The story of Harambe, the Cincinnati Zoo’s much-loved Gorilla, went global in its interest. A defenceless animal was shot and killed to save a child who had fallen into its enclosure, not to mention the trauma suffered by the child. Investigations have since found that the barrier separating the public from the gorilla was not in compliance with primate-housing standards and requirements.
This simple story serves as a reminder as to the real reason for the compliance requirements and obligations we face, that is, protection of the various stakeholders of our businesses.
Our compliance focus should, therefore, be, first and foremost, the protection of our stakeholders and not the repercussions of breaching/getting caught! Compliance obligations set out the minimum control standards and operating procedures expected of us.
So that brings us to the “BEARs” – the Banking Executive Accountability Regime. This regime will apply to financial institutions that take deposits from the public (Approved Deposit Taking Institutions or “ADIs” as they are known in Australia.) As with Harambe, the BEAR compliance requirements focus on protecting a financial institution's stakeholders from the risk of poor culture and poor conduct from “Accountable Persons” within the institution. This will cover directors and Senior Executives being primarily the C Suite. Read article, Understanding Compliance Risk.
Now – the Bear has teeth!!! The maximum penalties for breaches range from $210m for large institutions down to $10.5m for small institutions.
All of this is just legislating what institutions’ directors and executives should have been doing all along, that is, being honest, operating with integrity, demonstrating care for each stakeholder and having the right skills to do that job. Also, traditional incentive and remuneration schemes have failed to recognise and motivate the correct behaviour by focusing on short-term reward rather than the risks over the longer term. Deferred remuneration provides a legislated motivation to think about risks, the longer term, and most importantly the needs of the key stakeholder, the customer.
We can either despair at the ever-increasing compliance requirements we seem to face, or we can face up the problem and manage our compliance requirements efficiently and effectively while also strengthening our internal risk management processes to ensure a better outcome for all.
Read our complete guide to compliance and compliance risk management below for tips on understanding compliance requirements and keeping your obligations register up to date.
David Tattam is the Chief Research and Content Officer and co-founder of the Protecht Group. David’s vision is the redefine the way the world thinks about risk and to develop risk management to its rightful place as being a key driver of value creation in each of Protecht’s clients. David is the driving force in driving Protecht’s risk thinking to the frontiers of what is possible in risk management and to support the uplift of people risk capability through training and content.