The story of Harambe, the Cincinnati Zoo’s much-loved Gorilla, went global in its interest. A defenceless animal was shot and killed to save a child who had fallen into its enclosure, not to mention the trauma suffered by the child. Investigations have since found that the barrier separating the public from the gorilla was not in compliance with primate-housing standards and requirements.
This simple story serves as a reminder as to the real reason for the compliance requirements and obligations we face, that is, protection of the various stakeholders of our businesses.
Our compliance focus should, therefore, be, first and foremost, the protection of our stakeholders and not the repercussions of breaching/getting caught! Compliance obligations set out the minimum control standards and operating procedures expected of us.
So that brings us to the “BEARs” – the Banking Executive Accountability Regime. This regime will apply to financial institutions that take deposits from the public (Approved Deposit Taking Institutions or “ADIs” as they are known in Australia.) As with Harambe, the BEAR compliance requirements focus on protecting a financial institution's stakeholders from the risk of poor culture and poor conduct from “Accountable Persons” within the institution. This will cover directors and Senior Executives being primarily the C Suite. Read article, Understanding Compliance Risk.
Now – the Bear has teeth!! The maximum penalties for breaches range from $210m for large institutions down to $10.5m for small institutions.
All of this is just legislating what institutions’ directors and executives should have been doing all along, that is, being honest, operating with integrity, demonstrating care for each stakeholder and having the right skills to do that job. Also, traditional incentive and remuneration schemes have failed to recognise and motivate the correct behaviour by focusing on short-term reward rather than the risks over the longer term. Deferred remuneration provides a legislated motivation to think about risks, the longer term, and most importantly the needs of the key stakeholder, the customer.
We can either despair at the ever-increasing compliance requirements we seem to face, or we can face up the problem and manage our compliance requirements efficiently and effectively while also strengthening our internal risk management processes to ensure a better outcome for all.
Author of 'A Short Guide to Operational Risk', David Tattam is an internationally recognised specialist in all facets of risk management, particularly at the enterprise level. His career includes many years working with PwC, as well as two Australian banks. His achievements include the creation of the Middle Office (Risk Management Department) for The Industrial Bank of Japan in Australia and the complete implementation of all Australian operations, systems, procedures and controls for Westdeutsche Landesbank (WestLB).