The Competitive Advantage of a Strong Governance Structure

Financial institutions face tough compliance demands in a highly regulated and ever-changing environment. They must meet requirements from multiple regulators and show increasing transparency while staying focused on growth and profitability.

The challenge is not only a matter of meeting complex government mandates; compliance breaches have an adverse impact on customer or member loyalty, brand equity, new business and the bottom line. Despite major investments of 25% to 33% of their capital budget to establish and maintain strict compliance standards, financial institutions continue to face alarming incidents of internal and external fraud. A 2016 Point B study of compliance breaches of financial services companies shows that stock prices fell by 6.5% to 9.5% in the month after misconduct was made public, with an average collective cost to shareholders of $1.9 billion per scandal-struck company.

How do you show regulators and members your commitment to regulatory compliance? How effectively does your organization identify and reduce risk? Who is accountable for tracking progress and getting results?

In the rush to keep pace with changing demands, it’s tempting to dive into costly compliance initiatives without the groundwork to ensure success. Without a clear and cohesive governance structure, even the best-intended compliance efforts can fail.

How do you create a governance structure for compliance that lets you act with confidence?

Establish an executive oversight committee. It takes enterprise-wide leadership to prioritize a compliance action plan and keep it on track. Create an executive oversight committee that includes senior executives from cross-functional departments (i.e. compliance, finance, human resources, legal and risk). This oversight committee is responsible for approving and prioritizing all projects in the action plan. Projects may be as diverse as employee training, creating a more vigilant culture, simplifying business processes and applying technology in seamless ways. The oversight committee also provides strategic direction to those implementing the compliance action plan to ensure progress in addressing any regulatory concerns.

Give executives ownership and accountability. Executive owners are crucial to moving your action plan forward. They are typically the heads or senior leaders of various functions or business units across the organization. In turn, they may have one or more “deliverable owners” who report to them and are responsible for helping to shape operational improvements, execute any remediation plans and complete the action plan.

Dedicate a program management office (PMO) to compliance. It may be tempting to place compliance projects within an existing PMO. However, this decision should take into consideration how your current PMO model supports your organization, such as:

• With a limited or no PMO, creating a new compliance PMO is often required.
• With multiple PMOs, establishing a new, dedicated compliance PMO can be effective.
• With a centralized, enterprise-wide PMO, extending the existing PMO’s charter and capabilities to include compliance can generate business value while also controlling risk. This level of sophistication requires an understanding of how changes to people, processes and technology to meet compliance requirements can be combined with requirements for growth or profitability goals.

Regardless of the PMO model, the compliance function will need to garner the metrics, skills, resources and executive focus to deliver on the action plan. This specialized PMO capability must support the executive oversight committee members, who, in turn, can inform the board or regulators as required.

Working alongside the PMO are functional and business unit subject matter experts. You’ll want the expertise of business operations, as well as legal, audit and risk departments, to ensure that any interpretations of new regulatory mandates translate into achievable operational changes.

The PMO is also responsible for identifying any key issues that could impede the action plan. It’s up to the PMO to escalate such issues to the executive oversight committee, and to provide potential solutions.

Make traceability one of your strengths. Regulatory compliance demands transparency – which calls for traceability.

A strong governance structure will provide a framework for clear, compelling evidence of compliance. It will signal your organization’s ongoing commitment to compliance in an ever-evolving regulatory environment. And it will support repeatability, which is important to proving compliance to the board, regulators and investors.

Your action plan should include all regulatory directives together with any explicit criticisms received from regulators. It should also include a set of deliverables with due dates approved by executive owners and the executive oversight committee. You’ll want to show where you’re headed and track milestones along the way.

A strong governance structure is key to compliance and keeping your organization on top of the challenges of a complex and changing regulatory environment. By engaging executives across your company in this structure, you gain the holistic oversight to satisfy changing mandates, demonstrate ongoing commitment to regulators and reduce compliance risk. While specific projects in your action plan will come and go, this governance structure is a long-term asset that will save time, money, risk and brand reputation.

James Pan is a Senior Associate for Point B. He can be reached at 415-606-5667 or jpan@pointb.com.