Culture in financial services is widely accepted as a key root cause of the major conduct failings that have occurred within the industry in recent history, causing harm to both consumers and markets. The above-mentioned aptly corresponds to the importance of ethical business practise and the ‘right’ culture in financial institutions.
In order to improve the ethical and compliance culture of the organisation financial institutions should take the following steps.
1. Start from the top
The effective compliance culture comes from the top of the organisation – the senior management of the company should consistently demonstrate the right behaviour and attributes. That defines the right tone that is followed by the other employees.
So, first of all, the compliance officer of the financial institution should discuss the importance of compliance culture with the senior management and convince them that the ethical, value-driven culture is essential for the successful activities of the company.
2. Define the company’s values and principles of a good compliance culture
The compliance officer, together with the Management Board and other senior stakeholders should decide what a good compliance culture in the company should look like.
A company’s values have to mean something to the people who work for the company and resonate throughout the organisation. The employees should feel that what they contribute to is right and morale.
It is also important to develop appropriate attitudes of the employees:
- employees at all levels should understand that their concerns and suspicions are extremely important;
- every employee should feel individually responsible for their actions;
- employees should feel inspired and proud of being part of the organisation.
It is advisable to state the company’s values and principles of a good compliance culture in the Code of conduct or Employee handbook. The Code of conduct may also overview other fields that are relevant for employees. One of the great examples is the Employee handbook of Santander bank. It establishes the main values, the right behaviours, the remuneration, the basic AML compliance rules, etc.
3. Advise the management to establish the compliance-determinant remuneration system
The remuneration system in the company should be constructed in a way it influences employees to behave in a compliant way.
The remuneration or bonus schemes of compliance staff should not be exclusively linked to revenue-based targets. The incentives should not be structured in a way it might create a conflict of interest.
AML/CTF compliance should be considered as a relevant key performance indicator.
4. Ensure continuous staff awareness and appropriate competence level
Awareness of compliance staff plays a very important role in the establishment of a healthy compliance culture. The staff must have a full understanding of their obligations and remain competent to fulfil the functions they carry on.
In Lithuania, regular training is an obligation imposed for financial institutions by the Instructions to financial market participants to prevent money laundering and/or terrorist financing, approved by the Board of the Bank of Lithuania (“Instructions”).
Point 25 of the Instructions states that:
- regular training should be organised for compliance staff and the management;
- the content of training should be adapted to the functions and responsibilities of the employees;
- the competency testing should be ensured after every training;
- the training records (attendance lists, results of competency testing and the content of the particular training) should be maintained at least for 5 years.
By ensuring that staff are regularly informed of sanctions updates, emerging typologies, best practice and regulatory announcements, the AML/CTF team can keep employees alert to the risks of money laundering at all times.
A variety of different training ways may work – training on internal policies, e-learning, case studies, webinars, email updates on legislative changes, etc.
5. Create a trust-based and open-minded atmosphere
Employees must know their obligation to report suspicious activities. The internal escalation process should be clear and understandable. Compliance staff should feel comfortable to report and not afraid of doing it.
The compliance officer should create a trust-based and open-minded atmosphere in the company, encouraging the staff to raise their questions and doubts freely.
When employees feel comfortable, they speak-up and the compliance issues may be identified more effectively.