Tell us how you got into the compliance field and what do you love about the work? Right out of college, my interest was in several professional careers but compliance was not one of them. It was more important to me at the time to find a job with a reputable company and a manager that could provide me mentorship. Serendipitously, I found a job that evolved from managing bank identification numbers (BINs), to documenting and enforcing SOX and business key controls, and eventually to overseeing compliance for corporate code of conduct, anti-bribery and corruption and anti-money laundering. So getting into the compliance field was not because I knew the importance and versatility of the function or had the professional goal to become a Chief Compliance Officer (CCO). Instead, getting into the field was built on earlier experiences where I was unknowingly applying compliance principles that groomed me for a formalized role in compliance. I love working in compliance because, contrary to the perception that compliance is pretty rigid and always looks at what is, or is not, being done that could get a person or a company in trouble, it gives me the opportunity to be unorthodox and creative in driving understanding and adoption of corporate policies and regulatory requirements. I find that compliance employs prior professional and interpersonal experiences to create the effective CCO and so I'm fortunate that nothing I've learned in prior roles has gone to waste.
What do you feel are the most interesting developments in the compliance sector for the technology industry as a whole? For your specific business/industry? I see the following as some of the most interesting developments in the compliance sector for the technology industry as a whole: regulators grappling with technological innovation and its impact on all they've known from a compliance perspective; the importance and availability of data and how to use it effectively without tripping pervasive local and international data privacy requirements; and the need for the compliance professional to be well versed in technology to be effective. Specific to the payments space, some interesting developments include challenges with unique identification of the individual as we move more and more into eCommerce and away from in-person transactions; new ways of criminal behavior for victim assisted fraud where unsuspecting people are coerced into making payments for bogus criminal charges; the need to rethink money laundering risks in this era of crypto currency.
What are some of the most difficult parts of building compliance teams in an extremely complex regulatory environment? Building a compliance team depends heavily on the organization's commitment to do more than pay lip service to the establishment of a program. Management must demonstrate overt and participatory tone at the top and in the middle, provide commensurate budget and financial support, and adjust the requirements for ROI justification to reflect the mandatory and often unpredictable nature of the compliance function. Unfortunately, such support is limited and provided only when things go wrong. Other challenges to building an effective team include overcoming negative misconceptions about the compliance function and finding people with the right mix of interpersonal and analytical experience to build the team. My response to these challenges includes employing non-traditional recruiting strategies and team management tactics and adopting advocacy and salesmanship as effective tools for the CCO in dealing with management.
What advice would you give someone who's interested in a career in compliance? My advice to anyone interested in a compliance career would be to open minded about what makes a successful compliance professional. The functional requirements are changing and we're slowly but surely moving away from leaning solely on lawyers and regulators for compliance responsibilities. Developments in technology especially has increased the need for analysts and other professionals who come into compliance with their own unique experiences and then learn the regulatory and legal requirements applicable to the specific compliance space. I personally believe (and my background supports this) that it is easier to create a compliance professional from an analytical thinker than the other way around. So, persons interested in compliance should see value in all knowledge already acquired and continue to develop a versatile background. Also, it is never too late to get into compliance. You may need to start in an innocuous fashion by providing support services to a compliance team, such as delivering reports based on transactions or conducting research on regulatory requirements, to get your foot in the door. Don't worry too much about certification because that can be obtained on the job with the right management support. Instead, focus on the ability to be persuasive, especially with senior management and keep developing knowledge of the fundamentals of your business that subject it to compliance risks. Be approachable, introspective and able to laugh at yourself, often privately, especially when things don't go as planned.