Post By: Eric T. Young
I love re-engineering ethics and compliance programs. And so should you. Doing so enables / sustains regulatory health — and business growth. Especially going forward to achieve and sustain an effective compliance program as expected by the US Department of Justice (“DoJ”) — and with a more ESG-centric administration and Congress.
I would know. I’ve been a Chief Compliance Officer for many years, educating & enlightening boards of directors of “what good (compliance) looks like”. Indeed, I believe non-banks build and sustain better enterprise-wide programs than the financial firms – which is why I joined the SCCE. And as bankers, so should you.
Lessons Never Learned – A Vicious and Continuous Reputational “Cluster” of Banks
Banks, broker dealers, asset managers, hedge funds and so-called “family offices” keep losing billions of customers’ and their own money. The financial firms pay even more in penalties, legal fees, independent monitors and customer restitution.
And worse, these financial firms never really “learn their lessons” and they continuously damage themselves reputationally. “Let’s keep cutting risk and compliance budgets – and drive business priorities over our independent “check and challengers”.
Why the “wash, rinse and repeat” of reputational financial disasters? Perhaps because financial firms simply write penalty checks like a business-as-usual “slaps on the wrist”; seek DoJ deferred prosecution agreements, and then move on because they generate mega billion profits per quarter/per year. And no executive goes to jail.
Will our financial houses – which nearly melted down the world’s core over 2007 – 2010 – ever get it right, culturally and responsibly to safeguard OUR customers, OUR markets, OUR citizens and OUR employees? Will they truly act meaningfully (not just say) how they’ll serve and protect OUR communities and society in an environmental and socially responsible manner for the long-run – for all stakeholders including employees?
Hope springs eternal and I believe they can. Especially with the new AML Act’s teeth soon to appear and with new, motivated DoJ, SEC, CFPB, and other ESG-focused agencies.
What about our non-banks?
Of course, some healthcare, pharma, food, energy and other commercial firms are also reputationally challenged or culturally toxic.
But relative to our “friendly” bankers and dealers, the non-banks do “get it” better culturally – particularly by building and sustaining an enterprise-wide compliance program.
I’d know. Having worked at the Fed and then as CCO with JP Morgan Chase, over General Electric’s industrial businesses, S&P Global Ratings, and four international banks including UBS and BNP Paribas, I’ve seen what actually works structurally – and culturally – across the spectrum of industries.
Non-banks versus financial firms
I observe that non-banks (healthcare, energy, telecom, etc.) have executed better US Sentencing Guideline Corporate Compliance Programs than the financial firms because the latter continue to insist on siloed legal entity or product-centric units. These siloes blind and cause poor enterprise-wide peripheral vision and execution (e.g., where was Wells Fargo corporate-wide chief risk and compliance officer during the decade of fake accounts?). Myopic compliance also undermines the stature/independence of the corporate CCO.
Conversely, nonbanks articulate why corporate culture, ethics and integrity are so important, though I challenge whether they can prove how their paper policies, training and “paper CCO” are actually working effectively. Their monitoring is weaker than the banks.
Where financial firms do a better job
Non-banks have fantastic programs on paper and ethics-centric cultures, but financial firms have more robust compliance monitoring & testing, with some deploying machine learning, “GRC” “regtech” and AI tools to more visibly prove – and someday predict in writing – how our employees and businesses are truly complying consistently.
These smart tools (e.g., by NICE Actimize) enable financial firms to prove their employees’ behaviors measured by their emails, social media, trading & sales and financing activities are actually complying. Banks’ teams of compliance auditors are also compelling businesses to supervise their teams more closely and in writing. Take heed, nonbanks!
But AI & monitoring only proves whether a firm’s culture/behavior is working or not. It doesn’t compel the right culture. Like a medical stethoscope doesn’t prevent heart attacks. They simply measure and report.
Common challenges for non-banks and financial firms
Cyber-crime remains one of the most exposed risks to all firms and the US Homeland Security lists sixteen industries (e.g., energy) as essential – and vulnerable. These DHS-“essential critical” industries (e.g., energy, communications, financial, food, health and other sectors) face national security threats daily by cyberattacks by cyber-criminals and terrorists.
Compounding this is the blurring and convergence of our 16 essential critical industries driven by Big Tech and social media monopolies, fintech, digital / crypto currency, and others controlling our markets’ information and financial flows.
This means all industries need a new way of identifying blurrier risks and managing them in creative and synergized ways.
Compliance Solutions across Industries
Our compliance risks are growing higher, our whistleblowers are further retaliated, executives less accountable while cybercrimes / fraud is viral. Our corporate world is blurrier while our boards grow more vulnerable – and liable.
This is why I’ve co-developed our “Compliance Solutions across Industries” conference with the SCCE on June 9. Watch our DoJ panels, and learn how KYC cuts across industries from Ellen Zimiles / Guidehouse and moderated by the Association of Certified Financial Crime Specialists. Learn about anti-bribery / corruption from financial crime legend, John Cusack and the DoJ. Witness why anti-trust enforcement is real from our DoJ panel and then receive pragmatic advice from Promontory CEO Gene Ludwig, former DoJ anti-trust chief Jeff Martino, and FIS CRO Greg Montana. And to top it off, experience why governance is paramount with retired Delaware Supreme Court Chief Justice Leo Strine, Jr.
Join the SCCE, and please register to join me this June 9 at our conference!
About the Author: Eric Young is CEO of Young Enterprises LLC, author, and founding publisher of EthicalPebble Publishing. He advises companies and others on how to re-engineer compliance and ethics programs to enable regulatory health and business growth. Eric has many years regulatory and Chief Compliance Officer experience with the Fed, JP Morgan, General Electric, S&P Global and four international banks including CIBC, UBS, RBS, and BNP Paribas. He is also an Adjunct Professor of Compliance at Fordham University School of Law. His first book, “Declaration of Independence – Partnering independent Compliance with the board of directors to hold management more accountable” is due out this July 4, 2021. His LinkedIn profile is: https://www.linkedin.com/in/youngerict/