How To Build a Compliance Culture in Your Organization

I see it all the time. A business—whether early-stage or more established—makes a legal misstep or a series of missteps, perhaps related to its product or perhaps as a result of claims or communications with customers. Then it has to call in legal experts to deal with the regulatory ramifications and other fallout. In such situations, corporate leaders wish they’d had a better up-front understanding of the regulatory environment. They learn the nuances eventually, but at a steep cost.

This common scenario highlights the importance of creating a compliance culture in your organization, especially if you operate in a highly regulated environment.

A thoughtful compliance culture helps managers and employees understand the relevant regulatory frameworks and requirements, develop best practices for complying with them, and build compliance considerations into all the company’s processes—from product development to marketing, and from customer communications to operations. It also helps an organization work effectively with customers, partners, and other stakeholders.

A compliance culture emphasizes the value of “doing things right” organization-wide, from customer offerings to internal processes and communications. Organizational decisions are driven not only by commercial feasibility and consumer preferences, but also by any compliance-related requirements or boundaries. This helps the company avoid costly pitfalls like having to rebuild a product or service offering due to legal issues or negative publicity. A compliance culture lowers the risk of lost trust and lawsuits, which can be game-ending.

Increasingly, a compliance culture is becoming a must-have, with myriad benefits. For one, consumers are ever more sophisticated about what they buy, with sky-high expectations for service. If a company fails to meet those expectations, negative reactions can be swift, large, and costly, due largely to social media and the ease of filing complaints with various regulatory bodies.

Creating a strong compliance focus ensures you’ll offer more credible, attractive products to today’s market. That’s particularly important for businesses in industries that face a complex, changing set of federal and state regulations.

3 Things to Understand

The cornerstone of a compliance culture is an understanding of three related aspects of the business:

1. Understand the regulatory landscape.  You need to understand the legal/regulatory environment in which you operate—the laws and frameworks in play; the regulatory agencies and other bodies with influence at federal, state, and local levels; and any unspoken norms that may go beyond the codified rules in place. This means getting into the details of often-complicated regulations and understanding their implications for what your organization is offering or planning to offer. In-house and external counsel can advise; learn to ask the right questions to make the best use of them.

2. Understand industry practices.  In many cases, industries go beyond the legal regulations in place, and this becomes standard practice. For example, banks may be wary of offering third-party lending products with APRs (annual percentage rates) they view as too high, even if the rates are within legal bounds. Learn the standard practices in your sector, with the help of industry experts or even leaders of competitors such as through industry associations.

3. Understand customer expectations.  Just as industries have expectations that may go beyond regulations, so do customers. Work to understand what your target customers expect of your product and service offerings by researching content on consumer forums (especially consumers’ posts about negative business experiences), conducting focus groups, and speaking to consumer advocates.

Build a Compliance Culture

Once you’ve developed an understanding of the environment your company is operating in across these three areas, use that knowledge to build an effective, sustainable compliance culture. Here are practical tips for getting there:

Partner with legal advisers.  Find trusted in-house and external attorneys to partner with. Interview candidates carefully, to ensure you’re recruiting professionals invested in understanding your business needs in your regulatory context.

“Partner” is the key word, as you need to provide a clear, full vision of what you hope to achieve in the market, including existing and planned offerings, growth, and potential risks. Together, you can work to understand the regulatory layers you’ll have to deal with, and how those might represent barriers to entry and other challenges. Aim to engage in regular dialogue about the viability of ideas and potential risks, along with creative solutions, promoting a strategic, compliant approach.

Build to the regulatory framework.  When your organization starts building a product, align it to the relevant legal framework. That means educating businesspeople about any relevant regulatory issues—including limitations, licenses, permits, and other rules—and how these may differ by state or other jurisdiction. Being deliberate in this arena enables better products and faster growth.

Create a compliance management system.  The goal for leadership is to use the ideas here to build a robust compliance management system. That means a team approach—with the company’s board, businesspeople, legal advisers, and others—to conducting a comprehensive risk assessment across key regulatory areas, to understand where a product faces more risk and take steps to reduce that.

For example, financial services leaders must recognize risk in their underwriting processes (such as perceived discrimination) and advertising. Then they need to ensure full review of offerings—such as underwriting rules and advertising templates—by the legal team, in close collaboration with the business side. This enables a proactive rather than reactive approach. Then, they can build appropriate policies, processes, and controls. 

Drive continuous improvement.  As with any system, aim to refine the compliance management system through feedback and lessons learned. For example, business leaders should receive feedback regularly from legal partners around shifting regulatory practices, and what adjustments are required for products and advertising. Ongoing reviews, trainings and meetings, and other forums can facilitate this.

I hope I’ve made a strong case for building a compliance culture in your organization. Use the ideas here to create such a culture and compliance management system, to not only survive in an increasingly regulated environment, but to thrive.

Lana Shneydina is Sunbit’s general counsel, leading all legal and regulatory compliance matters. She holds an LLM degree from UCLA Law School, a law degree from the International Solomon University and an MA in International Economics and Finance from Kyiv National Economics University. Her most recent role was Deputy General Counsel at Avant where she supervised all regulatory aspects of business. Prior to Avant, Lana built and managed the legal team at Global Analytics. She also has significant experience from her time as consumer finance regulatory and compliance counsel at Enova International.

From: Corporate Counsel