequently, financial institutions are increasingly adopting a ‘zero-tolerance’ culture for violations of a company’s compliance policy or procedures. In today’s environment the risk is too great for a ‘three strike’ approach, so firms are implementing a culture of ‘zero-tolerance’ where any employee found to have engaged in non-compliant behavior or have violated company policy is subject to termination.
Four Key Guidelines for Creating the Culture
A ‘zero-tolerance’ compliance culture puts firms in a more defensible position when an audit or investigation occurs. However, implementing a ‘zero-tolerance’ compliance culture is not easy. Any change to an organization’s culture will be met with resistance, but ‘zero-tolerance’ is in the best interest of any financial institution under current regulatory requirements. Here are four key guidelines for implementing a zero-tolerance culture:
- Employees must be trained and possess an understanding of the rules and how they will be applied – lack of knowledge is not an accepted defense.
- The organization must work closely with compliance, legal and human resources to present a company-wide position across all functions.
- Application of policies and procedures should not stifle innovation, progress or adoption of new technologies.
- Internal policies should be audited and verified to ensure they are in line with the ‘zero-tolerance’ approach.
The challenges to financial firms in today’s economy are daunting and with new regulations on the way more financial firms and more employees will be subject to at least one or more regulatory requirement. Any compliance culture must work with an organization’s existing processes and compliance with regulatory requirements should never be a roadblock to the productivity or efficiency of an organization’s employees.
Challenges to a ‘Zero-Tolerance’ Compliance Culture
Technology is both a blessing and a curse to a ‘zero-tolerance’ compliance culture. The right technology makes compliance with regulatory requirements more cost effective than implementing a solution that relies on staff. Technology can offer the opportunity for in-depth analysis of business processes and workflows to increase efficiency and provide a competitive advantage over the competition. But technology also presents the opportunity for use of unregulated communication methods otherwise known as zero-evidence applications. The most common example seen among financial firms is WhatsApp, a widely used communication tool that cannot be tracked and could be a potential regulatory issue. Any compliance culture needs to ban the use of zero-evidence communication applications and ensure that only approved communication methods are used.
In today’s regulatory climate where firms are fined millions of dollars for non-compliance, a ‘zero-tolerance’ compliance culture will help get the message to all employees that the firm takes compliance seriously and that it is an essential part of their business operations.