No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Building a Culture of Compliance at Your Organization

Simplifying Compliance for Financial Services Organizations

by Tim Ward
October 14, 2020
in Compliance, Featured
four team members holding blue, green, yellow and red puzzle pieces

StarCompliance’s Tim Ward offers high-level thinking on exactly what organizational culture is, practical steps you can take to shape it and where technology comes in.

Corporate culture is a hot topic. The idea is that it’s a primary driver for all sorts of company activity. Good and bad. Helpful and not so helpful. But it’s an especially hot topic in the world of finance – particularly since the financial crisis – as senior leadership in firms of all shapes and sizes and governments from around the world struggle to find ways to keep firms and the people who populate them on the right side of the regulatory rulebook. But what exactly is organizational culture? And how do you get your head and hands around it in a practical way to shape and point it in the direction you want it to go?

Here, I share an overview of some high-level thinking on the subject from the field of organizational psychology, as well as some guidance on how automated compliance software can be the perfect practical complement to the more philosophical aspects of transforming company culture.

What Culture Is – and Isn’t

Culture is a mindset. When you embed culture, it shapes behavior. It becomes the instrument people fly by. And it’s subconscious, so it’s a very powerful form of behavioral and social control. It’s socialization. It’s why we have cultures. Human beings are wired to create cultures.

Culture is a story we make up about what it means to be in an organization, how we get rewarded or avoid punishment. And every employee makes up that story based on what he or she sees. But you don’t manage culture directly. You manage the things that shape behavior, and once those behaviors are observed and experienced, they get internalized as culture.

Culture is a Behavioral Nudge

Culture can nudge us to do the right thing or wrong thing. Why do firefighters run into burning buildings? It’s culture. Deep socialization. And socialization affects our behavior. Firefighters aren’t calculating. Running into burning buildings is what they do. That’s deep culture.

All people are corruptible. That’s why social psychology and behavioral ethics are so important: They help us understand what affects behavior. The trustworthy company creates a culture that nudges people to doing the right thing.

Culture is Always Moving

Culture is a tournament of competing pressures that employees must respond to. As compliance officers, you’re in the business of affecting those pressures. You’re in the systems business, but you’re also in the culture business. You are leaders that help embed the culture.

Most major trust violations are preceded by cultural drift. An ethical culture is a social control mechanism that can prevent drift. Compliance officers are in the drift-prevention business. Your job is to say: “Look where we’ve gotten to. Let’s find a way to get back to where we were.”

Culture is About Competing Values

In every company, there’s a competition going on about what the real values are. We can say these are our values, but there’s a fight going on about what they are in practice.

Employees want to work for a good company. It’s about building a trustworthy organization, one that’s self-regulating. Because when you don’t self-regulate, you invite external regulation.

Trust and Control is Best

“Trust is good, but control is better.” So goes a famous quote attributed to Lenin. This implies that trust and control are opposites. That you can have trust or control, but you can’t have both. In the compliance business you need to have both, and you can have both.

If you have all control and no trust, then you have a very risky situation. On the other hand, if you have all trust – meaning lots of great culture – but no control, you also open your firm up to risk.

Trust is a Judgment

Trust is a judgment of confident reliance on a person, group, organization or system when there is risk or uncertainty. Trust only matters when there’s risk and uncertainty. If everything’s totally certain — if you can predict the outcome — you don’t need to trust.

When people trust, they do it based on expectations of positive future behavior. If that trust is violated, there’s a trust violation, and people lower their expectations. The relationship is damaged, and people get angry. That’s what distrust is: low expectations about future behavior.

Trust Can Be Managed

We look for sources of evidence as to whether an organization is trustworthy. From that evidence, we decide to trust. But you don’t manage trust directly, just like you don’t manage love directly. You manage other things that lead to that outcome.

Think about managing trust as embedding trustworthiness. You can embed trustworthiness in a person (i.e., a leader), but you can also embed trustworthiness in a company, a system.

How to Gain Trust

We’re not all equal in the degree to which we’re willing to trust. You manage trust by managing trustworthiness. Embed the following six elements into your leadership style and even those with a naturally low disposition to trust will begin to trust you.

  1. Communication: Communicate openly and frequently.
  2. Benevolence: Demonstrate you care.
  3. Alignment of Interests: Demonstrate that your interests are aligned.
  4. Similarities: Communicate that you have similar values and that you have similar loyalties.
  5. Integrity and Predictability: Show you can be predictable and that you practice what you preach.
  6. Capable and Competent: Demonstrate that you’re capable and competent at what you do.

