Hire or Retrain? Think ROI

AT&T recently announced a $1 billion commitment to “reskill” (as they call it) an enormous number of people in its workforce. Yes, allocating that much capital to any one initiative is always a risk but the risk of not taking such a bold step is far greater. As a compliance professional in any industry, you’re witnessing up close the digitization of your business, your customers, and, well, everything. Finding and retaining people with the right skills and tools on your staff is a challenge for most compliance organizations, something that I see anecdotally with my client organizations, and we all see reported by analysts (see first bullet below). Among the key items from the CNBC report on AT&T’s plan:

  • Willis Towers Watson reports that while 90 percent of maturing companies expect digital disruption, only 44 percent are adequately preparing for it.
  • Center for American Progress reports the median cost of replacing a worker is 21 percent of an employee’s salary.

How does this relate to Compliance? Many compliance departments are staffed with workers well-versed in their industry’s rules and regulations as well as their business’ activities, highly valuable knowledge and experience. At present, however, many Chief Compliance Officers are concerned that they and their team members lack more current skills relevant to the inexorable digitization of their business.

As I work across a variety of organizations in a handful of industries (mostly financial services and technology, but others as well), I am continuously inspired by the deep and genuine desire I see in compliance professionals of all ages to keep learning new skills. I advise my clients to embrace that energy and ensure their compliance staff has access to training and education that gives them the skills they need to stay competitive. CCOs and their fellow executives see the ROI instantly: retain the valuable institutional and regulatory knowledge that informs better judgment while enhancing their skills to ensure they can apply that knowledge to their business as it modernizes and evolves.

Staying curious — or to paraphrase Steve Jobs’ famous advice, staying hungry and staying foolish — is good for us all in so many ways. CCOs, encourage your staff to do so, and lead by your own example!

In honor of Albert Einstein’s birthday this week — he was born March 14, 1879…and yes, Stephen Hawking died this March 14, which is also ‘Pi Day’ (3.14…you get it), so a whole lot of synergy going on here — we’ll close with a famous quote of his germane to this conversation:

“The important thing is not to stop questioning. Curiosity has its own reason for existing. One cannot help but be in awe when he contemplates the mysteries of eternity, of life, of the marvelous structure of reality. It is enough if one tries merely to comprehend a little of this mystery every day. Never lose a holy curiosity.

[emphasis mine]

Advertisements

Compliance Tense

No, I don’t mean ‘tense’ like the tension we can experience as compliance professionals (although that is a fun topic to add to the list of subjects I’ll cover if I ever launch a career as a stand-up compliance comic); I mean ‘tense’ in terms of compliance present and future. (Not to dismiss the importance of compliance past, but that’s been covered thoroughly and most of us have lived it for years or decades, so we’ll chat about that by the fire some other day.)

Compliance Present Tense: The Transformation Is Here, and Its Name is Data

We’ve all seen it discussed in various fora: compliance programs are increasing their use of data analytics at an exponential rate. Many programs have been using some form of data analytics for years but integrating data analytics into compliance programs has shifted from a useful augmentation to a must-have. I am seeing firsthand at organizations of all sizes not just increasing reliance on data analytics but increasingly creative uses, too. This is also why we’re all seeing a heavier emphasis on, and deeper capital expenditures in, enterprise data management. Compliance professionals are participating directly in their organization’s efforts to optimize their data management, and that is a fantastic way to influence the modernization of compliance in your organization.

The shift to must-have status has been recognized by regulators and legal authorities. Many of you have already read through the Department of Justice’s Evaluation of Corporate Compliance Programs, which among many things highlighted the importance of operationalizing compliance programs. The cornerstone of effectively operationalizing a compliance program in any industry is the effective use of data analytics.

