Two recent news stories caught my eye – both about banking and, in different ways, about compliance.
First was the hacking of Associated Press’s Twitter account and the resulting tweet about an attack on the White House which injured Barack Obama. The story was quickly proven to be a fake, but not before a 143 point fall in the Dow Jones – a “flash crash”.
Second was news from the banking commission set up in the UK by the Chancellor of the Exchequer in the wake of the Libor fixing scandal. The commission is due to report in May, but reports in the Financial Times on Friday suggest that prominent members of the commission are in favour of a law that would hold bankers personally accountable to large scale losses.
An interim report from the commission says that “Those responsible for bank failures should be held more directly accountable for their actions and face sanctions accordingly.”
Twitter is blocked at many US financial firms, not simply because it is a distraction for employees, but also because of concerns that it poses a risk of non-compliance with regulations on communications.
However, Twitter is finding its way in regardless, as Bloomberg announced at the beginning of April that it will be including Twitter feeds on its data terminals, so traders will be able to follow breaking news on companies they are tracking. I’m sure many on Wall Street and in the City use Twitter on personal mobile phones in any case.
As a block on Twitter is looking less and less effective, financial institutions need to consider other policies and procedures to comply with legislation.
The Securities and Exchange Commission is trying to provide guidance on how companies and CEOs can use of social media to share information, but they are playing catch up still.
Health and safety legislation has long had “teeth”, across a broad gamut of areas, such as fire safety, construction and design management regulations, stress management, risk assessments etc.
And those teeth are getting sharper as new legislation is introduced, either increasing or amending compliance requirements, be it in the field of equalities, environment or last year’s bribery act.
In the UK, the Corporate Manslaughter and Corporate Homicide Act of 2007 meant that companies and organisations can be found guilty of corporate manslaughter as a result of serious management failures resulting in a gross breach of a duty of care. And whilst the number of prosecutions is small, it is rising. According to law firm Pinsent Masons, there were 63 new corporate manslaughter cases opened in 2012, up from 45 in 2011.
Making individual bankers responsible for gross losses will surely put the focus squarely on compliance and governance. If houses are not fully in order, they sure will be if this legislation goes through!
While quite different, for me both these stories illustrate how the management of compliance is more than a set of rules. It is never static, evolving as the world changes around it, part of the fabric of the business.