9 Things They Don’t Teach You in Compliance School 

Twenty years ago, a now defunct magazine, MBA Jungle, had a monthly column titled “What B-School Didn’t Teach Me.” They reached out to a myriad of businesses across all sectors to respond to the question.  As a Compliance officer at a big asset manager, they reached out to me for comment.

I responded that a manager doesn’t want to hear only the good news. Those in charge need the whole honest picture – and they often reward those who provide it. For example, a company I worked for had just been hit with significant regulatory fines. The CEO called a conference with his top 20 compliance officers and asked us to rate our department on a scale of 1 to ten.  Everyone said seven or eight.  I said four.  He asked me to explain. The huge fines we just paid are, at best, an indication of departmental sloppiness.  Three weeks later, they reorganized the whole corporation. The CEO specifically asked me to apply.

The job of a compliance officer is difficult but critical when complying with the federal securities laws.  In our blogs and podcasts, Oyster Consulting frequently asks its associates to identify issues they have learned from their decades of Compliance and Regulatory experience. Here are a few best practices that you probably won’t learn just by getting your license:  

• Encourage business leaders to discuss compliance at their monthly meetings.
• Have the CEO attend a Compliance department meeting to show Management’s commitment to compliance. 
• Keep everyone informed about compliance initiatives and implement training to continuously improve the compliance program. 
• Prior to being faced with a regulatory exam, ensure that Management understands that a regulatory exam is not a Compliance-driven event; it is an evaluation of the risk and of the business itself.
• Incorporate a risk assessment to prioritize your compliance program. A thorough risk assessment should be the product of not only the work that the firm done in the previous year, but also regulatory changes, entry year, upcoming issues, business model shifts by the firm, new business lines, retiring business lines and new hires.   
• Get to know traders and portfolio managers before there are any compliance issues. Developing trust will go a long way when compliance issues arise.
• Develop a relationship with your regulatory risk analyst or representative before there is an exam. Having a good relationship helps them know that they can trust what you’re telling them, that you will get them the documents in that amount of time and that the documents are what they asked for. Risk analysts can also be a useful resource when investigating new rules and new lines of business.
• Ensure your procedure manual aligns to your calendar to avoid aspirational procedures you may not have time to implement or that may not have a mechanism for implementation.
• Incorporate the best GRC technology option for the firm so the Compliance team can work efficiently and manage data. The regulators are using technology and data analytics, and so should you.

There is more to being a Compliance Officer than what’s in a book. Oyster’s experts have the CCO, FINRA, SEC and state regulatory experience to help solve complex regulatory challenges. Oyster Consulting provides compliance support to broker-dealers and investment advisors, including risk assessments, testing, remediation, outsourced compliance roles and automated compliance solutions.