For many organisations, recent developments mean an accountable person responsible for compliance needs to be a board director. For some firms this might be the CEO, a legal director or a dedicated compliance director.
The individual accountable for compliance needs to feel safe to speak their mind and always be trusted to do this. The board must take on the recommendations presented by the head of compliance but also be in a position to make up their own minds in order to navigate a correct course of action.
There is however a balance: most organisations exist to meet strategic commercial objectives and not solely to be compliant. It is the responsibility of the head of compliance to help build a successful business while being compliant at the same time.
Managing compliance risk
In the past, compliance professionals were often viewed as “business prevention”; however, this view is no longer considered appropriate. Those that head up the compliance function now need to adopt an empathetic attitude where they step into the shoes of colleagues and understand their commercial objectives while ensuring that no unacceptable compliance risks are being taken.
This is a positive shift, and it should be recognised that no firm can ever be 100% compliant all of the time, so compliance officers are looking to achieve and manage an acceptable level of compliance risk. This relates to the level of seriousness of issues and their impact. There should be no serious breaches and controls should be in place to swiftly identify and prevent rapid escalation of any minor breaches.
It is actually dangerous to believe that a firm can take a zero tolerance to compliance risk, but they can have a zero tolerance to material breaches. Regulators understand this too. It’s a pragmatic and realistic approach.
For example, HSBC came under scrutiny between 2011 and 2018 for excessive de-risking due to being under a deferred prosecution agreement with US regulators. Too much caution could have been deemed potentially damaging to the organisation and its customers’ interests.
So, what does this mean for the pay package of compliance professionals? When a compliance officer perceives their variable pay may be reduced by their actions, there is a risk that biased decisions will be made. This is more to do with the influence of the respective bonus and less to do with the integrity of compliance professional. However, the unconscious bias of variable remuneration should not be ignored.
The fact is that conflicts of interest arise all the time. So, should we aim to remove them completely or manage them?
Controls for compliance and variable pay
Firstly, there needs to be an understanding that any variable financial bonus can influence behaviour, for both good and bad. The main challenges lie in rewarding individuals for meeting short-term targets. If there is pressure or a benefit for the business and the individual to meet say a quarterly target, it can influence decision-making and increase risk.
One example was a company where the board decided to sell-off a subsidiary to rationalise costs and meet quarterly financial targets. The executive directors were in a difficult, pressurised situation where failure to end up in the black could have resulted in the loss of their own jobs. They should have challenged their own decision. The non-executive directors and the head of compliance should also have spoken up. However, really this situation, is an example of where the system of remuneration and controls failed and needed to be addressed as it drove the poor behaviour.
Limiting short-termism and removing incentives is one option for a pay strategy, but we can’t just remove bonuses entirely as the link to commercial success will be lost and the organisation as a whole and its clients may suffer commercially. Compliance professionals will not be able to empathise and co-operate as efficiently with colleagues with different objectives if they are not commercially focused too. Therefore, how variable pay is structured to influence behaviour in a desired way is important and this needs to have a long-term view.
A remuneration package could be designed to include a deferred share option, such as the kind often awarded to company directors, but on a smaller scale. This will encourage the head of compliance to accept an appropriate level of commercial risk and work with colleagues to achieve long-term commercial goals but be comfortable enough to intervene to prevent excessively risky behaviour in the short term.
Even if the head of compliance can be remunerated successfully, he or she will be powerless if the rest of the senior management and board members are not. If everyone comes from a different perspective, all with their own agenda and one eye on their bonus, it simply won’t work. The answer lies in linking variable remuneration to long-term company success; not just for those responsible for compliance but the whole senior management team members of the board alike.
In this way staff are rewarded for commercial acumen while the company remains compliant.
Jonathan Bowdler is head of governance risk and compliance at the International Compliance Association.