This is part 5 of a five-part series with Tom Fox and the FCPA Compliance Report on defining and building an effective compliance program. The series will consider key challenges in compliance, why compliance needs a seat at the table, how to do compliance on a budget, compliance training and culture, and what is on the horizon for compliance.


Building an effective compliance program is an ongoing process. It includes getting involved with and aligning with the institution’s business lines and keeping an eye on budget and training. And it also means looking ahead to the future to plan for and meet the challenges that lie ahead. Compliance teams need to consider what regulators are thinking about now and to forecast six, twelve, and even eighteen months down the road when it comes to compliance. Compliance professionals are viewed as proactive, creative problem solvers. In the opinion of regulators, meeting the regulatory requirement is the absolute bare minimum. This means compliance professionals need to be thinking about going above and beyond.

Business models are always changing—they grow, expand, and even move horizontally because the world is always changing. Compliance professionals need to be agile and prepared for this change. More importantly, from a pragmatic standpoint, when something does go wrong, having been prepared and being able to demonstrate that there were procedures in place in case of such an occurrence can be helpful in terms of remediation and in terms of getting the regulators on your side.

Regulators are looking for compliance professionals to be proactive and to be creative problem solvers. This requires proactive compliance and highlights the need to take innovative approaches to doing more with less and to making sure that the institution’s compliance department can meet all of its obligations despite these extraordinary circumstances. All the federal regulators have made it clear that their expectation is for corporate compliance to be thinking about creative solutions. For example, U.S. banking regulators have really tried to make it clear that there is a safe space to experiment with new compliance technologies. While not all institutions feel confident taking them at their word, they are making it clear that they expect people are going to be trying new things. 

One area for innovation has been in considering ways to share the burden of compliance costs through managed services and shared compliance resources across institutions. Another area where compliance is expected to be proactive is related to identifying and mitigating emerging risks and illicit finance topologies. This is because with all the federal bailout monies, there will be a lot of bad actors trying to take advantage of the current crisis situation. Compliance functions need to be able to adjust to those changing threats and risks. 

Doing More with Less 

Funding is an important issue right now, and with the economic conditions that banks are facing that is not expected to change any time soon. Banks may start to face a backlog related to their compliance tasks. This could strain already stressed resources at a time when boards and senior leaders are really preoccupied with things other than compliance.

In the near term, compliance departments need to triage and think about the priorities, make it clear that they do prioritize compliance even in this environment, and reinforce the commitment to compliance at all levels of the operation. This includes clearly communicating priorities. 

Banks and other financial institutions have specific regulatory commitments, and may even have monitors in place. These institutions should be thinking about how they can face some of these challenges while doing more with less—by taking advantage of the geographic distribution of their teams, for example, and making strategic investments in technology.

It may seem counterintuitive to think about making technology investments right now because of the current resource-constrained environment, but such investments may well be the key to long-term viability. Investments now in technology solutions for compliance can pay dividends in the future by helping institutions to overcome process inefficiencies. Such compliance technologies can target critical pain points in the system that are creating resource inefficiencies. 

Examples of this would include technologies to address false-positive alerts in transaction monitoring systems or in sanctions-related screening name matches. Compliance teams can look for ways to employ different types of technology—such as artificial intelligence, or machine learning—to really increase efficiencies within the system. Additionally, as regulators have high expectations around process model validation; deploying new technology solutions can reduce both time and resource intensiveness. 

To listen to our podcast series from the beginning, please click here.