ABA Bank Compliance - March/April 2017

cakes. The Compliance team was instructed to draft the policies and procedures related to frosting the cupcakes. This hands-on lesson is usually a lot of fun. It’s often sticky. And, there are always some truly interesting outcomes. However, the outcomes are not really surprising if you’ve worked as a compliance officer for any length of time.

At the end of the task, Compliance is asked to read its cupcake frosting procedure to Operations. The result we consistently find is that the policy does not match the actual practice! Now it’s important to note that both teams are in the same classroom, sitting next to each other. To date, never in this exercise has Compliance looked up from its drafting to ask Operations, “Hey, how do the cupcakes get frosted in this company anyway?” Instead, they always guess. Outside the classroom, if our policies and procedures do not represent the actual way that the “cupcakes” are frosted, we will have much to answer for with our regulators.

During the debriefing, the Compliance team explains its policy
drafting process. There are two main reasons typically cited for
not tapping others’ help. The top reason? “You didn’t tell us that
we could talk to each other.” Yet the instructions make it clear that
the groups are working for the
same firm. The next most cited
reason is something to the effect
of “I’m the compliance officer (or
attorney), and it’s my job to in-
terpret the policy, and everyone
needs to do what I say—this is
how a cupcake is frosted.”
There is a lot to unpack in
that statement. Yes, your job
within Compliance may be to
help ensure that the policies and procedures are consistent
with the regulatory requirements and the business must fol-
low them, but if the rules don’t make sense to the business, or
aren’t reflective of the business that you’re in, or if the business
doesn’t understand them, or if they are too afraid to have this
conversation with you because you’re the “compliance police”,
that’s not a desired outcome.

Actively collaborating with stakeholders is not generally something taught in school. Neither is the art of communicating with co-workers, and working diplomatically to diffuse difficult situations. But maybe they should be, as soft skills are crucial to the success of the compliance program.

Compliance officers, especially those newer to the profession, can be downright dogmatic in their approach to the rules, policies and procedures. In the absence of significant experience or understanding of the rules, they often see things in black and white terms, i.e. “this is the right and only way to frost a cupcake.” New compliance officers will need to be able to collaborate with colleagues who may have significantly more experience than they do. Accordingly, if a compliance officer’s stance is that they are always right because they are from Compliance, they ultimately may not be “heard” by the business, no matter whether they are in the right. Generally, more seasoned compliance professionals know, through painful experience, that there is more than one way to frost a cupcake.

Training

The DOJ’s U.S. Sentencing Guidelines require that banks and other organizations take “reasonable steps to communicate periodically and in a practical manner its standards and procedures, and other aspects of the compliance and ethics program.” This is accomplished by conducting effective training programs, and otherwise disseminating information appropriate to such individuals’ respective roles and responsibilities. 4

Training is important, but it isn’t as easy as it sounds. Training is a combination of skill sets. Subject matter experts are often brought in to help, but there is an art to training that transcends just the transfer of information. Just because you’re a compliance expert doesn’t mean you can teach it to others.

When it comes to training your staff, it shouldn’t be enough
to return to your office with the training materials and check
the “done” box. Effective compliance training is a cornerstone
of your program. How can anyone follow a policy or procedure
if they don’t know it exists? And how will training be absorbed
if participants don’t understand the materials being presented?
For compliance officers who deliver training programs, examine
your training deck. Is it a 70-page
deck, with each slide packed with
tiny, unreadable text? Does the
only discernable white space ap-
pear on the final “Questions” slide
in large type, followed by a string
of question marks? If this sounds
like your deck, you may need to
reconsider your presentation.
Years ago, I was charged with
providing compliance training on
a particular regulation to the sales and marketing department at
my firm. To my mind, all of the words in every rule that I planned
to cover were important. An hour and a half and 25 yawning
faces later, the head of the sales division approached me, thanked
me for putting the materials together, and summarily ended the
presentation. Later, she gave me some great advice: remember the
“rule of three’s,” that most people essentially remember, typically,
up to three things at a time, whether it’s three bullet points or
three concepts. Whether you agree with this or not, the “rule of
three” forces a presenter to be succinct and keep to the essential
concepts. And fewer words on the page makes it less likely that
the presenter will simply read from their PowerPoint presentation,
a sure way to alienate one’s audience.

Consider Your Audience

Absolutely consider your audience in terms of subject matter— and in the different ways people learn. Studies indicate that the mind needs a change in direction every 15-20 minutes. Consider changing up your traditional compliance presentation by adding in some recent news or case law examples that will illustrate your main points. Make the training as interactive as possible and get the information out in a way that resonates with your audience. Small groups, role playing, and real life examples (anonymous of course) all help to further the goal of understanding. Once the training is complete, solicit feedback. Invite management from

But culture—and the soft skills
that make it possible, has become
a very real “thing” in today’s
business world, and regulators have
increasingly made it part of the
regulatory lexicon.