Bank Compliance: The Case for Automation

The size and purpose of government – and regulation – has been debated since centuries. On the one hand, we want markets, firms and individuals in these markets to act and move freely. On the other, we see that if we do not regulate behavior, people make decisions that might have detrimental effects on others, on firms and even markets.

Most agree that some regulation of banks is necessary. The challenge for banks is how to balance the seemingly ever-increasing number of compliance issues with the running of the bank. The costs are horrendously enormous, but the costs of not complying – as we witness through fine after fine on the big banks, are even greater (e.g., J.P Morgan’s $13 billion fine from last week) – not to mention reputation lost.

Number of Compliance Incidents to Level of Regulation









If we look to experiences in other industries such as health care, where compliance to safety rules can literally mean life or death, we learn that the number of incidents is a curvilinear function of the level of compliance required plus the importance placed by management on compliance issues. In firms where management places a high priority on compliance (the solid line), there are fewer compliance incidents than in firms where management has placed a lower priority (dotted line) on compliance and regulatory issues. Note that this holds true in the case of low or high degree of regulation and in fact, holds more true when there is a high degree of regulation as today.[1]

As the level of regulation has reached the far right of the graph, and will continue to do so over the next years, what can banks do in order to slow down the increase in compliance incidents? A) insure that management is a role model with regard to compliance; and B) automate compliance as much as possible.

Despite rumors to the contrary, client advisors will take on the responsibility for adhering to compliance issues when asked to do so by a legitimate authority.[2] Most bankers follow the rules, but controls are often lacking or inadequate. And unfortunately it only takes one «rogue trader» or incident to damage the reputation of the entire firm. Yet if management is not legitimate, nor compelled to follow regulation or compliance rules themselves, we need a back up solution that protects everyone: automation.

On the one hand, if automation of compliance undermines the fronts’ commitment and fosters dissatisfaction, it follows that it also limits innovation, since employees in formalized settings such as banks have little motivation to contribute to the complex non-routine tasks that constitute innovation. On the other hand, if we assume that work can be fulfilling, rather than a disutility, the increase in compliance can be experienced as a cooperative endeavor rather than an abrogation of individual autonomy – especially between client advisor and the client. If client advisors see at least some overlap between their personal goals and that of the firm as a whole, they might also welcome the potential contribution of a more automated compliance culture because it helps them be more efficient (e.g., letting client advisors only see the permissibly sellable products a “product rule engine“ set within the core banking system).[3]

By automating as many compliance functions as possible, banks can in effect totally avoid the whole discussion of whether their organizations are „enabling“ or „coercive“ with regard to compliance issues. By logical deduction, if compliance is fully automated, that enables client advisors to focus more time and thought into delivering on their clients needs and preferences rather than the growing administrative burden compliance places on them. And there are, again, the huge cost issues which are mitigated by automation.

From many other knowledge-intensive, innovative industries that are also under competitive pressure to improve sales, reduce costs, increase timeliness, improve quality (i.e., in banks equivalent to complying to regulation) and still delight clients, we learn that to create a compliance culture, first we need to change what people do, not how they think. Culture changes as a result. The old method of trying to get everyone on board and then act accordingly does not work – especially in a world where compliance issues grow according to Moore’s law – and most employees cannot fathom their reasoning. It is easier to get client advisors to act their way to a new way of thinking than for them to think their way to a new way of acting. And, again, their job as advisors and salespeople is made considerably easier by automating the vast majority of compliance.

Automation of compliance for the front has the following advantages for client advisors, team heads, and ultimately clients:

  • It makes it difficult to make mistakes, e.g., selling a product that is not authorized for a certain domicile or risk-profile, or not according to the asset allocation plans of the client;
  • It makes it simple to identify problems when they arise and when a mistake has occurred;
  • It makes it easy to report to auditors and regulatory authorities;
  • It makes it easy in the regular course of work to notify a manager or compliance officer about a mistake so everyone together can quickly decide how to handle it.

Clearly, banks must properly communicate what employees need to do and not do. Banks must enable their employees to perform successfully, building the carrot (automation + remuneration) and the stick (threat of penalties {remuneration} if they intentionally or repeatedly misbehave) into its processes. Automating compliance makes it simpler for them to perform, simpler to see mistakes, simple to resolve problems and simple to learn from it all. Everyone benefits: the bank, its employees, and mainly, clients.


[1] Cf. Katz-Navon, Tal, Naveh, E. + Stern, Z., 2005. Safety Climate inHealth Care Organizations: A Multidimensional Approach.. Academy of Management Journal,  Vol. 48, No. 6, pp. 1075-1089.

[2] CF. Tyler, T. 2011. Why People Cooperate: The Role of Social Motivations. Oxford: Princton University Press. ISBN: 978-0-691-14690-4.

[3] Cf. Adler, P. + Borys, S. 1996. Two Types of Bureaucracy: Enabling and Coercive. Administrative Sciences Quarterly, 41: 61-69.