Speakers at the opening session agreed that leadership is an integral part of the compliance function, and an important skill for International Compliance professionals to possess. Performance coach, author, and psychologist Jamil Quereshi outlined the ‘six Cs’ of high performance, noting that the teams that perform the best are often ‘multi-faceted emergency response teams’.
These six Cs, Quereshi observed, are cooperation and a willingness to co-operate; collaboration i.e. genuinely working together; cognition, or tactical awareness, in other words, understanding the available resource; a level of healthy conflict within the team which provides diverse and collaborative, bottom-up opinion; coaching from their peers; and timely and accurate communication.
Leadership and Competence
Amalia Chilianis, consultant, coach, speaker, and trainer echoed Quereshi’s sentiments. She said that often people talk of leadership as one large bucket, but there are nuances, depending on your organization. ‘You can’t be a leader if you don’t know your stuff,’ Chilianis said. ‘On top of that you have to build credibility and you do that by being visible and approachable. She continued:
Compliance is absolutely about doing business better. For compliance [professionals] to do their job we need to understand the commercial drivers … Although change is the ‘new normal’, compliance leaders have always been adaptable and enabled change because of regulation changes and business changes.
The Psychology of Compliance
Simon Hurry, Managing Founder and Strategist of PlayNicely claimed that compliance officers will be among the most important people in our society over the next ten years due to their vital role in preventing crime and driving ethical behavior.
‘Once we stop to think about how people behave, we can begin to understand compliance,’ Hurry said. ‘If compliance is going to be successful going forward, it’s going to have to motivate people,’ he added.
Hurry went on to remark that International compliance is not about being a police officer – it is about enrolling others, about educating and inspiring. Inspiration, he said, is often found in laying the foundations for compliance’s importance.
Cyber Heist Uncovered
We have seen significant growth in cybercrime, particularly high-profile ransomware campaigns, over the last year as a result of COVID-19. Breaches leaked personal data on a massive scale, leaving victims vulnerable to fraud, while lives were put at risk and services damaged.
Paul C. Dwyer, President of the International Cyber Threat Task Force, convened with like-minded experts on day two to discuss these growing threats, and share his experience working in the field.
He began by saying that many cybercriminals are themselves either groomed or targeted and that this needs to be taken into consideration when working to combat the threat. Dwyer further highlighted the physical aspect of cybercrime, noting that, as it is often integrated with traditional organized crime, cybercrime should not be thought of as a separate entity.
Cyber Risk: A Technology Problem… or a People Problem?
Is cyber risk a technology problem, or a people problem? This is a question often asked of cyber experts and the answer is far from simple.
At the second session on the BIG Comp Fest Day 2, Jonathan Bowdler, Head of Regulatory Compliance at International Compliance Association, Jon Stoddard, Information Security and Threat Intelligence Leader at Lloyds Banking Group, and Guy Sheppard, Head of Asia-Pacific Financial Crime, Intelligence, and Cyber at SWIFT, wrestled with this question, tapping into their own experience in their respective fields.
All agreed that employees are either the weakest or the strongest link in an organization. One participant said that the rules have changed as a result of the COVID-19. ‘When we built our control frameworks we built them on the assumption that people are in an office working environment. That brings risks and opportunities.’
Shifting cybersecurity from a compliance to a risk focus
Greg Slayton, CISSP, Client Partner at Galvanize, and Nick Frost, Co-founder of Cyber Risk Management Group, discussed the opportunities and challenges of shifting cybersecurity from a compliance to a risk focus.
The speakers agreed that cyber risk is interwoven into a range of other risks, including operational risk, and that cost is not always the number one factor that decides whether the business implements cybersecurity measures.
Complexity and the user experience are the other significant obstacles that the business considers. An audience poll during the presentation demonstrated that most delegates are 50% compliant, 50% risk-based. The speakers commended this as is a positive trend. ‘Five years ago, we would have been much more International compliance led’, Frost said.
‘Transaction monitoring: A technical arms race’ inaugurated day three, with moderator Pekka Dare, FICA, Director, Stakeholder Engagement & Delivery Excellence, ICA, hosting Pawel Kryszkiewicz, Product Manager, Comarch, Eve Rahmani, Financial Crime Risk Specialist, Accenture, and Ashley Bostel, Product Development Manager at Nasdaq. ‘Banks have realized it’s a changing landscape and they need to keep improving.
Banks have to introduce AI and machine learning for improved effectiveness and efficiency,’ commented Rahmani, adding that they have to turn to technology to allow them to keep improving their standards, whilst having a sustainable model.
Surfacing New Threats in Retail Banking
Head of Business Financial Crime Risk, Data & Analytics at HSBC Francisco Mainz, and Araliya Sammé, Head of Financial Crime at Featurespace, said that integration is key when it comes to financial crime technology.
We had to go through several iterations of the process to interpret the data and to understand what the process was that was going on inside the black box … A few years ago you could build a team with only a little bit of IT skills. We now need to have a good balance between being technical (not just Excel, but things like Python and analytical skills) as well as financial crime
Meeting the challenge of sanctions compliance
Richard Dunmall, Head of Sanctions at SMBC, said that a reliance on the list-based approach is no longer sufficient. He added that a lot of education is needed for business colleagues: ‘They would previously have placed a lot more reliance on screening and controls in the background, but we have had to explain to colleagues that they are the first line.’
FinCEN Leaks from the Inside
Martin Woods, Financial Crime Consultant, AML Ltd, Tim Tyler, Head of Financial Crime International Compliance, ICA, and Pekka Dare, Director, ICA, discussed the recent FinCEN files leaks and the implications for the financial services industry.
‘There has been fantastic progress in money laundering,’ said Woods, but ‘we still seize 1%; I think this presents an opportunity for the AML community to make some fantastic progress.’
However, Woods warned that ‘we haven’t stopped the money laundering. And the public does wonder “what was the point of these reports?”’ Woods further highlighted the importance of robust training and the connection between combating money laundering and saving lives.