In this interview with Help Net Security, Simon Winchester, VP Worldwide Advanced Technologies at Jumio, talks about the changing role of the chief compliance officer (CCO) and how to alleviate some of its burdens in today’s highly regulated world.
As we see new compliance regulations arise, organizations must make sure to meet the standards. How important is the role of the CCO in this process?
Organizations today are challenged to address a confluence of regulatory and business changes that are putting new demands on compliance. The pace of regulatory change, convergence in global regulation, and competition from new market entrants have created a complex environment for organizations across all industries as they try to protect consumers and themselves from fraud, money laundering and other financial crimes. As such, the role of chief compliance officer (CCO) – someone who can carry out a thorough risk assessment on the company and its stakeholders – is more important than ever.
By appointing someone who is responsible for staying up to date with all relevant regulations and knows how to develop and enforce a structured compliance programme, organizations can ensure they have peace of mind that they are following government regulations at all times.
What can be done to change the perception of the CCO as an organizational bottleneck?
Manual compliance work is both time-intensive and error-prone which can lead to this perception of CCOs as an organizational bottleneck. However, automation puts an end to much of this workload, as it eliminates human error and improves efficiency and effectiveness. With manual processes now being streamlined, this relieves the strain on compliance ofﬁcers. Moreover, automation reduces data complexity which allows CCOs to not only process, but also better understand, larger amounts of data and to reveal behavioural patterns that can better focus their efforts.
In turn, organizations can become more proactive, rapidly expand at scale, address new market opportunities and engage seamlessly with new investors and partners. Conversely when a CCO has a vision and strategy – that is then implemented and automated – they are then seen to be the biggest champion for revenue enabling run rate business rather than stifling it.
Moreover, automation leaves more time for CCOs to spend on compliance tasks that cannot be automated easily, like the judgment of complex business situations in highly regulated markets. With flexible AML tools, trusted and established vendors and well documented policies, CCOs are able to stay on the front foot and foresee and manage potential risks while adhering to compliance throughout.
What could be the impact for organizations if they fail to adhere to compliance regulations?
Perhaps the first and most obvious consequence is the possibility of the organization being fined for non-compliance. Fines for the most serious safety breaches are now routinely in the hundreds of thousands of pounds – last year the UK’s Financial Conduct Authority handed out £568 million worth of fines and this figure is expected to rise. In addition to the fines, there are of course legal costs and those of the prosecution, too. In exceptional cases of non-compliance, both employers and employees can face imprisonment for their wrongdoings, with sentences of up to 5 years.
Moreover, any organization failing to comply with legislation can face reputational damage which comes with a loss of customers as well as current or potential staff. Not only will this have a knock-on effect on sales, but it can also affect an organization’s ability to recruit new talent and attract investors and business partners for years to come.
Are there technological advancements that could help CCOs optimise their workflow and reduce risk?
Know your customer (KYC) and anti money laundering (AML) processes are required in countries all around the globe. Together, they are critical for preventing fraud, money laundering and other financial crime.
To help these obligations, CCOs can look to automated KYC solutions, real-time risk and fraud screening tools and flexible analytic/reporting solutions. Particularly in high growth and digital markets, like fintech, neo banking and payments, this allows organizations to strike the right balance between customer experience, compliance and security.
When a solution incorporates and automates end-to-end compliance, covering all facets of that CCO’s risk-based approach, CCOs can monitor customer risk, investigate suspicious activity and file regulatory reports. When a solution also leverages real-time technologies, it can help organizations to make an accurate decision within seconds and block fraud and risk while enabling a quick and simple customer experience. This allows an organization to stay compliant while also freeing up the time for CCOs to concentrate on other priorities.
What best practices should CCOs implement to drive innovation and business continuity?
The best CCOs partner with the business to really understand how to place gates and controls that mitigate risk, while still allowing the business to operate at maximum efficiency. One area of the business that is particularly valuable is the IT department, which can help CCOs to maintain and provide systematic proof of both adherence to internal policies and the external laws, guidelines or regulations imposed upon the company.
By having a dedicated IT resource, CCOs do not have to wait for the next programme increment (PI), sprint planning or IT resourcing availability. Instead, they can be agile and proactive when it comes to meeting business growth and revenue objectives.
Technical resourcing can be utilised for project governance, systems review, data science, AML and operational analytics, as well as support audit / reporting with internal / external stakeholders, investors, regulators, creditors and partners. Ultimately this partnership between IT and CCOs will allow a business to make data-driven decisions that meet compliance as well corporate growth mandates.
As such, it’s also a good idea for CCOs to be aligned with the CEO and CFO on all news and updates related to compliance activities. Having an open line of communication with the CEO and CFO will enable CCOs to gain cultural support when it comes to providing guidance, advice and training to all the departments regarding relevant laws, rules, regulations and compliance standards.