Cost of Compliance 2022: Competing priorities

By Susannah Hammond & Mike Cowan
–  Senior Regulatory Intelligence Experts

Introduction

Thomson Reuters® Regulatory Intelligence has carried out its 13th annual survey on the cost of compliance, focusing on the challenges expected to be faced by risk and compliance functions at financial services firms in 2022. The survey generated responses from almost 500 practitioners worldwide, representing global systemically important banks (G-SIBs), banks, insurers, asset and wealth managers, regulators, brokerdealers and payment services providers.

The survey questions remained largely the same as the previous year, and the survey closed before the Russian invasion of Ukraine and the consequent widespread sanctions. The shifting priorities highlighted in the survey results will only have been exacerbated by the myriad sanctions imposed on Russia.

The COVID 19 pandemic remains problematic for many financial services firms with lockdowns and other restrictions still in place in some parts of the world. As an uneven recovery continues, the adoption of technology, digital transformation and hybrid working appear to be permanent changes that are leading firms to reassess their approach to compliance.

Main Findings

Last year the cultural and operational indicators pointed to a need for compliance officers to focus on planning for the future and developing a vision to manage their firms’ evolving compliance and regulatory risks.

This year’s survey shows the difficulties compliance officers are experiencing as they try to plan for the future. Competing priorities are compounded by tightening budgets and potential shortages of skilled professionals. Compliance functionality is a fundamental part of the in-house core competency required to secure the long-term future of financial services firms but many are struggling to meet their commitments while maintaining an appropriate risk and compliance culture.

The demand for compliance skills has increased substantially in the last few years. The regulatory environment has diversified, with developments in crypto-assets, fintech, artificial intelligence, third-party management, operational resilience and cyber security. The range of regulatory topics for which compliance is now expected to provide senior managers with assurance has increased and the demand for skilled compliance professionals continues to grow. There is also emerging evidence that the compliance function is having to work hard to continue to be heard at the highest level of the firm.

This year’s survey shows a frustration among respondents that, despite compliance’s widening remit, staff numbers are unlikely to grow, with staff costs increasing and budgets remaining tight. Added to this, increases in personal liability for compliance officers may deter capable individuals from joining the profession and spur experienced personnel to leave.

Outsourcing, technology and regulatory technology may step in to plug some of the gaps but will need to become more sophisticated to make the type of changes required by compliance functions.

The 2022 report briefly explores some of the main regulatory developments, and other drivers for the heightened demand for skilled compliance officers. It also reports on the challenges compliance officers are facing

Regulatory Intelligence thanks all respondents, with a continued assurance that responses will remain confidential unless permission to include an anonymized quote has been received. The findings are intended to help firms with planning and resourcing while allowing them to benchmark their own approaches with those of the wider industry. The experiences of the G-SIBs are analysed where these can provide a sense of the stance taken by the world’s largest financial services firms.

For several years now, chief compliance officers (CCOs) in the financial sector have voiced a sustained tide of concern […] from increased enforcement actions holding CCOs personally liable […] for actions that do not result from fraud or obstruction on their part. These career-ending enforcement actions discourage individuals from becoming or remaining compliance officers and performing vital functions that regulators stretched too thin would otherwise be unable to perform, particularly when other options […] involve less personal risk.

Part 1 - Greater need for compliance


2021 saw the financial services industry diversify. New opportunities have increased firms’ risk exposure, and the regulatory response to these risks has adapted accordingly. From the continuing fallout of the pandemic to geopolitical disruptions to the development of new product areas and to the continued popularity of fintech and technological solutions, firms have had to revise their business strategies to manoeuvre around pitfalls but take opportunities as they become available. Compliance functions have had to respond to such diversification.

The greatest compliance challenges I expect to face in 2022 is/are...

New regulatory developments that call for the strategic review of existing compliance programs in place.

The greatest compliance challenges I expect to face in 2022 is/are...

The top five challenges compliance practitioners expect to face in 2022 are the volume and implementation of regulatory change, a lack of budget and resources, the availability of skilled resources, the need for effective compliance monitoring and cyber resilience. This has changed only slightly from 2021 when the top challenges were keeping up with regulatory change, greater regulatory demands and expectations, and a lack of skilled resources.