The Paradox of Trust and Control

In any company there’s social control, or culture. There’s behavioral control, or monitoring. And there’s output control, or reporting. Social control is trust inducing. Behavioral control and output control can cause distrust. They can send signals to employees that you don’t trust them.

But you can’t trust all employees. You wouldn’t be a trustworthy company, from a client’s perspective, if you blindly trusted all employees all the time. But employees get upset when you don’t trust them, so it’s important how you implement behavioral and output controls.

If controls are justified and rationalized, trust is enhanced. If controls are arbitrary, distrust and disengagement can result. When controls are enabling, they enhance trust. When they’re coercive, they create distrust.

This is the paradox of trust and control. You need both. Low controls are risky. Too much control means people become disengaged and “check the box.” Optimal trust is the spot in the middle. It’s the perfect combination of trust and control — culture and control systems — administered in just the right manner and in just the right places. This is what a trustworthy organization looks like.

Where Technology Comes In

Thinking along these lines, it’s easy to see where compliance technology can be part of the control system: as part of that balance – that point of optimal trust – between too much and too little control. An employee conflicts of interest monitoring system — whether it be employed for personal trading, gifts and entertainment spending, political donations, private investments or outside business activity — is a control element that can be justified and rationalized to the employee base.

First, systems like this aren’t arbitrary. Just the opposite, in fact. If an employee’s position in the company necessitates personal trade monitoring, for example, chances are there are others in the company in the exact same position — probably people the employee works with on a regular basis and can readily relate to. Compliance monitoring systems also aren’t coercive, or at least they don’t come across that way. It’s up to the employee to physically enter gift or entertainment spends, for example. Yes, it’s required, but it’s still up to the employee to voluntarily complete the task, and it therefore offers some measure of personal empowerment.

Compliance tech also demonstrates openness on the part of the firm. There’s transparency into what’s being asked (i.e., everyone is working in the same system doing the exact same thing). No one is above the rules. The firm is practicing what it preaches. Also, because, as we now know, culture is always moving, it’s worth noting that technology like this helps keep compliance on top of organizational drift by providing data that may indicate standards are slipping and that the firm is sliding toward greater risk and possible ill repute.

This data-driven capability is a fine complement to the compliance officer’s own intuitive sense of what’s happening in the organization, and it is a good reminder that technology on its own is rarely a be-all end-all. Technology is an enabler, a helper, something humans partner with to make a task easier to accomplish and more effective overall. Compliance technology helps firms get to that optimal trust spot. That perfect combination of trust and control. That balance of culture and control systems. That true culture of compliance.

The subject matter for this post is attributed to organizational psychologist Dr. Robert Hurley, who spoke on the subject of company culture and ethics at the StarCompliance 2018 U.S. User Conference.


Tags: Corporate CultureTechnology
Previous Post

ACA Compliance Group Launches Enhanced AML KYC/CIP Solution

Next Post

TrustArc Wins 2020 CyberSecurity Breakthrough Award

Tim Ward

Tim Ward

Tim Ward is a Director of Product Strategy and Marketing at StarCompliance, a leading provider of compliance software solutions to the global financial services sector. Tim has spent nearly 25 years in financial compliance and is an experienced software development professional. At Star, Tim focuses on the mid- to long-term product roadmap – traveling the world, listening to clients and prospects and keeping his ear to the ground for murmurs of what the marketplace needs and then shaping the STAR Platform in response. Tim has lived and worked in Australia, Singapore, France and the U.S. and holds a BEng from Nottingham University in Electrical and Electronic Engineering. He’s currently based out of Star’s York, U.K. office.

Related Posts

Fox_McDonalds Delaware Chancery Court Case_f

McDonald’s Delaware Court Decision Will Change CCO World Forever

by Corporate Compliance Insights
February 9, 2023

Podcaster and compliance expert Tom Fox digs into the details of a recent Delaware Chancery Court decision and how it...

Fox_Incentives in Compliance_f

Incentives in Compliance

by Corporate Compliance Insights
January 23, 2023

Learn more about how compensation can reinforce compliance culture (or not) Encouraging Good, Discouraging Bad Incentives in Compliance What’s in...

best employees speak up

Why Our Best Employees Don’t Speak Up

by Courtney Sander
November 2, 2022

Are we conditioning our employees not to speak up? The traits present in our best employees might make them less...

regulatory storm

The Regulatory Storm Is Coming. Compliance Can Help Tech Leaders Batten Down the Hatches

by Stuart Breslow
September 14, 2022

The “move fast and break things” mentality that serves tech entrepreneurs well when they’re getting their companies off the ground...

Next Post
gold award on orange background

TrustArc Wins 2020 CyberSecurity Breakthrough Award

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT