Summary: Leaders in Finance Compliance Event 2024 

On the 19^th of September 2024, the Leaders in Finance Compliance Event took place at the Kontakt der Kontinenten in Soesterberg. During this event, a unique selection of industry leaders, including CCOs, regulators, and highly experienced compliance managers gathered to share their experiences, views and opinions on several compliance-related topics and developments, under the guidance of moderator Michelle Fisser (Chairwomen, Association of Compliance Officers). 

A diverse group of participants representing more than 50 public and private organizations attended the event, which made for a great opportunity to gain new insights, connect and engage in discussions with peers from different areas within the compliance domain.  

Written by: Bronwen Riezebos (Consultant Regulatory Advisory and Reporting, Deloitte).  
Reviewed by: Christiaan Visser (Partner Financial Services, Deloitte), Floris de Leeuw (Senior Consultant Regulatory Risk, Deloitte), and Maarten Bolk (COO, Leaders in Finance Events).

Keynote: The importance of compliance 
Speaker: Rein Graat (Chief Compliance Officer, ING Group) 

The speech opened with an anecdote about Bill Shankly’s claim that football is more important than life or death, leading into the real-life issue of ING closing the bank accounts of their client Vitesse. This decision was detrimental to the club’s supporters and posed a significant reputational risk for ING. To address this issue, ING went to court and the judge ordered for the accounts to remain open. The decision of going to court may have been a difficult one to make, but for ING it was the only way to ensure that what they ultimately do is also the right and lawful thing to do. The law had to determine which steps ING had to take.  

Key learnings from this case emphasize that compliance risk management is about more than just following rules; it’s about building trust beyond the balance sheet. ING had to adapt and harmonize, implementing a unified voice across the organization. Effective communication and a burning ambition can transform the compliance function on both individual and collective levels. 

AI is highlighted by Rein as an opportunity that requires a new way of thinking, not just in processes but in mindset. Anticipating various scenarios, including political questions, underscores that compliance is dynamic and evolving. 

Rein concludes the speech by mentioning the three traits that make a successful compliance officer. They need courage to voice unpopular opinions, an agile mindset to think outside the box, and strong communication skills to engage and unify the organization. 

Panel: Chief Compliance Officers 

• Angelique Keijsers (Chief Compliance Officer, Unicredit) 
• Angelique Meddeler (Chief Compliance Officer, Rabobank)
• Ruth Post (Head of Compliance, InsingerGilissen)  
• Rein Graat (Chief Compliance Officer, ING)
• Christiaan Visser (Partner at Deloitte, moderator)

During this panel, Christiaan wanted to zoom into some key trends and developments that are taking place within the financial services industry. Several questions were prepared regarding rule complexity, data, technology and the future of the compliance officer, to which the participants could voice their opinions and insights. Key takeaways of this panel were as follows: 

• The growing complexity of rules and regulations: This presents significant challenges, highlighting the critical need for harmonization and standardization in managing compliance across diverse, fragmented jurisdictions. A standardized approach, such as those seen in successful programs, facilitates better management and effective use of AI. However, strategies may differ based on an organization’s stability or whether it is under remediation. The challenge is further amplified when navigating a larger international regulatory framework, underscoring the necessity for a consistent method. Achieving long-term goals requires a cultural shift and the right mindset, emphasizing the importance of team players. Recognizing efforts in both resolving and preventing issues reinforces the need for a proactive approach to compliance. 

• Importance of data: The panel discussion underscored the importance of data management. By emphasizing the need for clarity in data requirements, the necessity of new technologies such as AI, and the skills to manage them effectively, it was acknowledged that a significant learning curve will arise. The motto “never waste a good crisis” was highlighted, suggesting that crises should be leveraged for long-term improvement. While it’s unfortunate that advancements often require a crisis, it is essential to proactively address data issues. The use of forward-looking scans to anticipate and adapt to societal and political changes demonstrates the importance of data quality and proactive data management. 

• Technology and AI: This discussion about data management ties into the theme of technology and AI, particularly questioning why the adoption of RegTech remains basic. Effective technology use, such as Generative AI, is possible only with high-quality data, highlighting the necessity of robust data management. An example was shared of attempting to use technology to prevent mistakes but facing significant challenges in convincing regulators that the goal was to enhance data quality rather than reduce costs, illustrating the hurdles in acceptance. While AI is widely used, there remains a gap in integrating this development into broader compliance thinking, underscoring the need to bridge this gap to fully leverage AI’s potential. 

• The future of the compliance officer: Over the past five years, there has been a significant shift from compliance being a general specialization to encompassing multiple specialisms. The participants predict that future compliance officers will be heavily supported by data and data specialists, embodying a model of “compliance by design and desire.” The need for balance and effective talent management within the compliance function was emphasized. Additionally, expertise is not limited to the first line; it can also be developed through passion and courage in the second line. 

Panel: Fintech 

• Emanuel van Praag (Professor of Financial Technology & Law, Erasmus University and Counsel, Kennedy van der Laan) 
• Olga Elsenga (Head of Legal, ClearBank Europe) 
• Tom Arends (Founder & CEO, Peaks) 
• Josy Soussan (European Policy & Government Relations Lead, Klarna). 

During the fintech panel, experiences within the domain of fintech were exchanged. The themes that were touched upon through questioning where licensing, regulations, supervision and lobbying. Key takeaways of this panel were as follows:  

• Licensing: Obtaining and expanding a license as a fintech was described as being a complex and time-consuming process. What may initially seem like a straightforward task quickly becomes quite effortful, involving extensive documentation requirements. The recent experiences shared indicate that applications can take many months and require broad organizational involvement and require careful navigation and planning. Building systems that are not yet in place adds another layer of difficulty, as companies must describe certain parts of the business and its operations that don’t yet exist. 

