Podcast S6E2 | Top Compliance Priorities 2023

TRANSCRIPT

Kimberley Cole 0:01
This is Risky Women Radio, a show that connects, celebrates and champions women in risk regulation and compliance. We’re here to share the insights on the biggest issues in our industry and hear inspiring journeys from our global members. Sign up to our newsletter at riskywomen.org. I’m Kimberley Cole, your Chief Risky Woman.

Kimberley Cole 0:24
Welcome to today’s Risky Women Radio. We are speaking with Carol Beaumier and Bernadine Reese from Protiviti. Carol is the Senior Managing Director and Bernadine is the Managing Director of Risk and Compliance. And you may remember, Carol and Bernadine from last year when we had the absolute privilege of having them kick off our 2022 session. So we’re thrilled that they are back again to talk about the top of mind compliance priorities for 2023. And just to give a bit of a feel for that, we want to share with you a fabulous report that Protiviti has done around the executive perspectives on the top risk series, which gives us a good continuity year on year. So I guess it was no surprise given the level of uncertainty in today’s global markets, and the continual change and the speed of that change, that are producing a multitude of risks which can disrupt any organization’s business model and strategy. And some of that can be at very short notice. So uncertainty and risk are definitely here to stay. And keeping abreast of all of those emerging risk issues and market opportunities is really critical for any organization and certainly to ensure improving organizational resilience. So we welcome Carol and Bernadine to discuss the evolving complexity of the regulatory compliance, the challenges that they expect financial institutions will face in 2023, and some of the uncertainty that lies ahead. So for anyone who missed last year’s session, let me just welcome Carol and Bernadine and and get them to just give a quick intro of who they are and what they do. So, Carol, do you want to start?

Carol Beaumier 2:15
Sure, thanks, Kimberley. It’s great to be back. As you said in your intro, I’m a senior managing director and our Risk and Compliance practice. And I’m also the leader of our Asia PAC financial services practice, longtime career in financial services on the regulatory side, including a long stint as a regulator in the US earlier in my career. So a topic that’s near and dear to my heart.

Kimberley Cole 2:39
Excellent. Excellent. And Bernadine.

Bernadine Reese 2:43
Hi Kimberley, great to be back and to see you again. That year went quickly, didn’t it? So I’m Bernadine Reese, a managing director at Protiviti. In the London office, I have an interest in all things regulation, my background very much in financial services and in consulting across a variety of risk and compliance topics.

Kimberley Cole 3:03
Fabulous. So it’s great to have both of you experts on the session here, and to talk about the compliance priorities for the year ahead. So obviously, we had this discussion last year. So when you were sort of compiling these lists of priorities, how did they sort of differ to the previous year’s? And were there any sort of surprises that you found here, Carol, if you want to share?

Carol Beaumier 3:29
Sure. We did take a little bit of a different approach this year, and you actually hit on it and your introduction. When we compiled the list for 2022, we grouped the priorities into two major categories, traditional compliance risks, kind of self explanatory, and what we call broader risk mandates, those being kind of the growing list of requirements that maybe somebody else in the risk organization actually owns, but in which compliance is expected or has been expected to take on a larger and larger role. This year, as we started putting the list together, it struck us that there was another overarching category that was really driving a lot of the priorities. And that was the uncertainty you mentioned in your introduction. Not that uncertainty is anything new for financial services or for any business for that matter. But it just struck us that with the state of the world economic concerns, developments in the industry, that uncertainty was really weighing more on the industry today. And that really puts a lot of pressure on financial institutions to be more agile and adaptable in their approach to managing all kinds of risks, including compliance. So some of the examples of the priorities that we included in the uncertainty category are the geopolitical tensions we’ve been experiencing across the globe. Financial stress, people challenges, whether those stem from tight labor markets in some locations or kind of the world at large grappling with hybrid work and adapting to what that means for us all long term. And then finally a category that we call regulatory blocking and hedging. And by that we were attempting to kind of capture the challenges that financial institutions face, because regulators across the globe have responded at a different pace and in different ways to technological advancements and innovation. And in turn, this has created a real challenge, I think, for the industry to try to reconcile different frameworks and different requirements across the globe. So we thought this year in particular, that uncertainty category kind of needed its own calling out. And I think it’s important as we continue our discussion today, just to, to say, as we’ve noted, in our paper, that many of the risks that we identified, you could really sit them in more than one category. I think that’s important, really, to recognize that there’s very significant overlap here as we talk about the categories.

Kimberley Cole 6:08
Yeah, very interesting. I think lots of interesting points in there around companies that need to be more agile and adaptable. And certainly, there are a lot of areas where that uncertainty and all of the different things that are going on in the world continue to pose interesting challenges for our risk and compliance professionals and the organizations they work for.

