Drive change, shift perceptions – compliance functions as an asset in financial firms

8th January 2021 by Brielle Hewitt

Back to


The act of complying with a command, desire, or rule. Alternately, particularly in regulated industries, the definition of compliance is adhering to requirements, standards, or regulations.

For some it can be a contentious word, a contentious subject and sometimes even a contentious candidate for funding within  an organisation.

At times, Compliance and Risk functions in firms can be perceived as an inhibitor to business growth, while meeting regulatory requirements an unwelcome obligation. For Compliance, Risk and Governance (GRC) Professionals, your day may look something like this – big workloads with laborious and inefficient  processes that are spread over several old databases which are probably no longer fit for purpose, low levels of autonomy, yet high dependency on  the cooperation of other departments, little day to day support  from other business functions, and when you do try to advise or drive change it often falls on deaf ears or is rebutted as non-business critical, even worse, that you are working against or getting in the way of business growth.

At least Compliance professionals are no longer feeling like they have to justify their place in their Firm (that was the case not so long ago), indeed some compliance professionals have excelled, demonstrating their true value through strength in implementing best practice and strong governance, therefore helping to attract institutional investors and driving business growth. However, there is still a long way to go before many others in the compliance and risk professions can be seen to be adding that kind of value, beyond going through the motions and paying lip service to  meeting the minimum obligations.

The big takeaway: In difficult and challenging environments, there is huge opportunity to shine and show true value in your firm.

Let’s change perception, and flip mindsets…

Why can’t a culture of strong governance, with a compliance and risk led approach to business be an enabler for commercial growth? As a compliance and risk professional, how can you be perceived as a value add for your firm?

What is evident, is that true growth opportunity exists under a principle-based (lots of grey areas) regulator, for yourself professionally and to set your firm apart from the competition, by demonstrating best practice in your industry.

So, how do you shift the functions of compliance and risk from cost centres, to value drivers?

Well, that is the BIG question.

The answer is multi layered and not straight forward. We also get that you are busy and do not have time to trawl through endless whitepapers and reports, so we have consulted industry friends and commentators.  We have created a quick run-down of advice around what has worked and continues to work to drive change and shift perception for compliance and risk functions, and the wider Firm. We will continue to add to these themes as the days, weeks, months and years go on, but for now grab a coffee, get comfy and take 10 minutes out of your day to get some ideas flowing.

We can break it down to 5 key pillars…

 Culture | Learning | Tools | Process | Peers

 CULTURE | Driving an Organisation Wide Culture Shift

The FCA made the Senior Managers and Certification Regime (SM&CR) a requirement in December 2019. The purpose of this initiative is to reduce harm to consumers and strengthen market integrity by making individuals and firms more accountable for their conduct and competence.

The FCA states:

“The SM&CR is a catalyst for change – an opportunity to establish healthy cultures and effective governance in firms by encouraging greater individual accountability and setting a new standard of personal conduct. As part of this, the SM&CR aims to:

  • encourage a culture of staff at all levels taking personal responsibility for their action
  • make sure firms and staff clearly understand and can demonstrate where responsibility lies”.

The onus is on Leadership to make change. This sentiment is echoed in a well-used quote…

“My assessment of recent history is that there has not been a case of major prudential or conduct failing in a firm which did not have among its root causes a failure of culture as manifested in governance, remuneration, risk management, or tone from the top.” – Andrew Bailey, then Chief Executive, Prudential Regulation Authority (PRA).

The push for cultural change is not just coming from senior regulators. In this age of social media, individual customers and clients hold more power than ever before. There is an expectation from a large percentage of the population, that financial firms should be accountable, transparent and conduct their business in an ethically sound way. The push for change is stronger and louder than it has ever been, and if your firm does not keep up, it may well get left behind.

According to the FCA and other industry commentators such as Deloitte and KPMG, there are clear steps that will bring cultural change across a firm…

  • Leadership – It all starts from the top. If Leaders are not on board, change will not be made. There must be a will to ‘do the right thing’ from those that are responsible for decision making and setting the firm standard.
  • Purpose – Defining core values and a clear sense of purpose, with alignment between strategy, culture and values sets the tone for the entire organisation.
  • Accountability – A shift to a purpose led culture, where individuals across Firms take responsibility and are accountable for their actions, leads to better businesses, clean markets and happy, invested long-term clients and customers. There must also be an element of holding colleagues to account, supporting everyone to maintain the high standards that have been set across the business.
  • Reward  – Remuneration and incentives that promote good outcomes for the firm, customers and the market is the way forward. No cloak and daggers, just straightforward, transparent incentive programmes for good choice and good work.
  • Governance – Promote a corporate culture that reinforces good governance & controls, that is understood and abided by all.
  • Behaviours – Lead by example. Promote mindsets and behaviours that reflect the firm’s target culture and values.

This may all seem very Blue-Sky thinking. But what is clear, especially in 2021, is senior regulators, clients and customers are pushing harder than ever for cultural shift across the financial industry. Driving cultural change can at times feel like an uphill battle, and getting buy in from those that count can be arduous. But it is worth it. Firms that have done the hard work, and pushed for cultural change are reaping the rewards. Client and Investor sentiment and trust is high with these firms, and this translates into strong commercial growth.

LEARNING | Bridge the Skills Gap across your Firm – Upskilling and Educating

Keeping your firm and employees on top of the latest regulations, best practice, processes, and technologies by supporting them with education & training is a no brainer. It is worth investing time and money, to see the long-term benefit of upskilling your talent. To put this in context, more than two thirds of UK organisations believe they are fully GDPR compliant, but the limitations of their legacy systems and lack of the relevant skills in the market are hindering their ability for growth.

