In a May 9th Address, Michael Held, Executive Vice President and General Counsel of the Federal Reserve Bank of New York, gave his thoughts on the new compliance landscape. Held told his audience at SIFMA’s Compliance and Legal Society Monthly Luncheon that in recent years the role of compliance within supervised financial institutions has grown dramatically in size, scope, and relevance. He also said that since the financial crisis, risk and compliance functions have grown in respect and stature across the financial services industry. Despite this new stature, however, those charged with monitoring compliance at financial institutions face an environment that has become perhaps “too rules-based.” Held offered his thoughts on firms and compliance personnel can meet these new challenges.
Borrowing from the social sciences, Held said that he believes that compliance programs may be more likely to achieve their desired effects if they are based on studies of how people actually behave. Too many rules, he said, can have negative effects on the psychology of employees, driving them to behave in ways that work against a culture of compliance:
"A surfeit of rules may cause employees to believe that they are not trusted. This could create the misimpression that it is someone else’s job to consider long-term consequences or what is the right thing to do.”
While rules are necessary, Held said he believes that there should be a balance between rules and standards to engender a feeling of trust and confidence in employees.
Now, I am not suggesting that there should be a wholesale elimination of rules. But, in some areas, compliance programs may be more effective if some rules were redeployed as standards. That way, front line businesses would have to exercise good judgment in interpreting and applying those standards. Simply put, some empirical basis for evaluating the right balance of rules and standards would be helpful.
"You are familiar, no doubt, with the phrase, 'Don’t let the perfect be the enemy of the good.' My first message to you is, 'Don’t let the good be the enemy of the better.’”
Held said that through the Fed’s enforcement activities, he has noted the recent changes in the regulatory environment has created some confusion among compliance professionals and business people about their basic roles in the compliance function, saying that "most if not all firms could use greater clarity about who is responsible for what within their organization. This confusion about roles can lead to confusion of responsibility (or diffusion of responsibility), laying the groundwork for control failures.”
The roles of compliance officers have evolved with the changes in regulation. Compliance officers are not just part of a control function any longer. Rather, they have a dual role as both control function and adviser to the various business units they are charged with overseeing. Held offered three pieces of advice to compliance officers to make them more effective in this new compliance environment:
- Compliance should insist on getting involved earlier. Influence delayed is influence denied.
- Compliance should keep an eye out for larger, more systemic compliance risks and issues. As a centralized function, compliance is well-situated to connect the dots and identify broad issues that are not always visible to management. The compliance function typically serves the entire organization, and can use that enterprise-wide view to spot systemic problems.
- Compliance can increase its influence through careful stewardship of its people. This means attracting and retaining talented compliance professionals, and, whenever possible, insisting on getting to know the business area.
With regard to the need to attract talented people into compliance functions, Held said that he is encouraged law and graduate schools are responding with specialized training:
"Another cause for optimism is the attention compliance now receives in law schools and other graduate programs. Two examples are NYU Law School’s Program on Corporate Compliance and Enforcement, and Fordham Law School’s LLM program in Corporate Compliance. These programs engage key leaders in the field in important public discussions, and train students who, in terms of their understanding of corporate governance, are well ahead of where many of us were when we began our careers. These programs will contribute to a bright future for the compliance profession.”
In conclusion, Held said that compliance should not be over-lawyered, warning that fear of litigation should not prevent firms from performing rigorous, firm-wide self-examination.
"Lawyers are not immune from a similar criticism: permitting the avoidance of legal risk to become a goal in itself, rather than a tool for advancing the purposes of the organization. When an acutely litigious mindset prevents a company from launching a cross-organizational review, or writing a self-critical report, the near-term goal of managing discovery has overrun the broader interests of the company in honest self-assessment and improvement.
A legal group should not automatically veer toward shutting down self-reflection for the sake of being able to rest easy about litigation. Similarly, compliance cannot rest easy when its processes succeed in building a paper trail, but do little to uncover and resolve problematic behavior. In short, some risks are worth taking.”
The full text Held’s address is available via https://www.newyorkfed.org/newsevents/speeches/2017/hel170509