These findings were supported by a separate “pulse” survey, carried out in Asia in April 2022. The “pulse” survey was taken during a webinar hosted by Regulatory Intelligence discussing the outlook for the year ahead. It found that a lack of skilled resources and regulatory overload were the largest issues with which compliance professionals must deal.


Over the next 12 months, I expect the amount of regulatory information published by regulators and exchanges to be...

During 2021, Regulatory Intelligence saw an average of 246 regulatory alerts daily across 190 countries. This equated to 64,152 alerts annually, the second-highest annual amount since 2008. Annex 1 summarises the developments that have defined recent regulatory change, with a focus on ESG, crypto-assets, operational resilience, sanctions and digital transformation. The range of problems demonstrates the varied workload which compliance officers have to manage. Fluctuations in financial stability, vulnerable customers and the need to deal with the aftermath of the pandemic have all attracted further regulatory activity.

This is reflected in the survey results for 2022, where 74% of respondents expect an increase in regulatory activity (50% slightly more, 24% significantly more), compared to 78% in the prior year (48% slightly more, 30% significantly more). A similar trend can be seen among G-SIBs (57% slightly more, 14% significantly more).


What is the single greatest challenge for compliance officers in the Asia-pacific region in 2022?


You should consider your ability, and that of your third-party providers, to withstand a cyber attack. You should take all appropriate steps to shore up your controls, including raising staff awareness: that may, for example, include re-running staff ethical phishing campaigns. Consider if your staffing levels are appropriate to deal with an elevated cyber risk.

As the financial services sector has developed, so have the risks compliance functions have to monitor on a daily basis. This year’s survey found that assessing cyber resilience remains a concern among compliance practitioners. In 2022, more than half (55%) expect more compliance involvement in assessing cyber resilience (62% in 2021, 56% in 2020). Practitioners also expect more compliance involvement in data analytics, communications, social media and public exposure, participation with industry groups, designing products and processes, tax, third-party risk management, and delegation. 


Firms are well aware of the risks; to prepare for same, effective cybersecurity and IT governance and risk management is essential. Boards of firms should have an excellent picture of the risks their organisations are facing and how they are actively working to mitigate them.

Over the next 12 months I expect more compliance involvement in

The Asia “pulse” survey again reinforced these areas where the greatest challenges seen when working across Asia-Pacific borders were anti money laundering/financial crime regulation and IT and cyber regulation


What do you see as the most significant challenge in working across borders in the Asia-pacific region in 2022?

Culture and conduct risks still require focus 

The survey explored compliance’s involvement in the specific risk areas of culture and conduct and outsourcing, to gain an understanding of the demand for compliance resource in these areas.

Firms are facing a raft of culture and conduct risks. This year, respondents identified the need to balance competitive and compliance pressures, increasing regulatory requirements and the adequacy and availability of skilled resources as the main culture and conduct risks

The greatest compliance challenges the board expects to face in 2022 is/are...

Rapidly evolving ESG expectations and the trailing compliance obligations that will follow

What is the single biggest culture or conduct risk your firm is facing?

This contrasts with 2021, when balancing competitive and compliance pressures, managing and motivating remote workers and creating a unified compliance culture came out as the top three.

Many respondents cited a growing friction between performance pressure and remaining compliant. In some ways this is unsurprising given the difficult operating conditions many firms have experienced during the pandemic.

The pandemic intensified conduct and cultural risks, in terms of hybrid working and triggered the invocation of business continuity plans. It is a point of potential concern that culture and conduct risk frameworks, which have been developing throughout the last 10 years, were found to lack sufficient effectiveness to manage the many implications of the pandemic.

Generally, firms have relied on their compliance departments to provide assurance, and at times enforce, cultural messages across organisations. This in turn has added further nuances to compliance functions’ attempts to carry out their core disciplines of communicating regulatory change and undertaking compliance monitoring activities.

The greatest compliance challenges the board expects to face in 2022 is/are...

The board doesn’t seem concerned with compliance, ethics or culture challenges. They seem focused solely on supply chain and profits.

The greatest compliance challenges the board expects to face in 2022 is/are...

Getting exec management to allow compliance a bigger presence at decision making times.
Corporate culture and governance are not matters that you can ‘set and forget’; they are enduring priorities for boards.”

