Perspectives

Compliance should be a strategic asset, not simply a “cost”

Compliance is not an end in itself

Compliance may have become something of a “growth industry” in financial services, thanks to the adoption of a wide range of legislative and regulatory imperatives. A series of new federal, state, and even global laws and regulations over the years have helped to encourage insurers and other participants in the financial sector to beef up their compliance departments.

April 26, 2017

A blog post by Andrew N. Mais senior manager, Deloitte Services LP

However, the risk is that compliance becomes an end in itself, rather than a means to an end. Indeed, compliance is often perceived as a burden and cost to the business, so it might be tempting to do just what is required by law rather than to use compliance as a mechanism to strengthen risk management. Compliance in that sense would really be no more than a “spend,” not necessarily adding value to the business, and now—with what many foresee as a lessening of regulatory pressure ahead—to a certain extent perhaps becoming dispensable.

That, I would argue, would be a mistake.

The reputational damage suffered by the financial services industry in the last fiscal downturn serves to remind us of the necessity of compliance as the gatekeeper against improper or unethical behavior. But is there also reason to think of compliance as a positive and not simply a way to avoid the negative? Should funding for compliance be considered an investment, not just a spend, and should the function be recognized not as just as a cost, but as a strategic asset for insurers?

Compliance to power performance

My Deloitte colleagues George Hanley, Nikhil Gokhale, and I recently took a deep dive into compliance at insurance firms to try to answer those questions. What we found is detailed in our Deloitte Center for Financial Services white paper, "Compliance to power performance: 2016 insurance ethics and compliance survey".

We surveyed executives in compliance, risk, and line functions at 15 of the largest US life and property and casualty (P&C) insurers. We then separated the companies surveyed into two compliance maturity categories—higher and lower—based on their own rating of key compliance and spending parameters. While the sample size may be too small to yield strong statistical significance, our analysis may help demonstrate the advantages to the business of putting together a world-class compliance function.

Our research revealed that investment in the compliance function is associated with increased revenue and profit as well as lowered danger of reputational and other risks. Companies with higher maturity compliance functions showed stronger financial or operational performance than did lower-maturity companies.

Over the five years from 2011 to 2015, P&C insurance companies with higher maturity compliance functions showed a growth rate in direct premiums written almost 10 percent greater than that of companies with lower-maturity functions. Higher-maturity life companies had an 8.1 percent average growth rate in total premiums in that period, compared with a 2.5 percent average growth rate for companies with lower-maturity compliance functions. The bottom-line performance was also evidenced in higher-maturity companies. In P&C companies, the return was 240 basis points greater, while in life companies, the improved return was 140 basis points.

Building a world-class compliance and ethics program

What are the indicators of a high maturity compliance function, and how does one get there? As with much else in life, we start at the top.

The first ingredient in a world-class compliance and ethics program is the attitude set by senior management, known as “tone at the top.” At higher-maturity companies, 89 percent of respondents felt that their company’s leadership is very effective in setting such a tone regarding ethical behavior and compliance. Only half of the respondents from lower-maturity companies held that view.

Board involvement is also important. Reporting of compliance issues to a committee of the board of directors at least every six months was found at every company we surveyed. Again, noting the limitations imposed by the sample size, it is interesting that two-thirds of the higher maturity companies reported they updated the full board at least once a year, while only one-third of the lower-maturity companies did so.

This is just the start. A top-notch compliance and ethics program is infused throughout the organization. The goal should be that decisions made at every level have an ethical component. That requires, we found, four main components: training, communication, assessment, and alignment of incentives.

At a minimum, annual training on ethics for all employees helps remind them about the importance of ethics. The communication around the code of conduct should be regular and disseminated throughout the organization. Regular feedback, measurements, and assessments of the effectiveness of the compliance effort are necessary to optimize that effectiveness.

Companies with higher maturity compliance functions also tend to put a greater emphasis on including consideration of ethical behavior in employee evaluation and compensation matters. In our survey, 44 percent of these companies said they did so formally. In additional in-depth interviews we conducted beyond those we surveyed as part of our research, some chief compliance officers noted that while there was no formal evaluation standard, ethical behavior was a basic expectation for all employees, and thus was implicitly incorporated into employee evaluations and compensation decisions.

Finally, it is not enough today for compliance to be focused on cleaning up failures. In our connected society, the result of compliance failure may be too swift and far-reaching to risk. The very best compliance functions of today and tomorrow will be forward-thinking, analytics-based advisers to the business, helping enable risk and profit without risking reputation and ruin.

A top-notch compliance and ethics program is infused throughout the organization. The goal should be that decisions made at every level have an ethical component. That requires, we found, four main components: training, communication, assessment, and alignment of incentives.

– Andrew N. Mais

A top-notch compliance and ethics program is infused throughout the organization. The goal should be that decisions made at every level have an ethical component. That requires, we found, four main components: training, communication, assessment, and alignment of incentives.

QuickLook is a weekly blog from the Deloitte Center for Financial Services about technology, innovation, growth, regulation, and other challenges facing the industry. The opinions expressed in QuickLook are those of the authors and do not necessarily reflect the views of Deloitte.

Site-within-site Navigation. Do not delete! This box/component contains JavaScript that is needed on this page. This message will not be visible when page is activated.

Do not delete! This box/component contains css that is needed on this page. This message will not be visible when page is activated.

Did you find this useful?