The energy is palpable and contagious around Compliance Transformation in the present tense. It’s about much more than data analytics, of course, and re-thinking the skillset and compliance toolkit as we hire, train, and advance compliance professionals is worthy of a separate post (here’s a preview: think “utility player,” and get to know Millenials and how they work best…and, no, they are not lazy). Today I underscored data analytics because it’s evolved from a trend to an integral piece of any compliance program. If you are a compliance professional, you need not run off to get a Ph.D. in data science to stay relevant; however, you’re wise to take advantage of formal and informal learning opportunities so you can understand how you and your program can use data analytics.

Compliance Future Tense: ‘Singularity’ Is Too Strong, But Its Kind of That

Trend time. You’re probably seeing it already in your organization regardless of industry: the walls between functional silos are getting smaller and weaker, and in the future, as all industries digitize, those walls will all but disappear. I sometimes say only half-jokingly that there will come a day when aging compliance practitioners look wistfully at a setting sun and muse, “You know, I can remember when there was a separate function called ‘Compliance’…”

This is good news for compliance programs.  It does not mean the need to ensure an organization complies with its industry’s applicable laws and rules, as well as its own policies go away; in fact, the expectation from regulators, law enforcement, investors, boards, customers and clients, and so on, will continue unabated that whatever it is your business does, it must do so within the bounds of law and ethics, and the ability to identify organizations that don’t will be stronger and faster than ever.

The good news is that our expertise will still be a valuable asset to any organization, while the tools we use to prevent, detect, remediate, and prove our organization is compliant will be so fully integrated into the business we serve that it will be very difficult to identify the line between “compliance” and everything else. These are exciting times as we develop the processes and technologies leading us to that future.

Compliance Transformation (yep, that’s a thing)

The Compliance Transformation revolution continues as it learns, adapts, grows, and changes at exponential rates. We hear it referred to as Compliance 2.0 or Compliance Transformation, among other names. Regardless of nomenclature, it’s underway, it’s here, and it’s spreading.

What is Compliance Transformation? What’s happening?

Compliance Transformation is the evolution of compliance from a reactive, back-office-line-of-defence function to a real-time application woven directly into the very fabric of the business it serves.

Compliance risk management is more integrated and automated than ever, and the trend is irreversible. Financial services organizations of all sizes are in varying degrees of development in their compliance transformation. After years of participating in, reviewing, assisting, and observing so many different shops, it’s easy to spot which ones are leading, which are following, and which will likely be left behind. (Yes, compliance transformation is happening in all industries and fields, as it should, but as my focus is on the financial world, that’s where my comments focus.)

Compliance transformation is fueled by technology solutions that are morphing now to offer compliance leaders in business, risk, regulatory compliance, corporate compliance, and internal audit functions more and better options to automate processes and controls.

Regulators around the world continue their clarion call for greater integration and operationalization of compliance into business processes and controls, emphasizing the link back to regulatory requirements, and insist upon enhanced comprehensive metrics to demonstrate and measure increasingly accurate and customized compliance risk management. Further pressures from the outside include greater competition, uncertain market conditions, and ever-more scrutinous external stakeholders that demand compliance programs with optimal effectiveness.

Trends and Predictions:

  • The separation of primary controls functions — Compliance, Risk, Audit, Governance, Information Technology (including Cybersecurity, Data Protection, and their ilk) — will continue to dissolve. In the future, we might not use these labels as prominently as we do today, or perhaps even at all.
  • Compliance and Legal will continue their ongoing separation into distinct and distinguishable professions and functions. The compliance officer of the future (I would argue of the present as well) is less an interpreter and applier of laws and more an engineer, data scientist, and relationship manager. Perhaps counterintuitively, the full separation of Compliance and Legal into discrete functions will forge a better and more effective partnership between them.
  • Compliance innovation is technology innovation.
  • Big Data continues to grow in importance as it leads to its logical higher plane, Artificial Intelligence, Machine Learning, Deep Learning, etc.
  • Blockchain will change the entire compliance-risk-audit-governance-and-controls ecosystem by becoming the very ecosystem itself. I do not have a timeline for this; it will happen like many revolutionary disruptions: gradually, then all at once.
  • One day, the notion of a separate and distinct compliance function will be anachronistic. It will be such a fully integrated, seamless, real-time part of day-to-day operations across the enterprise that it’s nearly self-fulfilling.

