Since the global financial crisis a decade ago, the compliance function has grown in importance to become a key element within organisations of all sizes, from Financial Services and Banking to Professional Services and Industry.
In the face of potentially multibillion-dollar fines from regulators for non-compliance, boards are more risk-aware today, pumping increasing resources into compliance teams in order to surf the relentless waves of regulatory change. Both these fines and the increased spend are factors that didn’t exist a decade ago, but which impact on a business’s bottom line, bringing the effectiveness of the highly skilled compliance specialists into the spotlight and under scrutiny from stakeholders.
As if that wasn’t enough pressure, the role of these specialists has also changed drastically over the last 10 years, each year bringing new challenges to their desks, from AML in recent years to GDPR and data privacy in 2018. Talking to our clients and candidates in this space, we’ve highlighted four key themes below that are top of their agendas right now.
1. Lack of skilled resources
A compliance function must comprise of the appropriate expertise to identify and mitigate regulatory risk, with the option to outsource if required. However, because technology is changing the working world we live in, the skill sets of compliance professionals need to change too, and during any period of transition, there can be a skills shortage.
According to recent research, 37% of compliance leaders think there will be further changes to the regulations, which, coupled with the lack of skilled resource is the biggest challenge facing our clients right now.
Digitalisation and automation are becoming the norm in compliance controls and monitoring, while tech skills such as data analytics and data science are becoming increasingly sought after. Emerging risks such as cybersecurity and data protection require specific expertise, as does the rise of fintech. Compliance officers are changing with the times, but now have the opportunity to focus on a niche area to increase their market value, given specialist skills tend to limit the talent pool and increase the cost of those professionals. As such, despite the need, growth in compliance teams has been fairly static and resources are inextricably linked to the third challenge cited by our network: budget.
“Compliance leaders should be thinking about the FCA’s push on ABC, UBO identification and due diligence which will become a significant focus in 2019/20, as will the FCA’s drive towards real time analytics and data collection; organisations need to be able to identify and share data more quickly.“
Steven Newman, Advisor to Transparency International
3. Lack of budget
The biggest change to the compliance function over the last decade has been in the adoption of technology and this will probably remain true over the next decade. Fintech, regtech, insurtech and cybersecurity were unheard of until relatively recently among compliance professionals, who have had to expand or hone their skill sets accordingly.
Automating certain compliance activities with the use of AI brings increased speed and accuracy to processes, benefitting businesses by freeing up the compliance function to add more value to other areas. However, to get there requires significant investment, potentially across the entire IT infrastructure, bringing its own challenges of integration; training; legacy systems; increased IT headcount; and business as usual during the implementation.
Once in place, the concern currently facing leaders is that the automation of compliance processes doesn’t just happen overnight but needs the expertise we mentioned earlier to ensure that the benefits are delivered. Tech spend has a number of related expenses and timescales to make sure that it is implemented to full effect and is set to be an ongoing challenge for compliance leaders going forwards.
Historically, compliance budgets have always been difficult to measure, due to the nature of exactly what falls under compliance for each sector or each organisation. Furthermore, spending on compliance was also seen as a necessary evil – something that had to be done to comply with regulations and remain in business, but that the bare minimum would suffice. Today, firms know that non-compliance is far more expensive in the long run, and so budget accordingly. It’s safe to say that with frequently changing regulations over the last few years, combined with the implementation of technology, budgets in general have gone up and should continue to do so while we progress through this period of change. In fact, a recent study has demonstrated that there has been year-on-year consistency in the percentage of firms who expect to have more budget available: 63% in 2019, compared to 61% in 2018.
The concern among leaders is where that extra spend will go – because without the skilled workforce, the tech is redundant. Firms obviously need to invest wisely in the right technology to improve the efficiency of the compliance function, and this spending should be short-term if the technology is chosen correctly. However, budgets are not infinite, and the tech spend will always offset the staffing budget, particularly tricky when the cost of senior compliance staff is expected to rise in 2019.
4. The personal burden
Personal accountability and liability were introduced in the wake of the global financial crisis to both hold senior individuals at a firm responsible for future non-compliance or financial wrongdoing, as well as raise awareness of risk across a business. While not specifically aimed at compliance officers, there is definitely nowhere for them to hide, particularly when mitigating this liability comes under their remit. According to recent research, the vast majority (98%) of firms expect the personal liability of compliance professionals to either remain the same or grow in the coming year.
With this in mind, the key challenge with liability regulations is that they require board level support to the compliance function to help create a strong compliant corporate culture, which in turn needs awareness driving and ongoing training internally throughout a business. It’s all very well for the compliance professional to manage their own personal regulatory risk, but when they are ultimately seen as responsible for conduct of others, this places a significant burden onto the individual, further placing the right talent in shorter supply. Tied into this is the broad scope of the accountability regulations – senior individuals are also responsible for the misuse of technology too, bringing us back to an earlier point about today’s compliance professional needing the relevant tech expertise.
All of these challenges are linked, often dependent on one another, so it’s crucial that leaders in the compliance space are able to consider the bigger picture, as well as have their board on side for an organisation to tackle these issues successfully.
Are these key challenges in line with what you’re facing at the moment?