“I’ve got it!  I’ll dress up as a wizard!  You know, like a compliance psychic or mentalist.  What do you think?”  As I was planning my newest keynote several months ago, I was trying to come up with a catchy opening.  I’d just done the survey of the compliance profession to see what each person’s biggest strategy and planning question was (you can see the survey results HERE).  I wasn’t surprised at all to find that nearly 60% of people had one of three main questions.  “I’ll plant people in the audience and bet them money that I can guess their answer.  Won’t that be fun?!?”  My husband looked incredulous. 

Last week I was privileged to perform the keynote session at the American Bankers Association Compliance Conference in Orlando, Florida.  Amongst the sessions provided to the 1800 attendees, a common theme emerged.  Although these compliance officers were highly familiar with every nuance of the most complex banking regulations, the monster in the room was a newer problem: Conduct Risk, or, as most corporate compliance officers would call it, ethics and culture problems.

An article published by Banking Technology notes the global interest in this issue: 

“This interest has not been confined to UK regulators. The OECD has published a report on conduct risk principles, which it expects all members to integrate into their regulatory approach, and the HKMA has issued a paper on the topic, echoing the language and approach of the FCA. A nascent international consensus seems to be forming on the importance of ‘conduct risk’ as a concept in the emerging post-crisis regulatory landscape.” 

The article goes on to note that there is one major problem: nobody quite agrees on what conduct risk means -

Every day we’re confronted by little moments when we must decide how close to walk to the line.  I live in London, and when I travel for work, the cabbies will often hand me a receipt and say, “I left it blank for you,” implying that I can make up whatever number I think I can get away with for reimbursement.  Would anyone at your company make up a number larger than the amount they actually spent?  Would everyone? 

When it comes to the new ISO 37001 Anti-Bribery Systems Management Standard, you probably have questions but aren’t sure who to ask.  These questions usually include things like:

• What is the ISO 37001 Anti-Bribery Standard?
• How does ISO 37001 Certification work?
• What are the benefits of ISO 37001 Certification?
• Who can be certified?
• What is the certification process like?

When was the last time you spoke to the folks in charge of Business Continuity Planning?  If the answer is “never” or “who?,” I recommend you reach out to them this week and set up a call or meeting. 

In case you’ve not interacted with them before, the business continuity planning team is typically in charge of considering worst case scenarios and having a plan in place to deal with them.  The best business continuity departments think through everything from a terrorist attack, to catastrophic IT systems failure, to the effect of pandemic flu.  What does this have to do with compliance?  Three things come immediately to mind: