Nsight Blog | Ncontracts

5 Ways to Convince Management that Compliance is Important

Written by Kimberly Boatwright, CRCM, CAMS | Nov 15, 2017 3:34:00 PM

A strong tone from the top is essential for compliance success. In this post, you'll learn 5 ways to show your CEO and Senior Management why compliance is important, and help improve your financial institution's culture of compliance.

(Editor's Note: This blog was originally published in December 2014, but has been updated as of September 2019.)

Every year brings new compliance challenges. In 2019, we're seeing changing requirements and regulatory guidance. However, some things stay the same every year: the importance of regulatory compliance and the need for a strong culture of compliance.

It's clear that effectively managing and mitigating your compliance risk is made much more difficult if you don't have the support of your management team. Support from leadership and a strong tone from the top makes it much easier to have a strong culture of compliance and achieve your compliance goals. 

Related: How to Build a Strong Lending Compliance Management System

Asking management for more help, support, or more resources is nearly impossible if your leadership team doesn't believe in the importance of compliance. If you dread conversations with your management team about compliance budgets, staffing, or culture, this post is for you.

 

While it may be challenging, the benefits of successfully convincing management that compliance is important far outweigh the costs. First, having executive support will help strengthen your culture of compliance. Their support and understanding will help you to establish the “tone from the top” mentality and strong compliance culture that regulators consistently look for and expect. Second, the alignment will also make it simpler to coordinate and prioritize compliance initiatives and get necessary resources approved. Third, having a supportive leadership team makes a huge difference in your personal happiness at work. 

Let's get started with those five tactics...

1. Put Yourself in Their Shoes & Educate With Empathy

The first step to convincing management that compliance is important is understanding the unique position that they are in. As the leadership of your institution, the bottom line is a top priority. From that perspective, compliance can seem like an expensive and even unwelcome burden.

The truth is that good compliance is good business. Your first job is showing them why that's true.

If your CEO, President, or Board members believe that compliance is a cost center, put yourself in their shoes and try to understand the factors that contribute to this belief. Some factors may be: frustration with the overall cost of compliance; lack of understanding of regulatory scrutiny, pressure, and regulatory environment; lack of awareness about the risks and repercussions of non-compliance; and pressure to increase sales and the feeling that compliance is a distraction from this goal.

Here are some ways you can get around each of these objections:

  • If your leadership is frustrated with the overall cost of compliance efforts, spend a few minutes to show them the ROI (return on investment) of compliance efforts. Break down some of the top costs in your compliance budget, and show them the value they're getting for that expenditure. 
    • Take it one step further, and suggest areas where resources could be allocated more efficiently.
    • Using clear numbers always helps! If you can show how you avoided risk exposure or improved efficiency in numerical terms, your leadership team is likely to respond well. 
  • If your senior managers don't understand the pressure of regulatory scrutiny, the simplest thing to do is show them regulatory guidance and articles about top trends in compliance. 
    • Know your audience! Communicate with them in a way they can understand, focusing on the important information they need to know to make a decision or do their job better. 
    • Use words they'll know - compliance professionals use jargon as well. We all know how our audience reacts when we start using words like BSA, CIP, HMDA, or FACTA. (That glazed look in their eyes says it all.)
    • Show that compliance is relevant to your community, including the press and consumer advocacy groups.
  • If your senior management and Board aren't familiar with the potential risk and repercussions of non-compliance, show them enforcement actions, fines, and settlements that impacted institutions like yours. 
    • Try to explain how compliance risks are embedded into each individual role. For some people, the “ounce of prevention is worth a pound of cure” position makes sense. Other team members may respond better to the claim that compliance is a good asset protection policy.
    • In today’s environment it is important to help them understand that it is not just the organization that may be liable, individuals may be held responsible as well.
    • It is much easier to explain your view point if your audience can relate to your examples. Providing examples similar to your institution so that you avoid this common response: “We’re not as big as XYZ Bank, that will never happen here.”
  • If your management is focused on sales, they might not understand how good compliance can improve sales initiatives. Here is how it can:
    • If you use Ncontracts, know that your compliance analysis can identify potential sales and marketing opportunities. For example, what do you application rates show you about potential improvements to your marketing initiatives? Talk with your dedicated Ncontracts Analyst and Customer Success Manager if this is a priority for you, and they will show you how to look at your compliance data a little differently.

The famous diplomat Daniele Varè is credited with saying, "Diplomacy is the art of letting someone have your way." As the compliance mind in your institution, you're going to have to be diplomat, salesperson, conscious, educator, and more. 

