26 October 2017

Is compliance costing you money and increasing your risk?

James Daley

By James Daley LinkedIn

Many compliance and legal teams attempt to stop their organisations taking any risk whatsoever. But the result is often a box ticking approach which results in poor outcomes for customers.

Rules and regulations are an enormous pain (and cost) to financial services companies. If your business has five employees and a handful of customers, it's not so difficult to make sure that everyone is on the same page and obeying the law. But if you're a company with thousands of employees and millions of customers, compliance becomes a logistical nightmare.

Banking and insurance rulebooks run to hundreds of pages. Worse still, there's a continuous stream of new rules and amendments coming down the tubes.

Understandably, most large companies begin their approach to compliance with the rulebook. They invest significant sums of money in putting processes and procedures in place to ensure that the business is meeting each and every requirement.

And when literature and processes have been signed off by the compliance team, the lawyers usually weigh in with their view - testing everything against a set of hypotheticals, and inserting extra clauses and processes to cover their organisation were they to end up in a court of law.

What about the customer?

The problem with this approach is that the customer is not involved at all. Marketing and product teams may devise their offering with the customer front of mind. But by the time compliance and legal have given their blessing, the journey is full of small print and language that the customer can't make head nor tail of.

It's a familiar problem and one that we often go into organisations to help them with. My view is that far from protecting their organisations, compliance and legal teams that operate in a rigid way end up leaving their business exposed to much greater risks.

In the first six months of 2017, more than a third of cases that went to the Financial Ombudsman Service were upheld in favour of the customer.

That means that the customer complained, the firm rejected their complaint, and then the customer appealed to the Ombudsman and had their case overturned. In one in three cases.

Some firms saw as many as one in two Ombudsman complaints upheld in the customer's favour.

Risky business

All of these firms will have devoted extensive resource to legal and compliance teams whose job it was to protect their company. But the Ombudsman stats demonstrate that too often, the way they categorise risk is wrong.

Customer journeys and documents are designed in such a way that the rules are adhered to, and the lawyers are content. Yet, companies end up losing a significant proportion of their disputes all the same.

Sure, the compliance team may boast that their firm has not been the subject of any FCA enforcement action recently. But you have to veer way off the mark to find yourself in the regulator's black book these days. Losing large volumes of cases at the Ombudsman comes with its own cost and reputational damage - and is just as bad as being called out by the FCA.

If I'd spent weeks complaining to a company, been sent on my way with a rejection to my complaint and then persisted with an appeal to the Ombudsman, who vindicated my grievance, I wouldn't hesitate to tell all my friends and family how much contempt I felt for the firm involved.

That is exactly the experience of tens of thousands of consumers every year.

Compliant firm, unhappy customers

More and more businesses are waking up to this reality - and understanding that strict adherence to the rulebook can in fact deliver poor customer outcomes and end up being counter productive.

When we work with organisations we try to encourage legal and compliance teams to categorise the risk in terms of probability and potential cost. At that point, the decision about whether the risk should be taken must be passed onto senior management. It is not the job of legal and compliance to stop their companies taking any risk at all.

The companies with the least friendly documents and customer journeys are the ones where compliance and legal teams have the final say - and drive through their approach by spreading fear.

Every company I've ever worked with has told me that they put their customers at the centre of what they do. But this has to be more than rhetoric. It must mean giving the power to customer experience teams and senior management to decide whether occasionally breaking away from the letter of the rulebook is a risk worth taking in pursuit of clarity. 

It seems unlikely the regulator will come down on a firm like a ton of bricks for a misdemeanour which was committed in pursuit of better customer outcomes.

Just to be clear, I'm not calling on firms to ignore the rulebook. In most cases, it's just a matter of taking a different view - and breaking away from the interpretation that your peers in the sector have put on a particular rule or regulation.

There are significant gains to be taken by those who can take a more agile approach to risk and customercentricity. Businesses must start by realigning their lines of authority and decision making to ensure that "Putting customers at the heart of everything we do" is much more than just a strapline.