The changing face of compliance
Compliance plays a significant role in facilitating organisational success, a fact that is becoming widely recognised across multiple industries. The “old school” approach to compliance – as a tick-box exercise – is on its way out. Spearheading change in the UK, the Financial Conduct Authority (FCA), through discussion as well as regulation, is encouraging firms to step up to a new proactive methodology across the whole field of compliance.
This evolution reflects a sea change in the way that compliance is managed. Its practitioners are developing into key players inside a business, supportive of growth and forward-thinking; people who rely less on a regulation-led mindset and more on wide-ranging business expertise which operates inside the specific framework of a company’s own ethics and governance.
In short, therefore, companies are looking for creative, robust and imaginative individuals, with business acumen as well as regulatory knowledge, to join them in compliance to facilitate company success. In the words of Dominic Christian, CEO of Aon: “A high calibre, contemporary Compliance team truly protects, promotes and differentiates successful businesses.”
A buoyant market
There is no doubt that the skills needed to build a Compliance function successfully have become better understood since the compliance failings exposed in the financial crisis. This has produced a very buoyant, competitive and candidate-driven market. Hiring managers have responded by taking an innovative approach to recruitment.
From an internal point of view, this means companies have implemented development programmes, allowing employees to progress upwards within the company through organic growth and internal movement into different roles and ultimately leading to higher staff retention.
From an external perspective, hiring managers are becoming more open minded to different candidate backgrounds, recognising and valuing skills that are transferable across multiple sectors.
Current market focus
With a plethora of new regulations coming into play, we are seeing an increase in the area of cyber space requirements across multiple industries, from insurance to banking to FinTech, to name but a few.
There has also been a growth in the regulatory burden of AML, counter terrorism and anti-bribery and corruption, and shortly the FCA will be rolling out its Financial Crime Annual Data return.
We asked our clients across financial services as well as non-financial services “how do you believe financial crime and budgets will change over the coming months?” The main response was that there will be a significant growth in AML.
We also asked whether financial crime is seen as a priority. The overwhelming response (especially from the FinTech and payments sectors) was “yes”, in particular in fraud investigations, including application fraud, debit card fraud and payment fraud.
Roles specialising in financial crime are, as a result of this concern, seeing a boom. At Broadgate Search, for example, we have been building teams from scratch for a number of clients. We have developed this expertise in response to an acknowledged need. Compliance departments have recognised that they need increased capacity and breadth of skillsets to meet the evolving specialist focus in this area.
Conduct risk is another area in which the market focus is growing. Although there is some variety in the way conduct risk is defined by different companies, it is generally taken to refer to losses to a firm emanating from poor conduct in general. It is specifically seen to refer to the way in which a firm, and its staff, conducts itself; to the culture of the firm; the way stakeholders are treated; sales and design processes; servicing of products; and the analysis and reporting of systems relating to conduct and behaviour.
We spoke with Anthony West, Head of Conduct Risk, StarStone Insurance, about how the concept of conduct risk has evolved over recent years, from being relatively unexposed and underestimated, to being one of the major risks faced and managed by the market. He argued that conduct risk, and placing the customer’s best interest at the heart of everything you do, requires a shift in mindset. Over the last two years, firms have been asking key questions: “where do we start?”, “how do we embed conduct risk?”, and “what sort of framework do we need?” He believes that this is positive: it encourages firms to think outside the box and, ultimately, to hire a more diverse workforce and, as a result, increase productivity.
Developing a robust framework of definitions, processes, controls and outcomes has been a key component of executives’ agendas. The cost of failing to identify risk to stakeholders or to the market can be material, and it makes good business sense to manage conduct risk as effectively as any other risk facing a firm.
Key regulatory developments
The second Markets in Financial Instruments Directive (MIFID II) will reshape the secondary trading of financial instruments, particularly derivatives. It aims to ensure that firms make the best interests of clients central to their business across retail and wholesale markets.
