Recently, two different industry cognoscenti recommended a speech entitled, “Good Compliance, Not Mere Compliance” delivered by Daniel K. Tarullo, a member of the Board of Governors of the Federal Reserve System. Since these were comments made just a few weeks ago at a workshop entitled “Reforming Culture and Behavior in the Financial Services Industry,” I thought it was worth sharing the highlights of those remarks. In a nutshell, Tarullo’s document is a “shot-across-the-bow” for the US financial services industry, with Tarullo concluding, “My expectation is that if banks do not take more effective steps to control the behavior of those who work for them, there will be both increased pressure and propensity on the part of regulators and law enforcers to impose more requirements, constraints, and punishments.”
Now that I’ve given away the punchline, let me break down the main points I think financial institutions should take from his observations – summarized across culture, senior management, counterparties vs. customers, and an intriguing category identified as “feedback loop.”
Let’s talk about the “culture” content first. Culture is the basic premise of both this set of remarks and the conference at which this talk was presented. Tarullo specifies that “I am going to focus mostly on the behavior that regulators and the public can observe [...]. It is the behavior of the employees of banking organizations with which we, as regulators, are ultimately concerned, since it is only through its employees that a firm can act.” This notion of behavior and culture is one he keeps coming back to and which ties in strongly with his focus on senior management.
Throughout the speech, senior management is highlighted nearly a dozen times as a key area of regulatory focus, indicating that senior management’s attitudes, behaviors, and cultural norms are the ones that ultimately drive how the bulk of employees will behave. While this is not such a surprising observation when it comes to risk management, cybersecurity, and other such topics, it is now almost as if Tarullo is suggesting that these behaviors will become a focus area in which regulators will (or should) pay attention. Only time will tell how this plays out, of course.
Another area that Tarullo focuses on is “Counterparties vs. Customers” which also aligns to his senior management focus. He discusses how firms perceive those with which they do business, indicating that senior management’s attitudes are the ones that inevitably propagate throughout a firm. He also points out the fact that thinking of everyone as a counterparty “hardly seems designed to engender trust on the part of those who have ongoing relationships with the firm” and goes on to specify that firms are expected to take “tangible steps” that clearly articulate the expectations of their leadership.
Perhaps his strongest message is in his “Feedback Loop” remarks. “Feedback Loop” is all about communications between the regulators and financial services firms – something you don’t see addressed all that often. In one small sentence that might be easily missed by someone skimming the document, Tarullo points out that regulators should accept feedback from financial services firms. He explains that there are situations in which regulatory requirements sometimes are “badly conceived or implemented.” In such situations, he comments that “the regulated firms themselves can assist by pointing out what they would regard as more sensible methods for achieving stated regulatory purposes.” I know from my own experiences working with clients that this sort of flexibility and willingness to listen to regulated entities is quite uncommon and rarely – if ever – expected.
There’s no way to tell right now whether Tarullo’s document becomes a new step forward in the financial services industry or instead gets ignored altogether. I suspect it will be read closely and that industry prognosticators will watch the Fed’s exams in the coming 12-18 months to decipher just how much of this is being applied. Tarullo’s basic premise is that organizational behavior and culture – when coupled with strong ethical leadership – reflect and play into successful regulatory compliance. And his concept that enhanced two-way communications produces a more effective regulatory climate is a message that shouldn’t be dismissed.