Between 2002 and 2016, employees of Wells Fargo fraudulently opened fake accounts and forced customers to take on services which they did not need due to pressure from top level management to enhance sales and meet quotas. Wells Fargo agreed to pay $3 billion in February 2020 to settle the criminal charges and actions brought against it. This case illustrates a complete lack of an effective compliance culture within every level of an organisation and what impact it can have
Scientific research supports the fact that a lack of an effective compliance culture in financial institutions not only had an impact on the financial crisis but is also a driver of human error, resulting in scandals, fines, and reputational damage. During the Anti-Financial Crime conference hosted by Deloitte Germany Forensic in 2019 in Frankfurt, a panel discussion took place with the title ‘Culture as a major root cause for of financial crime’, one noteworthy statement of a panellist is “Social psychology assumes that our behaviour at work is influenced by the ‘system’ around us. Employees base their choices, and therefore their conduct, on what they perceive as important to the organisation. It is key that the signals sent from both the formal and informal structures of our organization are aligned.” Indeed, as someone who has been working regulated services for more than 5 years now, I can confidently say that culture can act has an enabler or disabler of financial crime and can make or break a business.
I often find it easier to grab the attention of the relevant stakeholders when talking about compliance culture when I link effective compliance culture to the business achieving its goals. Undeniably, a key benefit of implementing an effective compliance culture is that it encourages better decision making.
Culture acts as a reference and answers to questions which employees at all levels may have as they move through the decision-making process. An effective compliance culture will lead to decision making which are aligned with businesses’ values.
Embedding an effective compliance culture is not a one-time exercise but rather a continuous process since behaviours need to be constantly reinforced. The tone is set from the top, the leadership team has to embrace a culture which fights against financial crime to set an example. Communication is key, all employees should be aware of the values of the company and the risks it faces.
Businesses should empower employees and make them feel that they are a part of a team to promote and encourage ethical behaviours. The employee appraisal Programme should be reviewed to ensure that it is aligned with the organisation’s values and culture and to create a sense of accountability. Financial Institutions should ensure that they have reviewed their internal controls and policies, so that the governance around the day to day running of their businesses does not conflict with their desired culture. Recruiting people with the desired skills and capabilities is an essential part to instilling an effective compliance culture.
Today we can read about compliance culture everywhere however the jury is still out on what a good compliance culture means exactly. There will be definitely more than one good answer to this. In my opinion, one simple illustration of a good compliance culture is the ability for employees irrespective of their hierarchy to address their opinions and concerns without any trepidation.
Following the publication by the Malta Financial Services Authority ( ‘MFSA’) in December 2020 of its Guidance on Technology Arrangements, ICT and Security Management, and Outsourcing Arrangements (the ‘MFSA ICT Guidance’), and the issuance of a number of related circulars (the ‘ICT Circulars’), more recently, the MFSA sent to all Maltese regulated firms a questionnaire (the ‘ICT Questionnaire).
Not your average holiday read, but our Joint Chair, Wayne Bulpitt, took time during his recent holidays to read the Financial Intelligence Service (FIS) Annual Report 2020 and was struck by how little impact evidence is reported.