So, Yes, Compliance Transformation is a thing. And I’m all in. Are you?

It’s Not The Rules.

Nope. It’s bigger.

In my consulting and advisory work, as well as in general conversations with compliance and other controls functions leaders both in and out of financial services and cryptoassets, I’m seeing a consistent trend. It cuts across all industries. And there’s no turning back.

Compliance (and similar) leaders need strategic design thinking, and they need it today.

There are myriad services and service providers who can help organizations identify, interpret, and apply the rules and regulations that affect their business. No doubt that is still a basic non-negotiable aspect of a fulsome and successful compliance program, regardless of industry.

Years ago, this was the primary–almost exclusive–focus of internal compliance programs. In the Age of Blockchain+AI, or whatever we call where are today, that’s no longer the case. By now, after decades of compliance program evolution and maturation, most corporate and regulatory compliance programs have a clear picture of which regulations apply to their organizations, and how they apply. They allocate considerable resources to keeping up on that front, as well they should.

But the struggle that has now taken top priority is a much broader, deeper, more holistic view of internal compliance program management. The compliance champions and leaders inside organizations are seeking risk-intelligent tech-savvy strategies that help them weave it all together. They have pressing questions such as:

–How can technology help me? Which technologies should I deploy, and where, when?

–Which functions and tasks in my world should I outsource? Which should I automate? How do I evaluate that, and set up a process to continue to evaluate it?

–How do I measure effectiveness and efficiency? How do I use statistics and metrics? What are “predictive analytics” and how do I use them?

–How should my department(s) be organized and aligned? How do I empower and elevate my personnel?

–How do I pull this all together and keep it that way? How do I keep my finger on the pulse of it all?

And so on. It’s all very challenging, can be quite difficult, yet it’s also very exciting and absolutely bursting with potential. I believe we are on the cusp of a genuine revolution not just in financial services as an industry, but in Compliance itself as a practice, profession, and function. And I am thrilled to be right in the thick of it.

The Revolution Starts With Boring

I am a fan of Simon Sinek’s ‘Start With Why’ approach. (If you are not familiar with it, you can view his TEDx talk on the subject here. In a nutshell, he advocates shifting business focus away from what we’re doing, or even how we’re doing it, to why we’re doing it in the first place. This refocus intends finding the deeper value of what we’re doing, which in turn inspires us as we do it.)

However, in the case of how blockchain is revolutionizing financial services, yes, the “Why?” exercise is powerful, I daresay profound, yet the way the blockchain revolution will completely transform (and in many cases, outright disrupt) financial services, it starts with boring.

In the work I did for the MIT program on Fintech, I proposed a framework that redesigns financial services compliance functions using permissioned blockchains. I know from sitting in the Chief Compliance Officer’s seat for much of the past two decades that it is not realistic to transition a company’s entire complex and interconnected compliance ecosystem from the current analog/digital model to a blockchain-based system. I do know it is not only entirely possible, it’s absolutely essential the transformation evolves from the bottom up, element-by-element, function-by-function, to build a new ecosystem.

An example from recent industry activity: Corporate actions. [Hey, I saw that yawn!] Corporate actions are typically material events and changes approved by a company’s board and communicated widely so all affected parties (shareholders, analysts, transfer agents, custodians, and so on) can adjust their records accordingly. Corporate actions can include announcements that an issuer’s board has approved a stock split, dividend, merger, acquisition, or similar events that can affect the company’s value.

