Have you asked yourself this question? More than likely you have. You have probably thought about your resources from time to time as well. CCOs and Compliance staffs from time to time discuss their Compliance Program and how effective it is. Developing a Compliance Program that reaches across all operating areas of the company is not a simple task. In order to make any progress on a task such as this the Compliance message needs to explained, taught, supported and embedded into the company – not told. It also needs to be streamlined.
In the early years of Compliance, programs were constructed as a responsive monitoring system inside security firms. Today, regulations are more complex due to the environment in which we operate. The “bad guys” are far more creative, the public can be far too trusting and the regulators seem overwhelmed. So the result is reactive rule creation because this is the quickest way to respond to the unlawful event. That does not make this process correct but it is what it is. Your responsibility is to know your business, know the risks your firm you faces, know your Registered Representatives and Investment Advisors, be knowledgeable about new rules and regulations, know which rules are applicable to your business and have a compliance program that can swiftly adopt and implement new rules or changes to exisiting.
With new rules, interpretive memos and SEC No Action Letters coming out weekly (and sometimes daily) it is demanding to maintain your Compliance Manual(s) let alone your Policies and Procedures. Depending upon your business your manual(s) can be quite complex. It is important to know the contents of your compliance manual(s), in some cases especially if you purchased a template manual, there are sections and procedures that are not applicable to your firm. When a Regulator schedules a routine exam they base their exam from the contents of your manual – if there is a “gotcha” moment this will be one of them. So, know your manual, know the applicable rules and regulations and remove what is not applicable. Sure you can hold that information off to the side in case your compliance program requires it in the future but until then. This is the ONLY compliance document that the Regulators will use when conducting your exam – routine, sweep or for cause.
The greater the demand for compliance accountability, the greater the need to understand and design a compliance program in your firm. Your Compliance Manual will dictate the – who, what, when, where and how’s of your business. Almost every function of management, sales, marketing, operations and certainly compliance is mentioned in this document. Simplifying this into a “plain English” format is just the beginning; educating and training your compliance staff, operations, marketing, sales, finance and executives can be challenging. We all know that the Compliance Manual is not on the best seller list and can certainly be the cure for sleeplessness. So the question is – how can a firm institute a Compliance Program that will gain the respect needed to keep the producers, supervisors, managers and executives “in the know”? The “power” approach doesn’t work, threatening comes off as a joke, ignoring it won’t work because it is here to stay, and “going through the motions” will eventually be discovered – whenit is too late. There is one approach that has been found to work, you may explain it..
There are many groups who need to and are required to be knowledgeable and respectful to your firm’s compliance requirements – sales (the revenue group), supervision (supervising new accounts and those who bring them to the firm), operations (processing the business) and executive (designing the company model and company culture). As the old adage states “it starts at the top” and the culture will undoubtedly be defined at this level and as long as compliance is represented equally there it has a chance to be successful.
Don’t take the “let’s wait and see” approach. The British (Regulators) are coming. Depending on why the Regulators are coming could be crippling to the business and more importantly the business’ (and possibly your) reputation. Today, clients and prospects are far more informed and information about you, your Investment Advisors, Registered Representatives and firm is far more accessible. This enables one to conduct some due diligence that may not have been conducted in the past. Most all of your firm’s information is public including your assets, authorized business lines, permitted states, registered personnel and yes – all your disciplinary events.
How does a firm go about creating a proactive, respected and compliant Compliance culture? Here are a couple of thoughts:
• Break down the Compliance Manual
• Hold more than one required Annual Compliance Meeting
• Share Compliance responsibilities – delegate some tasks
• Produce a Compliance Newsletter
• Reward those that “get it” – discipline those that don’t
Regulatory Maven designs risk based Compliance Programs for companies of all sizes and business models. Call upon us to discuss your firm’s unique challenges with instituting and sustaining a proactive Compliance Culture, from the top down. Reach out to us today! We will work with you on simplifying your Compliance Program where it can be understood.