Over the next 12 months, I expect the cost of time and resource devoted to conduct risk issues to be 

The expected cost of time and resource devoted to conduct risk issues has remained the same, with 62% expecting an increase in the next 12 months (49% slightly more, 13% significantly more). A significant proportion of G-SIBs (73%), however, expect resources devoted to conduct risk issues to increase in 2022, compared with 67% in 2021.

Regionally, 40% of firms based in the United States and 39% of firms in Continental Europe expect resources devoted to conduct risk issues to remain the same in the next 12 months. 

One way to assess whether a firm’s culture and conduct support ethical customer values is whether it is prepared to refuse a potentially profitable business decision in favour of upholding its core values.

What is the single biggest culture or conduct risk your firm is facing?

The mindset and behaviour of the senior management. The Chinese proverb says, ‘the fish rots from the head’. Senior management should provide leadership and demonstrate the substance of their communication. Too often that we see conflict of interest between short term profitability to derive high bonus versus declaration of good governance and yet banks assets are being bought and sold across subsidiaries
When culture risks, such as complacency or groupthink, are not proactively identified, managed, and monitored, they can erode a federally regulated financial institution’s (FRFI’s) ability to effectively manage its financial and non-financial risks and achieve its strategic business objectives.

2022 has seen a slight increase in the number of respondents reporting that they had not discarded a potentially profitable business proposition due to culture or conduct risk concerns, as compared with 46% in 2021 and 2020. A similar trend can be seen among G-SIBs, with 40% stating they had not discarded a potentially profitable business proposition due to culture or conduct risk concerns (31% in 2021, 48% in 2020).

Regionally, half of firms based in continental Europe said they had discarded a potentially profitable business decision due to culture or conduct risk concerns, compared with just 26% of firms based in the United States. 

What is the single biggest culture or conduct risk your firm is facing?

The business tries to be too much to too many. It is a challenge to have the business understand that it should turn away business that doesn’t make sense.

Have you in the last 12 months discarded a potentially profitable business proposition due to culture and/or conduct risk concerns?

Outsourcing needs continued compliance focus

While outsourcing can deliver benefits, it may also raise concerns about risk management and compliance when such tasks are outsourced to entities that are not regulated in the jurisdiction and/or are based in difference jurisdictions. In particular, it can diminish a regulator’s ability to regulate or supervise certain functions within firms or other regulated entities.

Outsourcing and third-party management has been a popular strategy for many firms. The most popular outsourcing arrangements tend to involve software development, cloud computing, data storage and certain decision-making functions.

This has not been lost on regulators, who have responded by issuing guidance and enforcement measures to govern firms’ management of third-party providers.

Around a third (30%) of compliance functions reported having outsourced some or all of their compliance functionality (34% in 2021 and 2020). There is a slightly different trend among G-SIBs. In 2021, 24% of G-SIBs said they had outsourced part or all the compliance functionality, compared to 36% in this year’s survey. 

Regionally, 15% of firms based in the United Kingdom and Asia said they outsource part of or all of their compliance functionality. 

Respondents reported that the main drivers for outsourcing were the need to provide additional assurance on top of the need for basic compliance across activities and cost.

Do you outsource any or all of your compliance functionality?


G-SIBs 2022: Do you outsource any or all of your compliance functionality? 


What were the drivers for outsourcing?

It is likely that the demands presented by the Russia sanctions will have driven more firms to seek external help with the compliance. That said there are increasing question marks over the continued long-term viability of outsourcing given both the pandemic and the geopolitical shifts. Many firms had outsourced some of their IT development functionality to Ukraine, Belarus or Russia and have had to repatriate that functionality at speed. It is part of the reconsideration of the compliance strategic approach needed to assess whether outsourcing remains appropriate.

Outsourcing compliance resulted in a spectrum of activities being undertaken by third parties including second compliance testing, screening, the review and monitoring of email, transaction reporting and compliance training. 

Demand for skilled resource

Respondents reported a significant need to recruit skilled and knowledgeable staff. Of course, with increased skill and experience comes a cost with these staff demanding more pay.

What is the single biggest culture or conduct risk your firm is facing?

Enhanced due diligence for high-risk supply chain partners in the face of increasing sanctions and regulatory controls.

