The importance of company culture

The importance of company culture

By Clayton Carrick-Leslie , Senior Manager, Compliance Risk , Australia Region, IAG
When you ask most people about what it means to be compliant with regulation, they usually think in terms of black and white. Either you comply with the law or you’re in breach. Either you’re right or you’re wrong. But unlike laws of mathematics or physics, laws of parliament are made of words. And words, unlike numerals, are imprecise and subject to multitudes of nuance and interpretation. Lawyers know this and love it – it gives them great amounts of work. The more ambiguous the statutory provision is, the higher the billable hours.

Here’s the growing problem though. Interpretation of written legal obligations has always been arguable at the best of times – but now, in this rapidly changing digitised world - corporate conduct regulation is actually starting to struggle to keep up. New and unforseen activities and products are being offered by corporations globally, that legislators have not had the ability to forsee, or the time to respond to.

A good quick example is privacy. Privacy regimes are relatively simple and similar across the world. You must keep the personal information of customers safe, only use it for purposes for which it was collected, and be ready to destroy it or pass it back if requested. But as major service providers turn to cloud storage, outsourcing, social media, and partner with others to pool data for joint offerings, how do those broadly-worded rules apply? They weren’t drafted with these activities in mind. More than ever, companies may well be safely within parameters of the written law, but be in clear offence to its spirit.

Regulators across the globe are cottoning on to this, and realising that their “teeth” (fining, sanction etc) are growingly inapplicable. To combat this gap, they are calling on corporations to use their own moral codes, to supplement legal ones. Put another way, companies are being called on to develop strong and ethical cultures on the basis that a malignant culture can lead to detrimental conduct impacting consumers, even if there is no real underlying compliance breach. Former director of supervision at the UK’s Financial Conduct Authority has stated:

“It is certainly my view that having the right culture is essential for achieving good conduct performance. This is not, though, a fluffy view of vague corporate aspirations or value statements, but a need for a more hard-edged embedding of business practices that define how decisions will be made through the firm at critical points of engagement with customers or dealing in markets . . . there are key drivers that set and re-enforce the right conduct-focused culture with the most important being clear and ongoing leadership from the top of the organization, constant re-enforcement, incentive structures, effective performance management penalties for not doing the right thing.”

In Australia, ASIC and APRA have warned the financial services industry in kind. The Sydney Morning Herald recently interviewed APRA Chairman Wayne Byrnes who has called on bank chiefs to improve their corporate culture after a series of banking sector scandals. He stated, “as much as we can push and prod and encourage appropriate culture you can't just regulate it into existence." He went on to describe a current ASIC / APRA joint initiative to monitor and uplift corporate culture. Indeed, a regulators’ damning press release on the culture and conduct of an organisation is becoming as powerful a sword to wield as a fine or court action.

What does this mean for insurers and brokers? In short, legal and compliance advice is not enough in determining how to handle conduct and consumer detriment issues. We are going to have to make sure that we use our own moral compasses as an overlay. If we don’t, we may avoid legal liability, but the court of public opinion might level us.

About the Author

Clayton Carrick-Leslie is IAG’s Senior Manager, Compliance Risk for the Australian region. Clayton’s team is responsible for compliance oversight and advice for IAG’s core trading brands including CGU.

Clayton is also a professional comedian and MC, specialising in corporate events and conferences.