The modern CCO: responding to new demands and technology challenges

Bernadine Reese

Carol Beaumier

Compliance teams in financial services are busy: they face an increasing number of responsibilities and are simultaneously nurturing the next generation.

Carol Beaumier and Bernadine Reese, managing directors at Protiviti in the US and the UK, share their vision for the chief compliance officers of tomorrow – and what will help them to thrive.

Financial services firms face a growing set of risks: conversations about environmental, social and governance (ESG) have been developing around the world alongside increasing scrutiny on vulnerable customers, cyber security, cryptocurrency, cloud, and operational resilience. These areas of focus add to myriad other risks faced by the industry.

This means the compliance mandate is expanding rapidly, as regulators add to the agenda, and risk teams ask for more support to meet these challenges. The modern chief compliance officer (CCO) and their colleagues will need much broader skills to tackle the task ahead.

Behind the scenes with compliance teams

When we started our careers, compliance officers were responsible for interpreting and implementing a seemingly finite set of laws and regulations. But since then, technology has disrupted business models, changed the nature of financial transactions, and the sector has become more innovative. The market has provided opportunities for challenger banks, alternative payment platforms, and a greater range of financial products.

The risk agenda also continues to shift and rebalance depending on regulatory priorities and world events. Fraud, cybercrime, and operational disruption have certainly increased. Regulators are working hard to keep up with the evolving landscape, but the pace of change has varied between countries. This complicates matters for compliance professionals making sense of rules that aren’t always aligned in the locations where they operate.

As a result, they are under pressure from the volume of regulation, and from areas beyond their traditional remit; at the same time, their roles have expanded to include more responsibility. They are no longer only concerned with the legal nature of regulation; increasingly, they are expected to be change managers, behavioural scientists, and data analysts, among other job requirements.

According to a recent report from Thomson Reuters, one of the biggest challenges for the profession is ‘a lack of skilled resources’ to keep up with regulatory change and the increasing demands on their time. While some are feeling burned out most suggest they are satisfied with their work, however, and continue to believe it’s important.

So, what will it take for modern chief compliance officers – and their busy teams – to step forward into the future? We believe a combination of technology and skills development will help them to avoid burnout and thrive in this new world.

The role of technology

As regulatory expectations for the role of compliance teams continues to evolve, the cost of compliance is going up, creating more opportunities to use ‘RegTech’ solutions. In the report from Thomson Reuters, 47 per cent of compliance professionals said spending will rise, and 55 per cent will assess FinTech and RegTech software in the coming year.

In our experience, conversations around technology have evolved quickly: companies are moving away from asking how they can use it towards an assumption that it’s being put in place. But in the case of compliance, technology is often deployed as a reactive response to regulatory concerns: tools are commonly used for a narrow purpose without much thought about the bigger picture. In many cases, banks and other financial institutions don’t optimise the functionality of technology, which slows things down.

To help bridge these gaps, we believe there needs to be a new way of working between the suppliers of technology, and the financial institutions using it. If there was a middle ground, where compliance professionals could speak the language of RegTech, and software professionals could understand more about compliance, the outcomes would be more successful for everyone.

Ultimately, ‘throwing bodies at the problem’ would become a thing of the past, too, allowing people to spend more time interpreting data, communicating the importance of compliance and focusing on outcomes. Redirecting the efforts of compliance teams would also elevate the role of compliance and help to alleviate any feelings of burnout for a finite pool of professionals working in the sector.

The role of skills

As the need for broader skills has become apparent, the opportunity for a new type of compliance leader is taking shape: people with experience of transformation and an appreciation of what’s needed in digital organisations, the compliance leader will also work well with the board, team seamlessly with people across the organisation, and build on their technical backgrounds.

With this evolving list of skills, the leaders of tomorrow could also help others to view their career progression in new ways: compliance will be more exciting than it was 20 years ago, because of the variety of opportunities on offer and the growing influence of the profession.

But more needs to be done to help realise this vision. We’ve seen growing numbers of educational institutions running compliance programmes, helping young people appreciate it’s a valid – and varied – career; we’ve also seen financial institutions helping people to develop their digital skills on the job.

Compliance professionals now need a combination of digital and professional skills to nurture modern CCOs; so, here are three areas to consider:

• The wider compliance mandate will continue to embrace innovative approaches using good and reliable data. Behavioural pattern analysis is already replacing the standard rules and filters for transactions; natural language processing is also helping to detect and avoid customer complaints early. We know regulators are moving towards data-led supervision; a good understanding of risk and data analytics is key.
• Regulatory focus on issues such as operational and cyber resilience, and ESG, calls for a deeper understanding of how the whole business works. This means that compliance teams need to understand the business as well as their other colleagues in each of the three lines of defence.
• In the boardroom, compliance officers will therefore be increasingly expected to combine strategic thinking with strong analytical and technical skills, and an ability to build relationships across the business. Digital savvy leaders with an executive presence and backgrounds of technical knowledge will thrive.

Broadening the compliance horizon

We believe the future of compliance will be based on a combination of new skills and technology.

CCOs and their teams will automate many of their existing processes, enabling them to spend time interpreting data, communicating stories and trends, and advising their executive teams on compliance strategies. Through transformation programmes, they will develop new leadership skills and get to grips with new areas of regulatory focus.

But ultimately, the goal of the modern compliance team, will be this: to weave technology and compliance into the ethics of the business, and develop a dynamic approach that helps strategically navigate a changing world. So, let’s all help them to get there.