• Regulations and supervision: The discussion highlighted significant challenges and opportunities regarding regulations and supervision in the fintech industry. Compliance in fintech varies greatly depending on the company’s phase and capital availability. The regulatory framework should focus on harmonization to overcome fragmented rules that hinder innovation and growth. Removing prescriptive, check-box regulations in favour of goal-oriented policies that allow companies to innovate is essential. A debate arose about the extent of regulatory differences between jurisdictions, with some arguing that these significant differences lead to regulatory arbitrage, where companies relocate based on more favourable regulations of other member states. The complexity of passporting, or entering new markets, further complicates compliance, making it crucial to understand local regulations thoroughly. To address these issues, a unified supervisory body is suggested by Tom Arends (CEO of Peaks). This institution would then be able to promote more harmonized and efficient regulations across Europe, fostering a more supportive environment for fintech innovation and development. 

• Lobbying: the discussion concluded by highlighting the potential of lobbying to address the fragmented regulation and compliance requirements that hinder innovation in the fintech industry. The consensus was that active participation in discussions and lobbying efforts is beneficial, and fintechs must be part of these conversations.  

Dual interview: The outside in perspective  

• Susan du Becker (Director Risk & Compliance, Microsoft) 
• André Hermsen (Chief Compliance Officer, ASML) 

This conversation was centred around perspectives on compliance from outside of the financial services domain, namely from within the corporate domain. Two compliance professionals from Microsoft and ASML engaged in an interesting conversation during which they voiced their opinions and shared experiences and anecdotes.  

Firstly, whistleblowing was discussed. During this discussion the important was highlighted of fostering a culture where employees feel safe and encouraged to speak up without fear of retaliation. The necessity of making employees aware of where they can report concerns is underscored. Despite varying regulatory environments, both participants agree that trust in the system is paramount and must be deeply embedded within the company’s culture. The ability to challenge issues respectfully is crucial and this ability must be strictly safeguarded.  

The second theme is about handling conflicting (regulatory) requirements.  The participants indicate that in order to handle conflicting requirements on a global scale, the approach involves setting clear objectives and identifying necessary actions to resolve issues. The process includes seeking help when needed and driving solutions through the people managing the business. Legal navigation and protective policies are also essential components of this strategy. Consulting regulators to assist in resolving conflicts can be beneficial, as Susan illustrates how, when in doubt, she has picked up the phone to give the regulatory a call and ask them for help, in order to get some clarification on how to execute certain regulations.  

The participants are then asked about their experiences with sanctions and geopolitical issues. To handle sanctions and banking blockers, clear processes and advanced technology are essential, enabling proactive regulatory compliance and support for the financial services industry. Effective management requires joint responsibility and sharing information, exemplified by a case where an employee’s salary was delayed due a misunderstanding and lack of communication between the bank and the corporate. Learning from geopolitical challenges and exchanging information, the importance of a robust government affairs team becomes evident. Engaging with the government can help influence decisions and mitigate unintended consequences, while active lobbying ensures political involvement in addressing industry-specific concerns. 

Finally, the participants discuss the risks of AI in compliance and express how using AI must include the necessity for trust and understanding. It’s crucial to educate employees about AI’s potential dangers and ensure robust monitoring and controls. Emphasizing validation and changing mindsets are key to effectively integrating AI into compliance practices. 

Roundtables 

Following the interviews and panels, the roundtables were held. Attendees were divided into groups that were accompanied by hosts to lead the discussions. Each group focused on the various themes discussed throughout the day, relating them to their own organizations and enabling them to engage in discussions and exchange experiences.  

Speech and Q&A: 5 insights seen from the supervisor to improve the compliance function 

Speaker: Hanzo van Beusekom (Member of the Executive Board, AFM) 

Hanzo concluded the day by giving a speech that elaborated on five insights from the supervisor to improve the compliance function.  

1. Compliance professionals and the regulators share the same profession: Compliance professionals are constantly juggling numerous regulations and pressures from various stakeholders, including NGOs and different regulators. The overwhelming nature of the job requires a focus on identifying and assessing the most critical risks. This is similar to the challenges faced by regulators who also seek to protect societal interests. The key is to make smart choices to manage these pressures effectively. 

2. Technology can help (a bit): Technology can significantly ease compliance tasks by automating risk identification and signal filtering. However, technology’s effectiveness hinges on the quality of underlying data. Historical and analytical thinking is essential to understand hidden risks, like cycling doping or exam fraud in audits. Compliance officers should amplify weak signals, analyse risks from various sectors, and consider international perspectives to detect emerging risks. 

3. Watch out for icebergs: Compliance officers must avoid the fallacy of believing they are aware of all risks. Continuous vigilance and an open mind are crucial for effective risk management.  

4. Focus also on harmful behaviour: Compliance should not only focus on legality but also on the potential harm of certain behaviours. Examples like the “woekerpolis” scandal highlight the need for a moral judgment beyond legal interpretations. Compliance officers should ask if actions are morally right, even if they are legally permissible. 

5. Reach out to your regulator; they (usually) don’t bite: Engaging with regulators proactively is beneficial and often necessary. Such interactions can be seen as a preventive measure, similar to installing a sprinkler system. While the roles of compliance officers and regulators are challenging, collaboration within the parameters of responsibilities can lead to better outcomes for all parties involved. 

For information on the next edition, see here.