2. Open Lines of Communication

Do your senior managers know that you're there for them, on the same team, and dedicated to helping achieve your financial institution's goals? Do they know your top priorities, your current challenges, and roadblocks to compliance success?

If not, your colleagues may need more information. The best financial institutions to work for have a strong sense of collaboration and teamwork. One of the simplest tactics for improving this sense of collaboration is opening lines of communication.

Ask your leadership team about their goals and priorities. As we approach the end of the year, now is a great time to ask about 2018 priorities. In this conversation, you can also share your own goals. Try to learn more about challenges the Board and leadership team is facing.

In addition, open up a little more about what's going on in compliance land. Compliance is complex. It would be impossible for a Compliance Officer to know everything about compliance...consider how the other people in your institution must feel about it! They are mostly likely unaware of all the requirements or how those requirements may affect them. 

Your colleagues probably have questions and concerns about compliance risks and their personal liabilities. Make sure they know you’re available to answer those questions and will communicate with them in a way they will comprehend.

Take, for example, the new HMDA rule. If you're like many of our friends in the industry, complying with this single regulation is consuming a lot of your time. It may require additional hires, software, or resources to help manage. You've probably already experienced the benefits of having your management team understand the impact of the new HMDA requirements and the updated data on your institution, as well as your role and bandwidth.

3. Show Why Compliance Matters for Growth Using Real-World Examples

It can seem counter-intuitive, but strong compliance management is essential for your financial institution's growth. However, your leadership team may not understand that compliance initiatives support growth.

Here are a few growth situations in which compliance is more than helpful, it's essential:

  • Mergers and acquisitions.
    • Why? The risk of one institution will become the risk of both institutions. Say that your institution acquires another, and one of the branches in their network has high disparities. The risk of that branch is now your institution's risk.
    • We've also seen that compliance risk can stall M&A activity. It's a good idea to start with compliance, so that you don't go through the time, effort, energy, and resources of a merger or acquisition only to have it halted due to unforeseen compliance issues.
  • Opening or closing branches, and adding or removing ATMs.
    • Whenever you change your branch and ATM network, you're potentially impacting your CRA performance. Compliance needs to be involved in these discussions, so that they can help determine the potential impact of any changes to your network.
    • Ncontracts provides branch strategy and growth services. We can help you identify site locations for a new branch, branches you can safely close, relocate, or replace with an ATM, and much more. We approach these situations from a compliance perspective, ensuring that your growth helps you serve your community better and stay compliant.
  • Improving marketing and sales efforts, and growing into new markets.
    • As mentioned earlier, your compliance analysis can provide clarity about potentially overlooked marketing and sales opportunities.
    • Leverage Ncontracts to help you identify new marketing, sales, and growth opportunities based on your current performance and compliance risk.

Again, good compliance is good business. Compliance should be involved in growth strategy discussions.

4. Share Compliance Risk Assessment Results & Goals

A risk assessment is an essential first step for any financial institution to understand risk. Risk assessments are also the foundation of any good Compliance Management Program.  If you haven’t done a compliance risk assessment in the last twelve months, make that a top priority for the first quarter of 2017. The regulators'' expectations have evolved, and they now expect to see a risk assessment conducted every 12-18 months.

You need to know where your risks are so that you can determine what needs your focus first. Prioritization is key to your success. That's why a risk assessment is so important.

Consumer compliance is a top regulatory priority, so make sure that you're evaluating your Fair Lending, HMDA, CRA and Redlining compliance risk in particular. 

If you’ve conducted a risk assessment recently, have you shared the results with management? They need to be aware of the risks so that they can see the areas of greatest need and help support your action plan. The high-priority compliance risks will definitely need to be addressed in the short term. Be prepared to explain those risks and your plan for how to mitigate them.

5. Ask for Support

Sometimes you just have to ask for help. Explain that without everyone on board, it’s hard (if not impossible) to have an effective compliance management program. It’s so important to have a tone from the top! 

In PWC's 2016 global State of Compliance survey, they found that "only 16% of respondents indicated their employees view the CEO as the compliance and ethics champion at their organizations." 

If employees see and hear that management supports compliance initiatives, they will be more likely to follow the lead. You may have to explain this to management, and ask for their support directly.

What's Next?

Many say that compliance is the hardest sales job you’ll ever have. With your guidance and patience, you can show management why compliance matters and how embracing it can lead your institution to compliance success.

Demonstrate that if compliance is done effectively, it can protect personal and financial institution assets and reputations, and help encourage growth. 

Let's face it, regulatory pressure on compliance isn't going anywhere. That means it's our job as compliance leaders to help ensure that our company understands why it's important, what the risks are, and how to achieve those compliance goals.