Banks and insurance companies are complex organizations where change is constant. Product change, regulatory change, technology change. Managing compliance risk in this environment is difficult.
In the last couple of years alone, the financial services industry has experienced several high-profile breaches. In 2017, credit bureau Equifax was breached, with several hundred thousand identities stolen and the data of over 143 million people put at risk.
As recently as June 2018, the Commonwealth Bank in Australia was fined $700m for breaches of anti-money laundering and counter-terrorism laws.
Independent research estimated that in 2017, data breaches cost banks $3.5 million per breach on average.
It’s little surprise that there’s been an increased focus on compliance, data and customer privacy worldwide. The solution lies partly in better employee engagement.
To find out why, follow these five steps for compliance communications that will ensure you and your staff don’t break the bank.
1. Reach everyone – engage everyone
Staff are the first line of defense against compliance breaches. But they’re often busy dealing with customers – attending to queries, resolving issues and providing the high levels of service they’re employed for.
The challenge for Compliance Managers is bolstering this first line of defense, without inhibiting the delivery of great customer experiences.
In fact, positive compliance practices actually provide competitive advantage. Research reveals that 69% of consumers are less inclined to do business with a breached organization.
When planning your compliance communications, ensure remote teams and frontline staff in your branch network are included. Consider addressing supply chain risk by also including outsource partners.
But reaching staff is only half the battle – they also need to read your messages. Increase engagement through using recurrence features, where messages are repeated until acknowledged or interacted with.
Employ a campaign approach to your communications – launching with high-impact channels for instant attention, then reinforcing through more subtle tools to effect longer-term behavioral change.
2. Improve cross-department communication
When the EU’s General Data Protection Act (GDPR) came into force in May 2018, carrying non-compliance penalties of up to €20 million, it forced businesses into cross-department collaboration.
Compliance, technology, marketing and customer support managers all aligned to assess the work required, and to ensure actions met these requirements.
But this arrangement is less common than it should be. For compliance managers, ongoing collaboration with other department heads and senior executives is essential. In this way, the risk is shared and joint responsibility held.
Develop a distinct brand identity for your compliance messages, and use this in all cross-department communications. This ensures managers instantly identify the nature and importance of the messages, and act accordingly.
All managers must be flag-bearers for compliance if employees are to also buy in. Use tools like desktop alerts when you need immediate attention given to urgent messages.
3. Foster a compliance culture
To be successful, compliance must form part of your corporate culture. The volume and sensitivity of customer data in financial services means it’s essential to embed the Compliance discipline across your business.
By doing this, you’ll find it easier to develop and enforce the processes and controls to better protect against compliance risks.
In larger businesses, appoint compliance champions in each department. These staff will cascade important information down, provide reinforcement and reassurance to team members, and generally champion the compliance cause at a more granular level.
Create a dedicated area of your corporate intranet for Compliance policies, processes and a list of department champions. Maintain visibility of this content through periodic updates to staff.
Newsfeed-style scrolling tickers are an effective tool for delivering intranet visits without disrupting staff. For example, advising that new policies are available governing appropriate online and social media behavior in the office.
4. Revamp and reinforce training
For Compliance Managers in financial services businesses, effective engagement of staff is more crucial than ever. Unfortunately, 68% of employees fail to engage with compliance training.
That’s a big problem. When staff are unengaged, it places businesses at greater risk of compliance breaches.
Review your current training and communication programs (or develop them if you have none!) to ensure they’re as effective as possible.
Does it consider recent innovations in the industry, like open banking, cryptocurrency and quantum computing? Increasing reliance on technology (for example, online banking and mobile apps) necessitates constant review of and training on processes.
But training needn’t be tedious – in fact, it can’t be if your information is to be absorbed. Gamification can introduce a fun, dynamic element to your sessions. Consider a risk management quiz, which integrates with the information repository on your intranet.
Use staff surveys to test employee knowledge and recall of compliance information. Incorrect answers can reveal critical gaps that require additional sessions.
5. Bring Compliance to life
Unfortunately, not everyone will be as passionate about Compliance as you are. It’s perceived as a dry subject – often one to be avoided if possible.
Counter this by bringing Compliance more to life. Use real world examples as much as possible – not only do they personalize an issue, cautionary tales also elicit the heartfelt response of, “That could have been us!”
Video messages are an easy but effective tool. Launch new initiatives or convey updates through a video alert of your CEO speaking. Make your training sessions available to staff at all locations through video updates.
Get inspiration from the extensive range of assets available from compliance experts Compliance Wave. Their material is developed specially to enhance learning and banish boring training.
Large volumes of text-heavy documentation are unavoidable, but including these audiovisual elements will bring some balance to your communications.
The financial services industry has been required to take a fresh look at both their compliance practices and the staff communications which underpin them.
Making the improvements suggested will bring rewards in reduced risk and improved business advantage.