Ticking a box or managing financial crime?

Is solely complying with regulations really managing financial crime risk? FinTech and start-ups have the opportunity to carve a new path in risk management strategy

Over the years the term and structural title of Compliance has become associated with a perception of a tick box nature, obeying the rules or guidelines of regulation with little room for dynamism and flexibility.

Is that what the industry and regulators want? What does it conjure in your mind when you think of the word Compliance?  This is what the dictionary says:

The state or fact of according with or meeting rules or standards

It is not exactly inspirational and equally, in the rapidly evolving world of financial crime risk management it is not particularly accurate or effective. Do you want to meet rules or standards or do you want to manage risk? Do criminals operate within a framework of regulatory guidelines? No. They are far more agile in their ability to exploit vulnerabilities.

Adopting a tick box mentality can be hugely detrimental to the success of an organisation to manage and adapt to rapidly changing financial crime typologies. You need to be using innovation and working collaboratively across teams to hit the desired effect. Yes, the lines of defence model is there for a reason and you absolutely must comply with regulations as they apply to you but more importantly you must understand why you are applying them and how you may need to adapt the concepts and even go beyond in a dynamic way. As the situation dictates you may need to go beyond the regulatory guidelines in order to meet the risks head on. It is a dichotomy that large financial organisations have been battling for years.

Would it not be refreshing to hear more about the financial crime and regulatory professions empowering business strategy, on the front foot, going beyond the norms of regulation to add maximum value to the business they support.

We think part of the problem is in the title – Compliance.  Let’s talk about risk management strategy instead.