Kimberley Cole 6:35
This episode is brought to you by Protiviti. Protiviti is a global consulting firm with deep expertise in transformation, risk management and compliance, partner with Protiviti and face the future with confidence.

Kimberley Cole 6:52
So if dealing with uncertainty was sort of not enough, so to speak, you know, compliance officers are also having to manage all of these other risks that often are sort of beyond the traditional role of compliance, given what’s going on. So what are those key risks associated with the challenges that we’re seeing Bernadine?

Bernadine Reese 7:14
So these are those wider set of changes for financial institutions where compliance has a significant role. And in particular, I think we’re seeing the greater adoption of new and emerging technologies is one of the biggest changes in financial services. And compliance teams are having to respond to regulatory initiatives in areas such as artificial intelligence and machine learning, cloud computing, big data, the metaverse, there’s a long list, in fact as evidenced in the Top Risk Survey for 2023 and 2032. passivity conducted with NC State University, among the top risks for the next decade for pretty much all companies were the rapid speed of disruptive innovation and the adoption of advanced digital technologies. So compliance needs to understand the implications to evaluate the risks and impacts and to provide suitable challenge for new products and technologies before they’re adopted. We’re also seeing that regulators are adopting increasingly sophisticated technologies and a data led approach to regulation. So compliance must be able to respond to demands for increased regulatory reporting, and understand the data sources and quality and the story behind the data as well. And then data and reporting are also integral to the response to environmental, social and governance requirements. And these are, for the most part relatively new topics for compliance, but will impact all areas of the business and compliance will need to address ESG risks such as greenwashing.

Kimberley Cole 8:59
There is so much there that I could see we could have a series of podcasts just on breaking down all of those things. And I know in the report, you put in Forbes five biggest technology trends, most of which you mentioned there with artificial intelligence, machine learning, secondly, the metaverse then use of digital twin technology in a digitally editable world, four the widespread adoption of defi or decentralized finance. And then fifth, increasing connectedness in IoT. So I mean, there’s just so many areas now that compliance needs to be across and then if you bring in that whole ESG agenda, so it’s really fascinating now what you’ve got to cope with. So on that Carol, how about those kinds of developments that we’re seeing within a traditional compliance agenda? How is that evolving and changing?

Carol Beaumier 9:54
So this year, we focused on three traditional compliance responsibilities and again, I go back to there’s overlap here with some of what Bernadine just talked about. The first is financial crime compliance, which I think is a perennial entrant on our list, I think it continues to be one of the most dynamic areas of compliance for a number of reasons. And we continue to see new laws being rolled out in major markets across the globe. Certainly in the last year, we’ve dealt with a lot of geopolitical tensions which have had impacts on financial crime compliance programs, the recent developments in the virtual currency world, I mean, there’s just so much going on. And I’d also say that many financial crimes compliance departments are still on their own innovation journey and working toward understanding and implementing changes that they can make to make their compliance functions more efficient and more effective. So I think when you look at all of these together, there’s a lot going on there that will keep financial crimes compliance departments very busy. And then Bernadine referred to data. So I think from a regulatory compliance standpoint, data privacy continues to be a huge area of regulatory focus just because of the exponential amount of data that financial services companies have. And then we included in this category, cybersecurity, which we could argue could be in the broader risk mandate, but we were looking at it this year, in particular, from the standpoint of financial crime, and the growing impact and intersection it has with financial crimes compliance. I mean, that said, I think that cybersecurity continues to be an area of regulatory focus across any number of considerations, I’d say, particularly a recent focus on the operational resilience of companies following a cyber attack. And I think the other thing, from our standpoint, that makes these requirements kind of interesting is that if you think about them, there are no global standards, there are requirements that are issued either on a national, sometimes even more local level. So again, it kind of points to the complexity and the need for financial institutions to kind of sort through and reconcile what could be conflicting frameworks.

Kimberley Cole 12:23
Yeah, absolutely. And obviously, a lot of those things intersect with data and cyber as well. And there’s been some monumental cyber attacks that have seen so much data captured. So it’d be great to actually maybe look at some of the best practices that you guys have seen there at another time as well. But I recommend everyone goes and takes a look at the report titled the Evolving Complexity of Financial Institution Compliance, and the Top Compliance Risks for 2023 from Protiviti, and we’ll have the link in the show notes as well. So given all of that, how our chief compliance officers going to keep their teams motivated, given all these challenges that they’re facing, and even how we’re going to keep abreast of all of these things.