As a Compliance & Risk professional, education does not just mean learning a new skill yourself. It is also your responsibility to inform & support key stakeholders across the business to ensure they understand what is expected of them by regulators. You are an important part of your peer’s support system.

‘Education is the key to success’ could not ring truer.

There are specialised associations that focus on continued education for compliance and risk professionals, such as the ICA (International Compliance Association). There is more opportunity for skills and knowledge sharing in the industry, and many industry experts that are sharing their knowledge and experiences for the greater good – to drive change in the industry. COVID has put in a spanner in the works for networking and events, but these are also a key part of knowledge sharing and education. Many have gone virtual (for now) but I think we can all safely say we look forward to the opportunity to meet again in person.

ICA Website

TOOLS | Technology as the ultimate enabler

You know the old saying, “If you’re only tool is a hammer, everything looks like a nail”. This hits the nail on the head for GCR professionals (pun intended). If you are not given the right tools, aren’t upskilled and pushed to learn, or are put under pressure to simply get the job done at all costs – the wheels will start to fall off.  Inevitably these circumstances lead to inefficient functions, overworked, disenchanted employees and lacklustre output from the function. It is often why compliance gets a bad rap as in inefficient cost centre.

There are many technologies available to streamline and enable compliance operations, providing compliance teams tools and capabilities that were not imaginable just a few years ago. The ‘RegTech’ space is growing rapidly, and there are thousands of innovative start-ups that are shaking up the industry with their skills and enthusiasm. Jump on board the express train and make the most of this exciting time!

There are many forums, directories, and industry trailblazers that are all showing what can be done with the right tools and technologies. From simply archiving data, through to supervision and investigation (this is what we at Fingerprint do best!), through to market monitoring and reporting, AI and machine learning, the list goes on – there is a technology solution for most things.

What is most exciting, is that many RegTech companies are open source and/or open API, which means you can pull together your ideal suite of tools that will work best for your Firm’s requirements, with quite simple integrations and reasonable deployment time frames. A joint effort and consultation across the organisation are a must, with key stakeholders and users consulted in the briefing stage to ensure whatever solutions you utilise at your firm will be fit for purpose, scalable and efficient now and into the future.

This is of course where I am going to make a short plug for Fingerprint. We have created a powerful voice and electronic communications monitoring and supervision software, designed by compliance technology experts, to empower compliance, risk and governance professionals, and simplify GRC functions operations. It has never been easier to meet your firms regulatory obligations when powered by the right technology!

PROCESS | Optimisation of operations and output

As our CEO & Founder James Hogbin often says, processes do not have to be over complicated, and technology does not need to be the latest of everything to make a difference in an organisation (but it certainly helps). Understanding and recording what the biggest sticking points and problems are in your day to day operations, is the best place to start. Then understanding what can be done to break down silos, simplify processes, and enable efficiency and output with technology is a must – often times, simple changes and joined up thinking makes the biggest difference.

Reviewing and improving process must be a joint effort across all connected functions, often times you will consult a connected function, and many of the issues you are experiencing in your day to day are shared by them also, or are affected by your function’s own struggles with process.

By improving process by utilising technology, connecting functions, and working together to achieve a larger goal, your function will not just achieve better results for your organisation, but output should be improved and better commercial results achieved across the business.

PEERS | Learn from the trailblazers, share your knowledge, build relationships

There are some very talented GRC professionals, all over the globe that are forging a new path for the industry, paired with the expertise of regtech experts and creators, and it is an exciting time to be working as a Governance, Risk and Compliance professional. There is a spotlight on these functions, due to the working requirements forced upon the world by the COVID pandemic needing firms to up their game on governance and compliance requirements, as well as stronger pushes by regulators globally to clean up markets, and for firms to make governance and a risk based approach a priority for both the culture of firms, as well as the operations.

There are plenty of people to follow on social media such as David Doughty, Mike Wright and Chris Skinner – all of whom are respected voices and influencers in the industry. There are also multiple blogs and websites around where you can read others experiences of improving compliance operations, views on technology that has worked, and continued work to improve and push the industry forward. And, as mentioned earlier in the piece, networking events and conference are also a great melting pot of sharing knowledge and learning new things.

What is probably most important for a firm, is internal education and sharing your knowledge across departments and functions. In order for a firm to change from the inside out, those with the knowledge to do so, need to get buy in and educate key people across their firm.

What is most exciting about 2021, and looking forwards into the future, is that the world is changing rapidly and this also counts for the Financial Services industry. The change is definitely for the better, and GRC professionals are spearheading much of this change and innovation. As a GRC professional, there is more opportunity then ever to prove your worth, and grow you career upon trajectories and verticals you may never have thought possible. Functions are merging, just like technologies, and collaboration is the biggest part of all of this.

We here at Fingerprint are champions of GRC  and technology professionals, working closely and collaborating with peers across the industry to keep innovating and learning. We’d love to speak with you, and share some ideas!

Speak to you soon.


Sources and useful links:

FCA: Transforming Culture in Financial Services

Deloitte: Culture in Financial Services | Scrutiny by the Regulator, in principle and practise 

KPMG: Approaching the  Crossroads of Conduct and Culture 

Deloitte: Compliance Modernisation is no longer optional | How evolved is your approach?

Forbes: How to show the ROI of Compliance At Your Firm

Compliance Week: How can compliance Demonstrate Return on Investment

Related posts