“Knowledge comes, but wisdom lingers.”

—Alfred Lord Tennyson

Compliance and compliance risk management as a formal function is at its adolescence. It is going through its share of trials and tribulations and will hopefully mature into healthy adulthood. Its mentors, regulators, management of financial services firms, and the external environment will have a big say in this process.

Regulations, whether macro/micro-prudential in nature or conduct-related, are based on the expectations that the environment has of the financial services industry. The compliance function is tasked with ensuring that the organization is in balance with these expectations. The criticism is that in practice prudential regulations receive greater attention from both the regulators and the regulated. This approach is probably the cause for the many slips in the conduct and business integrity space. The latter trend seems to be changing, but slowly. Conduct regulations and their relevance, the conformity to which is largely the responsibility of the compliance function, are being brought into focus both by industry players and media participants. Some argue that this is truer of the latter.

It is important to note that more regulation does not mean better regulation, and more compliance expenditure does not mean better compliance. Cost-benefit analysis, both by the regulators and the regulated, is a sanity check that will help evolve an optimal approach to address the areas of concern. Some ...