Home / Featured / Risk Management – Compliance Culture

Risk Management – Compliance Culture

To strengthen its compliance culture, a financial institution must ensure that compliance risks are not compromised by revenue interests. Seems simple, but there are many issues to consider that underlie a strong compliance culture.

Compliance Culture Attributes

A strong compliance culture begins at the top of the organization; is inseparable from the organization’s structure, processes, and management style; and includes strategic vision and strategic goals. A positive compliance culture must permeate enterprise risk management to address risks in each strategic area. Without a commitment to compliance, even the best policies and procedures will be useless.

The culture of a financial institution’s compliance discipline is:

  • established by the top management;
  • characterized by senior management example;
  • embedded in activities, such as education and robust self-management;
  • reinforced by incentive and rewards systems;
  • strengthened by enforcing corrective actions; and
  • integral to information systems and their use and management.

Three C’s of Compliance for a Strong Compliance Culture

The Three C’s of Compliance – communication, confirmation, and correction – establish the tone for how each individual employee regards his or her role in compliance.[1]

Communication – Compliance communication begins at the top.  An organization’s leaders must establish its ethical tone and state its values, then communicate these clearly to all personnel. Employees must receive a clear and consistent message.

Confirmation – Automated business systems function as they are programmed – without regard to error.  A financial institution must make a commitment to building checks and balances into systems for accuracy and completeness.  Confirmation contributes to confidence that the compliance system is performing as desired and that bank staff is performing suitably.

Correction – Financial institutions must put processes in place to effectively handle compliance incidents that are detected, identify root cause(s) to violations or operational errors, and address the root cause(s) of each problem to preclude recurrence. Robust processes for correction build integrity into the compliance culture.

Everyone at a financial institution is responsible, in some part, for the strength and integrity of the compliance culture. While automation rises with the demands of consistency, cost-effectiveness, and efficiency, compliance culture boils down to PEOPLE.



Around the Industry:

Effective Now:

CFPB issues interim rule about mortgage foreclosure procedures.

On the Horizon:

NCUA issues proposal about use of official statement.


Think ‘spear fishing’ is only done on your summer vacation? See this!



[1] http://www.qualitymag.com/ext/resources/files/white_papers/BuildingaCultureofCompliance-IBS.pdf


Be Sociable, Share!
(Visited 185 times, 1 visits today)

Check Also

Avoiding Surprises

Servicing Quality Assurance and Quality Control Monitoring Systems can be Management’s Best Friend By Jim …