The 2015 Season: Compliance, Culture and Responsibility
In a recent interview, Matthew Weiner, creator of Mad Men suggested that the trend of internet-driven public shaming was born from a deep sense of powerlessness; I wonder if the current obsession over the importance of compliance isn't driven by the same realization.
At the risk of being declared an apostate by my GRC brethren, I am not for a moment suggesting that their role and function is either pointless or inconsequential. Their insights are often invaluable and their actual contribution seldom properly appreciated.
What I do believe is that the Industry's obsession with "compliance" is unhealthy and counterproductive; it creates unrealistic expectations of error-free business, ingrains negativity bias in the corporate DNA and shields management incompetence from proper scrutiny.
It's not a game, but this may be a helpful metaphor for understanding financial services compliance. Think of it this way - compliance watch the touch lines and in-goal areas, but it's management that determines who plays, in what positions and who is benched or repositioned.
They even sign the players, call the plays and make the "captain's pick".
So how realistic is it to expect "compliance" to pick up every infringement and every off the ball incident?
How fair is it to expect them to divine and second-guess every strategic decision made off-field?
How reasonable is it to expect them to penalise players acting within the rules?
Remember, there's no video ref they can consult in real time, no past-players offering expert opinion and no judiciary publishing swift and definitive determinations. They're often under-resourced, over-committed and struggling to follow the play.
in reality, every enforceable undertaking in financial services reflects management failures; either deliberate choices, reckless decisions or negligent failures to acknowledge or remedy obvious failures.
But "compliance failure" is too useful and reassuring a label for Directors and licensee management to abandon overnight.
In a recent post about business ethics, Seth Godin wrote
"I worry that we absolve ourselves of responsibility when we talk about business ethics and corporate social responsibility. Corporations are collections of people, and we ought to insist that those people (that would be us) do the right thing. Business is too powerful for us to leave our humanity at the door of the office. It's not business, it's personal."
Substitute "compliance" and "governance" for "business ethics" and "CSR" and you'll identify the fundamental flaw at the heart of arguments for financial services self-regulation.
ASIC, and some industry participants, recognise these failures and have tried to reframe the game. By focussing on culture, conduct and sustainability they hope to make the game cleaner, clearer and more consistent. Banning management and holding Responsible Officers to account is a beneficial outcome for all responsible Licensees (but one surprisingly unpopular with Licensee management).
Only time will tell whether misaligned incentives, embedded short-term decision making and an absence of accountability can be addressed in this fashion, but at least focusing attention on individual choices and personal accountability is a good way to start the 2016 season.