Lost time is never found again
OPINION: A recent LinkedIn post from Jim Richards, the Founder of RegTech Consulting LLC explored the clear disconnect between the length of time regulators think it takes regulated entities to complete money laundering risk assessments and maintain compliant AML programs and the actual time that it takes them. Jim ran the numbers and it clearly showed that regulators estimates fall woefully short, so it got me thinking (always dangerous!).
If we are really going to move away from a ‘tick-the-box’ mentality to compliance to sustainable compliance capabilities is it realistic for Boards and Regulators to expect so much, from so few. The rate and pace of regulatory change and expectations is accelerating exponentially and without pausing to think of new ways of working we are on a one-way street to a nervous breakdown.
I would be really intrigued to learn from fellow compliance practitioners whether they have any insights into some of these questions:
- Is there a rule of thumb that helps you work out the optimal size of compliance teams? (e.g. complexity of business, size of business)
- What is the average ratio of compliance to non-compliance staff? (Are there any differences by company size, industry or country)
- Is your compliance function properly resourced to cope with the increasing demands placed on it? (and if not what ball is going to get dropped?
- What is the ratio of time being spent conducting risk assessments to proactively mitigating and managing risks through a robust control framework?
- Are compliance teams too harassed doing things the old fashioned manual way, to have the time to research new technology that could save time?
- Is your consultant still peddling the same spreadsheet they created in 2006 and passing it off as the latest and greatest?
If you have any pearls of wisdom or perspective to share, I would love to hear them and get a bit of dialogue going.
Follow us on LinkedIn and Twitter for a daily dose of financial crime news across the globe.