Beyond Regulatory Compliance: The Business Case


The global financial landscape has witnessed increased regulations and legislations following the 2008 financial crisis. Regulatory compliance in the financial sector implies strict adherence to policies and regulations surrounding the regulatory and supervisory environment of financial institutions.

This includes, but not limited to compliance with Anti-Money Laundering (AML), Anti-Terrorist Financing (ATF), Corruption policies, among others. It also encompasses adherence to rules and regulations implemented by the supervisory authorities. The issue of enhanced AML and ATF policies being implemented in various financial institutions, especially in the banking sector has become the order of the day following the surge in technology and sophisticated financial products.

These enhanced policies imply that potential and existing clients should brace themselves up for all forms of procedures in order to open an account, run an existing account or subscribe to a new product. Some clients complain that these policies have rendered the opening of new accounts and dealings with financial institutions more stressful and burdensome. Succinctly put, they do not understand why they should be subjected to such rigorous processes. However, being aware of the non-compliance implications, most institutions endeavor to involve their potential and existing clients in the whole process. This provides an avenue for all client complaints to be addressed.

Why the increase in compliance legislation in the financial sector?

Compliance practices have gained global prominence over the years due to the rise in Money Laundering (ML), Terrorist Financing (TF) and Corruption. Surprisingly, the top financial institutions considered as being of global systemic importance and having the most impeccable reputations have been sanctioned. In January 2016 Goldman Sachs agreed to pay $5.06 billion to settle claims that it misled investors during the financial crisis.


Fast-forward to this, Reuters reported in September 2017 that regulators in the United States and Europe have imposed $342 billion of fines on banks for misconduct since 2009, including violation of anti-money laundering rules, and that is likely to reach $400 billion by 2020. According to Forbes, in April 2019, the British bank Standard Chartered was hit with whooping fines of $1.1 billion for violating sanctions and being used as a conduit for money laundering.


These fines were jointly imposed by U.S. and U.K. regulators.

In a related development, Bloomberg reported in February 2019 that UBS Group-AG was handed a fine and damage of 4.5 billion euros, Dollar equivalent of 5.1 billion by a French judge after being found guilty of aiding in concealing its French clients’ asset.


From the above, it is evident that non-compliance has far-reaching consequences, thus, financial institutions have tightened their compliance policies and procedures over the years to forestall the implications of these breaches. One notable compliance policy designed and implemented by most financial institutions is “Know Your Customer” (KYC). KYC is done on all potential and existing clients of financial institutions, especially banks. KYC procedures are used to identify and verify the identity for onboarding new clients. It is also useful for all existing client engagements.

The KYC process involves the collection, analysis, and storage of information about clients. The information collected enables financial institutions to assign risk profiles to individual clients. In doing this, financial institutions look out for the existence of Politically Exposed Persons (PEPs), high-risk countries and high-risk industries. These risk profiles become the basis for establishing a new business relationship or continuing with an existing business relationship.

During the KYC process, Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD) are carried out depending on the risk profile of the client. CDD is conducted for low and medium risk clients, while EDD is for high risk clients. After business relationship has been established, Regular Review (RR) and Event Driven Review (EDR) also take place. RR is a continuous process to ascertain any change in a client’s initial status, while EDR is done only when a circumstance arises which triggers the need to review a client’s profile. The adequacy and quality of documentation is very key in the KYC process as they have Quality Control (QC) implications. The KYC process only ends when a client is off-boarded.


Why go beyond Regulatory Compliance?


Given the ever-evolving regulatory landscape due to the increase in compliance risk, it is high time financial institutions moved beyond regulatory compliance to embrace a wider view of compliance policies, as part of their overall strategic objectives. The price for non-compliance with Money Laundering, Terrorism Financing and Corruption regulations can be extremely high as indicated earlier. For financial institutions that view compliance policies as regulatory compulsion, the main cost to them is the hefty fines and fees imposed for non-compliance and probably reputational damage. On the contrary, a strategic business case for compliance policies is when firms view these policies as central to their bottom line (profit).


First and foremost, viewing compliance policies through a strategic business lens enables firms to integrate these policies into their long-term growth and survival objectives. They are motivated to execute compliance policies diligently. This enables firms to build and gain competitive advantage.


The Global Reporting Initiative (GRI) established in 1997 requires firms to include in their annual report, the economic, environmental, and social impact of their operations. Globally, as customers become more informed and sophisticated, they are more inclined to ethical and sustainable firms. Most investors are not only concerned about their current gains but rather, future growth prospects. They are therefore interested in businesses, which comply with policies not because they are required by law, but ethically upright. The implication is that in the not too distant future, firms that do not go beyond regulatory requirement to behave more ethically and sustainably will gradually phase out of business.


In the words of Warren Buffet, a renowned investor, “It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you’ll do things differently.” It presupposes that, a reputation once destroyed is difficult to rebuild. In addition, reputational risks associated with non-compliance can be very severe. Firms must be meticulous in their daily transactions because reputational risks can surface out of the blue and without any prior caution.


The highest consequence of reputational risk is that some institutions run into bankruptcy and ultimately become defunct. A classic case is the Enron scandal in the year 2001 which led to the collapse of big US firms such as Enron Corporation and Arthur Andersen.

Financial institutions that remain in business following a reputational damage may experience declining profit mainly due to a reduction in their customer base and erosion of investor confidence.



In summary, financial institutions are profit making entities who are into business to deliver superior customer needs for returns. This calls for a better understanding of customer needs not only on grounds of regulatory obligation, but also as strategic business goals. Thus, financial institutions that do not view compliance policies as just a matter of regulatory compulsion stand to gain a lot from a business perspective. Not only does it serve as a key differentiator for competitive advantage, but also guarantees business survival.


About the Authors:

Eunice Yaa Cudjoe is an Associate Member of the Institute of Chartered Accountants Ghana (ICAG) with years of experience in audit. She is a Bachelor of Commerce Degree holder form the University of Cape Coast and currently a final year Master student in International Audit, Economics and Finance at UCA in France. She is also a Client Lifecycle Management (CLM) intern at Deutsche Bank Luxembourg.

Email: [email protected]



Daniel Taylor is a Chartered Accountant with years of treasury experience in the banking sector. He holds certification from The Financial Markets Association (ACI) and Bachelor of Commerce Degree from University of Cape Coast. He is currently a final year Master student in International Audit, Economics and Finance at UCA in France.

Email: [email protected]


Leave a Reply