Compliance “Answers” You Won’t Find in Google…

The best part of my work as a FinTech compliance consultant is when I can help FinTech founders with problems they did not categorize as “compliance problems” or did not expect?that certain issues actually can be solved by knowing and applying compliance.

Here I am mostly talking about situations where there is a problem/friction/inefficiency but you don’t identify it as a compliance problem, therefore you would not know what to search in Google or which regulations may have an answer for what you are trying to resolve.

As an example, lots of “people issues” or “performance issues”?or “organizational conflicts” are actually happening due to the lack of knowledge and experience in compliance.

Below you will find some of the most common “people” or “organizational” issues and operational inefficiencies that can be solved by applying compliance know-how:

Conflicts?Between Compliance and Product / Engineering

• Compliance would like to introduce and automate a very complex risk matrix with 20 risk subcategories, 12 types of risks, 30+ types of red flags coupled with an elaborate logic on how to reconcile all of it and process customer information.
• Compliance requires your admin tool to generate a lot of reporting, filtering, tagging, and research functionalities, but rarely uses all the requested features.
• Compliance would like to reduce the number of false positives or redundant alerts or signals, but it requires significant engineering resources to be diverted from customer-facing projects for the next 6 months.

Those are likely compliance problems that stem from the lack of experience in structuring and defending risk assessments and risk-based monitoring. When the compliance team does not know what is actually required and how to interpret the requirements, they ask for “too much” information and details “just in case”.

Slow Compliance Reviews, Operational Efficiencies, and Frictions Between Compliance and Customer Support

• It takes a very long time for compliance operations to review risky, unusual, or just about any customers, with many iterations?and documentation requests or clarifying questions. Customers may complain because they find these requests confusing, irrelevant, or hard to comply with.
• Compliance sometimes suggests including a very dry and unfriendly language into customer-facing communications, and customer support finds it repelling and damaging for the company's reputation.

Disagreements Between Compliance and Marketing That Typically Escalate to the CEO (for no good reason)

• Compliance suggests removing the most interesting, provocative, and inspiring?(aka clickable) words and expressions from marketing communications, media releases, and advertising.
• Compliance takes a long time to review marketing materials or website information or promotional messages and when the review is complete,?the original language is lost and replaced with disclaimers and warnings?instead of invitations to spend money.
• Compliance expresses too many concerns about “what if someone complains”?or “what if our regulators see it and revoke our license” (when in reality customers rarely complain about this specific matter).

Many disagreements between compliance, marketing, and customer support teams can be solved by a) offering examples and?standard expressions for marketing communications that are “safe” to use; b) having clarity what you are going to answer if customers complain or regulators start asking questions, and c) not asking customers for the details that either you don’t need or they don’t have.

Lack of Decision-Making Which the CEO Interprets as “My Compliance is Conservative, This Is How Things Always Are…”

• Compliance says “no”?or “not now” to many new ideas, customers, or projects, suggesting they are “too risky” or “auditors won’t approve it” or “regulators won’t allow it” without making any recommendations what specifically needs to change to make it work.
• Compliance cannot make decisions, asks to engage additional consultants or obtain an additional legal opinion, shifts responsibility for making the decision without saying?“yes” or “no” and requires that everything must go to a special committee or be approved by the board.

These attempts to shift the responsibility could be due to the lack of compliance know-how or lack of confidence or just incompetence. Capable experienced compliance people as any other experts should be able to act with incomplete information.

Have you observed any of the following use cases and would you agree that they are rarely categorized as issues that can be resolved by compliance know-how?

Prefer to listen to this content on a podcast instead of reading? – Click here and tune in!