With tightening budgets, increasing regulatory expectations, and a growing number of risks, compliance teams at financial institutions face big challenges as they work to fulfill their mission to mitigate financial crimes and protect their organizations. These challenges—along with the difficulties caused by the abrupt switch to remote working during the pandemic—highlight the need for institutions to remain focused on ensuring their staff is well trained and on building a culture of compliance.
Since every institution has a different set of risks, necessitating varying compliance policies, institutions should understand that one form of training cannot fit all situations. The need for a tailored training program is universal, regardless of an institution’s resources. It is more important than ever for financial institutions to revisit their training programs and make targeted, sustainable improvements to ensure the training covers their particular risk profile.
Training: Laying the Foundation
With the global financial system becoming more and more complex and financial criminals and terror organizations themselves becoming more sophisticated, regulators have raised the bar on compliance. In the past, financial institutions could satisfy training requirements by requiring compliance training on an annual basis. Providing one overview training program to all employees in the financial institution, however, is no longer acceptable to regulators. Today, training must be risk-based and tailored. Financial institutions must ask themselves, “Do our training programs match the risks of our institution, and the variety of functions within it?”
Robust training begins with a comprehensive training needs assessment. Financial institutions should examine their medium- and high-risk areas and develop targeted training that aligns with those risk segments. For example, is the financial institution involved in correspondent banking in jurisdictions adjacent to conflict zones or areas subject to sanctions? Does the institution offer private banking services? A thorough training needs assessment will surface issues such as these while identifying the areas where targeted and tailored training is required to enhance financial crime safeguards.
Next, financial institutions should ask, “Do our employees have the right experience and training to do their jobs?” Institutions need to make sure their employees receive training in higher risk areas tailored to their roles and responsibilities. Tellers, as an example, routinely handle large amounts of cash, so they should have specific training on currency transaction reports (CTRs), while private bankers may need to get specific training on international tax requirements.
Another important area for financial institutions to consider on an ongoing basis is regulators’ expectations for skills training. Increasingly, regulators are looking at the skills and career paths of bank employees. In other words, do the employees in that specific role have the right knowledge, skills, and experience to carry out their compliance responsibilities? Thinking critically about whether the employees in key roles possess the right set of skills and expertise should guide institutions as they develop long-term training programs.
Training in the COVID-19 Era
The coronavirus pandemic forced many institutions to adapt to remote working and virtual meetings. These changes will likely have long-lasting effects on financial institutions’ operations, including the methods they use to offer training. As many institutions experienced, transitioning from in-person training programs to virtual training, without diluting the training’s impact, is challenging. Some ways that institutions can deliver effective, ongoing, and robust virtual training include:
- Keep it concise. Shorter, bite-size learning is a trend in training programs. Instead of offering half-day and full-day sessions, break programs into shorter segments of 20 minutes or less, which are easier for participants to absorb—and schedule.
- Be creative. Mix up different formats and, where appropriate, use blended approaches such as e-learning, assigned reading, and video clips. Encourage participants to prepare for in-person or online sessions by completing assessments in advance.
- Encourage questions. One advantage of in-person training sessions is that participants are able to raise questions right away. Design virtual training to encourage questions, so participants can take part in—and be a part of—the training. An easy way is to have a Q&A “box” on the screen that allows participants to ask their questions in real time.
- Track progress. Institutions should test employees’ knowledge and track their progress during training, providing well-defined objectives and clear deadlines for completion. This issue is not new: A number of years ago a bank made an unpleasant discovery after implementing a third-party testing program that had no set limit on the number of times an employee could take the test. The bank found some employees had taken the test numerous times to achieve a passing grade. Today, online testing systems are more configurable and sophisticated, but a good practice in any form of testing is to set up the system to only allow up to three attempts at taking a test before triggering remedial learning, retesting, or escalation to a manager, and to block the option of accessing the test directly without going through the training.
Creating a Culture of Compliance
Effective training programs are only as good as a company’s underlying culture of compliance. Such a culture transcends periodic or annual training and keeps a financial institution’s employees focused on identifying compliance risks and mitigating them accordingly. The risks and regulatory requirements financial institutions face demand that institutions strive to make compliance culture a driving force in their daily business.
Some keys to creating a compliance culture include:
- Set the tone from the top. In any organization, how leadership approaches topics sets a tone for all to follow. Financial institution leaders, therefore, should remind their employees of the importance of compliance in their own voice (e.g., during “town hall” meetings).
- Model desired behaviors. A highly reinforcing activity for staff is seeing leaders practice what they preach. Executive leadership that co-facilitates and participates in compliance training programs, for example, sends a powerful message to frontline staff by modeling the behaviors the institution expects of employees.
- Ensure robust, recurring communication. “One and done” is not an effective way to deliver communications or develop an organizational culture. A robust communication program issues clear messages in a recurring fashion. Financial institutions that want to create a culture of compliance should issue policy alerts and remind staff of changes. This information should then be easily accessible and readily available for employees (e.g., via a specific page on the institution’s intranet). Town halls, quarterly newsletters, and even short video messages explaining changes can be effective ways to ensure that all staff members understand what they must do to support the institution’s focus on compliance.
In the ever-changing field of compliance, an effective training program and the development of a sustainable compliance culture can better position financial institutions to manage their financial crimes risks, both those currently present and those lurking around the corner.