The compliance officer role is increasingly being seen as a solid route to the top table – a far cry from its former reputation as a backwater job
For some, it’s a role that’s been pejoratively dubbed the ‘business prevention officer’. For others, the old joke is that you go out to lunch, or even on holiday, and when you come back you find that you’re the compliance officer.
Either way, compliance hasn’t had a very good press in the past. But that’s all changing as the increasing demands of regulation, data protection, anti-money laundering legislation, and even international sanctions, all dictate that compliance is an issue boards are taking more seriously than ever.
Failure to comply with any of the above can have devastating reputational consequences and can pose an existential threat to any organisation. Compliance, in short, has become a hot issue and a potential ticket to the top table.
Rising stature
Malin Nilsson, Managing Director of the Compliance and Regulatory Consulting practice at Duff & Phelps, sees the global financial crisis as the main catalyst for this.
“Before the financial crisis, compliance as a profession didn’t have much stature,” says Nilsson. “It was a role focused on technical rules rather than other skills. However, since the financial crisis, there has been a perceived need for better corporate procedures.
“At the same time, it’s become more important for compliance officers to interact with client-facing staff and the board – so these have all led to a raising
of its stature.”
The regulations were in place before the financial crisis, she adds – “but they weren’t being lived and breathed”. What’s changed since is the level of enforcement, rather than a general rewriting of the rules.
Nevertheless, new rules and an ever-expanding scope are also drivers of the rising demand for compliance professionals and the elevation of their status.
“The reality is that this is an area that will only ever increase in terms of the volume of regulations and the depth of work that will be required,” says Simon Walker, Chief Operating Officer and Head of Business Advisory at Guernsey-based service provider Active Optimus.
High-profile financial scandals have woken the world up to the importance of corporate governance, regulators have become increasingly determined to flex their muscles, and specific areas such as cybercrime and data privacy have contributed towards the drive for compliance on all fronts.
Expectations have also changed. “The sheer volume of information available has meant there’s more and more that is possible for you to check. And if you don’t check, then why haven’t you?” says Mark Dunster, a Partner specialising in compliance at Carey Olsen.
“There is just a much greater expectation that things should not go wrong, and so a much greater scrutiny of everything that could go, or has gone, wrong.”
No incident is too small to be investigated, for reports to be written and lessons learned. “Fifteen years ago, the average compliance officer was probably someone working part time, probably just involved in collection of client due diligence, and not treating this as a particularly complex role,” explains Dunster.
“If you fast forward, the compliance officer in any large organisation will be a full-time job, may well be supported by a number of people beneath them, and will almost certainly be relying on very expensive proprietary systems.”
Recruitment challenge
Recruitment of compliance professionals is challenging in the Channel Islands, not least because of the tight labour market and the difficulties of hiring from outside the islands.
Kevin Lazeris, Jurisdictional Compliance Leader at Sanne Group, believes the growing importance of the compliance function has made competition for talent within the field even tougher.
“There’s a general regulatory push for stronger and better resourced compliance departments, and closer regulatory scrutiny of the activities of business in turn causes the regulators to need more individuals themselves,” he says.
“And, increasingly, the regulators are using their powers to get third parties to do reviews of their regulated firms. That puts more pressure on resources because those professional services firms also need compliance experts.”
There’s also the issue of attracting recruits against the backdrop of the fusty image many have of compliance.
Active Optimus has recently launched a training programme aimed at recruiting the next generation of compliance professionals. Recruits will have the opportunity to move around inside the business, with exposure to a range of disciplines – including compliance – across the spectrum of financial services.
They will also receive leadership training and an opportunity to spend time in the Malta business, where they will learn about a different jurisdiction. “It will give them a fully rounded view of all of the consultancy services provided across the group,” says Walker.
He believes strongly in presenting company recruits with a vision for the future, in which the role of compliance moves up the value chain from being largely administrative.
Technology plays a key part in this. “There’s an ever-increasing burden of new rules and sanctions, but we don’t believe that the best use of your compliance officer is for them to focus on making sure everything is up to date,” says Walker. “Much of that work can be done centrally, with the updating in relation to sanctions and regulatory changes being automated in order to maximise efficiency.”
While compliance officer may not become the job of choice overnight, few dispute that perception is changing, both of the value that compliance delivers and of its attractiveness as a career.
“Some now see compliance as a way to the top; in the past that was never the case,” says Nilsson. “Now, it is a career that has real progression.”
Dunster adds: “I think compliance and risk officers are now starting to be seen as one of the necessary people on the board, along with the financial director, and the head of personnel.”
The right attributes
Finding the right people is not just a question of finding those with an understanding of the rules and with the appropriate qualifications; it’s also about finding someone who knows when to say ‘no’ and when to say ‘yes’.
“You’re looking for someone who not only understands the job,” says Dunster, “but has the necessary soft skills to bring a team with them and the necessary commercial awareness to recognise that, in any organisation, there’s bound to be some risk at every turn and to be prepared to make decisions in a commercial way.”
That point is backed up by Lazeris. “If we were all ‘business prevention officers’, we could all go sit on the beach because there wouldn’t be any business to do. Shareholders expect some risk to be taken. So the question is how to be commensurate in how you manage risk.”
He sees compliance officers having to be far more proactive in asking questions and believes they will come under increasing pressure to account for why they did not flag up risks and ask awkward questions whenever financial problems surface.
He cites recent press reports claiming that in a bid to avoid breaching EU rules on the amount of exposure a fund can have to unlisted securities, fund manager Neil Woodford’s LF Woodford Equity Income Fund (WEIF) had invested in smaller, illiquid companies through specific classes of securities that were listed in Guernsey.
Preliminary supervisory inquiries by UK regulator the Financial Conduct Authority (FCA), reported to Nicky Morgan, Chair of the UK Parliament’s Treasury Select Committee, on 18 June, revealed that the Guernsey listings fell within the rules of the EU UCITS Directive.
Nevertheless, Lazeris’ point still stands. “The kind of questions that should be asked include these: are assets what the prospectus says they should be investing in? Are they investing in parts of the world where sanctions apply? Are they investing in assets that are of concern to the relevant regulators?”
Lazeris also advises those entering the field to read the business pages assiduously. “People ask why. But you may pick up something that in two years’ time proves highly relevant,” he says.
Indeed, FCA CEO Andrew Bailey was recently castigated by Morgan for failing to react sooner to a story in Citywire revealing WEIF’s use of The International Stock Exchange in Guernsey. “Does anybody at the FCA actually read the newspapers and listen to what’s going on in the industry?” Morgan asked Bailey.
The personal characteristics that are now required to succeed in compliance extend far beyond the attention to detail associated with the role. Curiosity, communication skills and the ability to stand your ground are all cited as important attributes.
“You’re not looking for someone who is risk-taking, but definitely someone with ethics and integrity – a strategic thinker who can turn technical details into practical measures, someone who can interact with the board at the top level,” says Nilsson.
For companies, perhaps the biggest challenge is to stop seeing compliance as a cost and to start seeing it as a source of value in protecting the business.
“One mistake, one regulatory topple, could cost you 20 years of revenue,” points out Dunster. Perhaps failing to take compliance – and compliance professionals – seriously is the biggest risk of all.