If you’ve worked with these, you know they are hardly scintillating, but you also know that one little mistake in processing can be costly in many ways. Corporate actions notices are often distributed by data vendors and processed by custodians, asset managers, brokerages, and their ilk. It’s routine stuff, just one of many back office functions that keep our financial system running. One estimate pegs the overall annual cost of processing corporate actions at US$10 billion. No one knows for certain, but it’s realistic to assume that data errors, processing mistakes, outright misses (I’ve seen that one quite a few times — people simply missed that an announcement came in), etc., account for tens or hundreds of millions of dollars’ worth of avoidable costs each year.

As reported by Coindesk, the French bank BNP is working with Tata on a blockchain-based solution to process corporate actions. This kind of ‘start small, rebuild the plumbing’ approach is the best way for the world’s financial institutions to embrace the new technology without putting their existing operations at risk by moving too quickly. Corporate actions are commonly communicated via means such as PDF documents, but they are really about sharing new data, and the new data are most often not complicated or ambiguous. The costs and pain come through all the processing and records’ updating, much of it entered manually by people who watch for these announcements. Needless to say, this much human data transfer and management is costly, slow, and leads to too many errors. A blockchain-based solution, including the use of smart contracts, could radically streamline these processes and significantly reduce risks. As with most changes of this sort, as more banks and other institutions join in — like the AML/KYC use cases, I see solutions in this area to be almost like a utility — the more streamlined and less error-prone the process will be.

This will not happen overnight. And it won’t always be all that exciting; in fact, at times, it will be what most back office activity is: mundane, uneventful, and an utterly essential part of the plumbing. But, before we know it, it will be revolutionary.

 

I. Hate. Compliance.

I know: You hate compliance, too. While we might be alike in that way, we are probably not alike in this way: I have spent most of the past two decades as a senior-level compliance officer in financial services, including a decade as Chief Compliance Officer.

I do not hate compliance in the sense that I believe we should do away with laws, rules, and ethical standards. What I hate is that “Compliance” is a separate thing unto itself in so many institutions, markets, and even societies. For most of my career, I accepted but never liked this separateness. I knew there had to be a better way, and I knew that the better way would involve rules, controls, standards, etc., being so deeply woven into the DNA of an organization, market, whatever, that there would no longer be a separate thing called “Compliance;” instead, it would just be part of the day-to-day activities of ordinary business operations. What I did not know is what that would look like.

Then I met blockchain. As soon as I understood it, I shrieked (I really did yelp out loud), “YES! That’s IT!!”

I felt like Neo in The Matrix when he sees the green bits of code cascading in front of his eyes as he finally perceived things are they really are. I started ranting like an evangelical zealot to anyone who would listen. I knew it. I saw it. And that Vision has never left me.

I started this blog to serve as a running dialogue and exploration of many things–I make no claims as to what categories might be covered or ignored for as long as I post here–and the roots are in that “EUREKA!” moment.

I am a Believer. I have nothing less than unyielding faith that the blockchain revolution will completely up-end financial services as we know it, and in the process it will assimilate compliance so fully and seamlessly that only a few of us will remember what it was like pre-“Internet of Trust” or “Internet of Value,” however you like to describe what blockchain is doing to our world.

Let’s get into it. Let’s crash Compliance like a healthy, white-hatted virus. Let the revolution begin!

PS — You can read the bio anytime, but a quick intro: my name is Anthony Dell, friends call me Boomer (so do I when I refer to myself in the third person). I am an attorney with a J.D. and an LL.M. in Banking & Financial Law, I have been in financial services since the mid-1990s in quite a few companies and roles–mostly Legal, Compliance, and Risk, including a decade as a Chief Compliance Officer in some large financial services firms–and I earned a Certificate in FinTech: Future Commerce from MIT, focusing my efforts there on Compliance on the Blockchain (that was the title of the capstone project I led), and I haven’t stopped since. I freaking love everything crypto and devour all I can about it!

PPS — I made this a Sticky Post because it’s my first one. If you think I should change that and let each new post greet folks at the top, let me know. Thanks!