Bernadine Reese 13:11
So I think probably luckily, in my experience, many compliance teams enjoy addressing a wide variety of challenges and working in an area of constant change, which is probably just as well at the moment. Those who work in compliance are usually attracted to being able to make a difference. And it does feel like there’s lots of room for compliance teams to make a difference at the moment. But a key part of that is also the teams being equipped with that knowledge, the resources and, equally importantly, management support to make a success and to be able to manage the challenges of all of these changes.

Kimberley Cole 13:48
Yes, I think it sounds like there would never be a dull moment at least, and lots of ways for people to get involved and problem solve and stay across such a broad range of areas. So now, maybe one for both of you. But what advice would you give to chief compliance officers in 2023, given all of these top priorities that we’ve just gone through?

Carol Beaumier 14:12
So given the evolution of compliance and the breadth of compliance, as we’ve discussed, just in the last few minutes, I think it’s critically important that chief compliance officers, compliance departments, not be viewed as the cops, but be viewed as trusted partners of the business, who can contribute to the growth of the company. So I would encourage any compliance officer who doesn’t think she’s viewed that way to begin immediately working to change the company’s perception about compliance. I think this is really a long term critical success factor.

Bernadine Reese 14:48
Yeah, I’d agree with that. I’d also point to the need to continue to invest in recruiting, training and retaining compliance teams. We talked earlier about all of those new new skills required in compliance, whether that’s technology, data analytics, or even business partnering and relationship building – all important. And I think chief compliance officers who develop their teams will be well placed to navigate the year ahead.

Kimberley Cole 15:15
Yes, I think last year, we actually went through kind of skills and new areas that compliance needed to be across, which I thought was really quite interesting. So if people want to go back and have a listen to the last episode, there was some really interesting things about, you know, what is the role of the compliance officer? What are those new areas that they’re going to get involved in. And I think that continues to evolve and change. And it’s a really interesting area. So as I said, great report again, I recommend everyone goes and looks at it, and gets more of the detail there. And you have all of Carol and Bernadine’s contact details if you want to get in contact for any more details, as well. So now, just a quick little wrap up at the end. So one that we ask every time just the one word, are you optimistic, pessimistic or neutral in your outlook for the year ahead? So Carol, how about you?

Carol Beaumier 16:11
Maybe a bit of a flip response here, but kind of going back and playing off something Bernadine said, I think for CCOs, who thrive on conquering challenges, I’m optimistic that we’ll have plenty of opportunities in 2023. I think the uncertainty as we’ve discussed pretty much guarantees that!

Kimberley Cole 16:31
Yes, I’ve had a few people answer. I’m realistic. So maybe I need to add another option. So what about you Bernadine? Optimistic, pessimistic or neutral? Or realistic?

Bernadine Reese 16:47
Yeah! I think there’s no doubt 2023 is going to be a challenging year. Personally, I tend to focus on issues where there are grounds for optimism, but I’m sure there’ll be plenty to worry about too. So perhaps realistic is the answer I’ll settle on.

Kimberley Cole 17:01
We seem to have a fairly optimistic group generally. So that’s good. And then so looking further into the future? What do you expect that compliance departments are going to look like in 10 years, given that conversation we’re having about that sort of evolving and changing? What’s that going to look like?

Carol Beaumier 17:21
So I think, I hope, that the compliance departments of the future will have effectively embraced technology and innovation, using technology and advanced analytics to handle more routine tasks, and really leaving the skilled compliance professionals more time to focus on critical problems, and their partnership with the business.

Kimberley Cole 17:43
Fantastic. I think that’s a good one for us to continue to monitor and check. And what’s your view Bernadine?

Bernadine Reese 17:50
Yeah, I agree with I think compliance departments will definitely be using technology more efficiently and be more closely aligned with first line control functions and risk functions as well. I also expect the compliance department will be busy looking at ESG matters for many years to come. And probably at the regulators and systems looking more and more at the firm’s culture.

Kimberley Cole 18:14
Yeah, I was gonna just ask about ESG. But you picked up on that as well. So to all our listeners, I would also ask, please go in and give us a rating on whatever platform that you’re listening to. And leave us a comment. And if you’ve got any ideas or suggestions or any questions or thoughts, please let us know. But that really wraps up today’s Risky Women Radio. I’m really excited that I got to speak to Carol and Bernadine again, on the executive perspectives on top risks. It’s great to have that continuity and that view year on year. So recommend you go back and listen to last year’s and see what transpired and get ready for the year ahead. So thank you so much, Carol and Bernadine for joining us and really sharing all of your insights from the report. It’s fantastic. So thanks for joining us.

Carol Beaumier 19:11
Thank you Kimberley was our pleasure.

Bernadine Reese 19:13
Absolute pleasure. Thank you.

Kimberley Cole 19:16
Thank you for listening to this episode of Risky Women Radio, be part of the ongoing conversation and learn more about our events and other programs at riskywomen.org