The true purpose of Compliance
What is your compliance narrative? Is it about rules, regulations and laws?
A legalistic approach to compliance does not engage your people and projects compliance as a series of task and activities that must be undertaken – hardly inspiring or motivational, with the outcome that compliance is often reactive in nature.
How do you change the compliance narrative so that it is about people and caring, driving a proactive approach to compliance?
The true purpose of compliance is to protect. The question becomes – protect who and from what?
Your firm’s response to this fundamental question is important. People are motivated to act by caring, and its what we care about, that we want to protect.
The protect analogy
Think about driving a car.
You need a drivers licence to drive a motor vehicle on a public road. This licensing process requires you to gain knowledge and skills to operate a motor vehicle in accordance with the road rules.
Why? to protect yourself, people you care about (as your passengers), other road users and the community from the cost of motor vehcile accidents – fatalities, injuries and property damage and consequential social costs.
Similarily, in order to conduct a general insurance business in Australia you need to be authorised by APRA and to provide a financial service (which includes general insurance) you need to be licensed by ASIC, or be a representative of a licensee.
Like a drivers licence, you need to demonstrate to APRA and ASIC the knowledge, skills, and experience in general insurance with the approriate capital requirements and human, financial and IT resources with people who meet standards of honesty, ethics and integrity.
Why, to protect what matters, and who you care about.
Let’s explore this further.
Who does compliance protect?
Compliance, in a general insurance context, protects:
- our customers, clients and consumers from the risk of financial harm and detriment and consequential impacts on their life, business and assets (due to issues such as availability and affordability; partial or total declined claims; underinsurance, claim delays etc);
- our people (this includes staff, external representatives, material service providers and anyone involved in the insurance sales & claims supply chain) from the risk of being banned or disqualified, individual fines & penalties, damage to their reputation and asscoaited mental health issues and impacts to the enjoyment of their life;
- our business – the risk of fines & penalties, loss of licence, enforcement action, lost management time, loss of business, reputational impacts and class actions including shareholder actions for ASX listed entities;
- our business partners such as insurers, MGAs, TPAs, service suppliers, authorised representatives, referrers, distributors, and material service providers from the risk of financial and reputational harm, regulatory enforcement action, loss of business partner and associated loss of business; and
- the community, arising from systemic failures and mistrust in the general insurance industry.
What happens when we care?
Caring motivates people to take action, and to perform tasks that make a positive difference. This includes compliance activities such as identifying and raising incidents and complaints, following a firm’s processes and procedures. reporting breaches and undertaking continuous training.
Caring also fosters a sense of belonging, strengthens relationships, and creates bonds between individuals, leading to more engaged and loyal teams including the extended team such as a network of authorised representatives, service suppliers and buisness partners
Caring also invokes personal values of honesty, ethical behaviour, fairness, responsibility and accountability – all critical compliance values.
We want to protect what we care about.
How to protect what matters?
We’ve identified what matters:
- our customers, clients and consumers;
- our people including our team of external partners;
- our business;
- our business partners; and
- the community
How does compliance protect what matters?
Think of a fort – at the centre of the fort is what we care about, what matters. This is what the fort (compliance) is designed to protect, and it does so through a multi-layered approach.
A strong foundation
Our compliance fort is bulit on a strong foundation of:
- governance and frameworks – driving a systematic approach to risk and compliance underpinned by clear roles, responsibilities, independence and accountability;
- people and culture – driving trained and competent people with a culture of ‘compliance is the way that we do things around here’ or ‘doing the right thing when no-one is watching’;
- procedures and process – driving consistency of approach and compliance; and
- systems and reporting – driving accountability, transparency and continuous improvement.
The fort of compliance is protected by layers:
- the inner wall is the firm’s Compliance arrangements: comprising the firms’ collection of risk and compliance policies, guidelines, processes, procedures, IT systems and people operating to a rhythm with a systematic approach to risk and compliance. A firms’ compliance arrangements provide a safe place to conduct business;
- the next wall of the fort is people, the firm’s ‘early warning system’ – similar to motor vehcile accidents, things can and do go wrong. Whether there is a failure in key controls for people, process or IT systems, all of the firms people (including authorised representatives & service suppliers) must be constantly viligilant in scanning the environment for incidents and complaints or things ‘going wrong’. Identifying and raising incidents and complaints in a timely manner means that potential harm & detriment can be minimised and gaps in controls are quickly remediated leading to a culture of continuous compliance improvement and better business and customer outcomes;
- the penultimate wall of the compliance fort is the firms Monitoring Program: independently providing monitoring, supervision and assurance on the effectiveness of the firm’s compliance arrangements and key controls; and
- the final wall, and arguably the most important is Culture, a desire by everyone to do the right thing.
General Insurance Sydney Compliance workshop
I will be exploring:
- the purpose of compliance is to protect;
- and designing an effective compliance and monitoring framework that protects what matters
at my 3rd annual General Insurance Compliance workshop in Sydney on Thurssday 23rd October.
Some tickets are still remaining and my be purchased here.
Disclaimer: Reproduction of statements made in this article by media outlets, whether in full or in part, is strictly prohibited without the written express consent of the author. The views, opinions, and positions expressed within this article are those solely of the author and Compliance Advocacy Solutions Pty Ltd and not the views of other individuals, companies or organisations they may be affiliated with. The author and Compliance Advocacy Solutions Pty Ltd make no representations as to accuracy, completeness, currency, suitability, or validity of any information in this article and will not be liable for any errors or omissions or any loss or damage arising from its use or reliance. This article is intended for educational and informational purposes only and should not be relied upon as professional legal advice.