The second Payment Services Directive (PSD 2) came in to play in January of this year, with the objective of standardising and improving payment efficiency and consumer protection across the EU. Firms will have until January 2018 to implement it. This is a revised version of the Payment Services Directive (PSD), which simplifies payments and payments processing and which created the rules and guidelines for modern payment services.
The whole area of consumer protection is continuously growing and highly significant. Take the TalkTalk story, for example: a cyber hack that cost the company £60m and the loss of over 100,000 customers. This is exactly what other companies need (and are trying) to avoid.
Data protection is another challenging area of compliance. We discussed the upcoming EU General Data Protection Regulation (GDPR) with Jason Jones, former Compliance Director at Hiscox. He suggested that the GDPR, which was, before the Brexit vote, due to take legal effect in the UK in 2018, is still likely to be incorporated into UK law. “Hoping it will go away is not a sensible plan,” he advised.
Undoubtedly, compliance with this new regulation is going to take considerable effort, and company investment in technology and skilled personnel is already underway. His advice is that companies need to start conducting impact assessments now, as “some of the GDPR features are extremely challenging”.
Overall, he argued, the law is well-intentioned. It promotes the ease of “switching” for customers, and the “right to be forgotten”. These are tough areas for businesses and the compliance challenge should not be underestimated.
Mr Jones also explained that, although the Information Commissioner’s Office (ICO) has said that it will prepare and issue industry-specific guidance on the GDPR, no timeline has been set. Companies, in his view, shouldn’t wait for their sector’s guidance to be introduced before conducting their own impact assessments and planning their own technology changes.
Demonstrating commitment
What issues do the changes outlined above raise for those seeking roles in compliance? What are stakeholders looking for when hiring?
We asked a number of our key clients what ticks the boxes for them when hiring. The most common answer was that the potential new team member has the right personality, enthusiasm and commitment to fit the company. Obviously, time management – be early for an interview – and knowledge of the company and the role are significant, as is background research so the interviewee is prepared and can answer questions concisely and precisely. However, while you can teach skills you cannot change someone’s personality – you cannot turn them into someone they are not.
Our research also indicated that views on a candidate’s longevity in previous roles are assessed differently now. Gone are the days when five years in any position was considered the norm. Today, in the fast-evolving and multi-faceted world of compliance, given the fact that candidates with the right mix of transferable skills are driving that market, around two years is considered sufficient longevity to be treated seriously by any potential new employer.
We have also found that, with good transferable skills becoming increasingly significant across all sectors, industry leaders are recognising the value of ICA qualifications.
So, what are the benefits of an ICA qualification? In a nutshell, it shows commitment – commitment to kick-starting a new career in compliance, or commitment to developing a specialism, such as AML, for example. It also facilitates greater diversity within a company, which is a business asset increasingly recognised as positive for the culture and success of that company.
At Broadgate Search, we are seeing a growing number of candidates crossing sectors: from lawyers progressing into compliance in a firm outside their legal background, to police officers transitioning into financial crime, to ex-military personnel transferring to risk management. All these groups are using transferable skills that have been developed over their careers, and an ICA qualification will facilitate that move.
We have long recognised the importance of transferable skills and our CSR supports this ethos. We support Ex-Military Careers and the Ex-Military Foundation, a charitable trust set up by Ashley Lawrence, one of Broadgate’s founders, to help ex-military personnel find new careers on civvy street.
Embracing diversity
There is no doubt that the focus on compliance across all sectors is making its presence felt in the market place. Companies are recognising that a strong Compliance team can aid productivity and growth and they are responding positively to the idea that a diverse workforce provides a healthy mix to protect, develop and sustain that growth and, of course, long-term profitability. We welcome this. As Ben Adams, Director at Broadgate, says: “We are in favour of encouraging employers to be more open-minded. Widening the talent pool and seeing the positives in candidates with transferable skills and from diverse backgrounds will, in our view, help a company’s workforce become more creative and, ultimately, more successful.”