Of the 66% of respondents who expect the cost of senior compliance staff to increase in the next 12 months, nearly half (47%) gave the demand for skilled staff and knowledge as the top reason. For a third (30%) the cost increase for senior compliance officers was driven by the volume of regulatory requirements. The need for skilled staff and the need for additional senior staff required to cope with volumes of regulatory requirements were also the top two reasons in 2021. Regionally, more than half (53%) of firms in Australasia selected demand for skilled staff and knowledge as the top reason for cost of senior compliance staff increasing, compared to 25% for firms in the Middle East.

Regionally, more than half (53%) of firms in Australasia selected demand for skilled staff and knowledge as the top reason for cost of senior compliance staff increasing, compared to 25% for firms in the Middle East. 

Reasons why cost of senior compliance staff is expected to increase over the next 12 months


What are the three key skills required for an ideal compliance officer in 2022?

To drill down further into the specific skills needed for the compliance function and senior compliance officers, respondents were asked for the three key skills for an ideal compliance officer in 2022. Respondents identified the top three as subject matter expertise, attention to detail and communication skills.

In 2021 the top three were subject matter expertise, communication skills and anticipate future regulatory trends.

Perhaps the most obvious change is the increasing need for technology understanding, which fits with the acceleration of digital transformation seen during the pandemic. Also coming into the top five is the interpersonal/stakeholder management skills needed to seek to ensure that compliance is able to inform and influence senior managers at a time when competing business priorities are increasing and firms are expecting compliance functions to do more with less.

The greatest compliance challenges I expect to face in 2022 is/are

Lack of skilled compliance professionals and high cost to obtain additional resources.
Without continued investment in technology and data capability, ASIC runs the risk of its effectiveness being diminished and, at worst, of ASIC becoming irrelevant over time..

Part 2 - Challenges

Given the level of demand for skilled compliance services it was striking in this year’s report the difficulties compliance officers were facing when trying to fulfil that demand.

Doing more with less

For 2022, it appears that at least some compliance functions are expected to do more with less which is likely to be testing despite the rapid recent adoption of technology. In terms of the size of compliance teams, over a third (35%) of respondents said they expect the size of their compliance teams to grow in the next 12 months, compared to 31% in 2021. 

What does the ideal future of the compliance function now look like?

I am concerned compliance is moving backwards, not forwards. That due to other challenges (supply chain, pandemic, and non-pandemic issues), that we’re getting less budget, getting more isolated, and returning to check the box type of compliance management. We’re in danger of losing the progress we’ve made rather than moving forward into a future state, ideal or not.

Over the next 12 months, I expect the size of my compliance team to… 

The picture among G-SIBs has shifted, in 2022, 46% of G-SIBs expect compliance teams to stay the same, down by a third compared to 74% who expected the size of the compliance team to stay the same in 2021. In 2022 46% of G-SIBs also expect their compliance team to grow compared to 18% in 2021. The world’s largest financial services firms are often a leading indicator of change and the example of the G-SIBs expectations may be a positive sign for the future growth of compliance teams.

Regionally, 65% of firms in the United Kingdom, 64% of firms in North America and 56% of firms in Asia all expect compliance teams to remain the same in the next 12 months.

Over the next 12 months, I expect the turnover of senior compliance staff to grow because…

Demand and new opportunities at higher salary.

Cost of compliance staff to increase

The cost of senior compliance staff is expected to rise in 2022. Two thirds of respondents said they expect the cost of senior compliance officers to increase (54% slightly more than today, 13% significantly more), compared to 47% in 2021 (39% slightly more than today, 8% significantly more). 

Regionally, 80% of respondents based in the Middle East and 75% of respondents based in Australasia expect senior compliance staff costs to increase in the next 12 months. 

Over the next 12 months, I expect the turnover of senior compliance staff to grow because…

Demand in the market for skilled compliance staff

Over the next 12 months, I expect the cost of senior compliance staff to be… 

Turnover unchanged

The expected turnover in senior compliance staff is broadly in line with the expectations around compliance teams themselves. Two thirds (66%) of firms expect senior compliance staff turnover to stay the same over the next 12 months, following a similar trend to previous years (68% in 2021, 60% in 2020). From a regional perspective, Australasia is something of an outlier with 55% of firms expecting senior compliance staff turnover to grow. 

Among reasons for turnover of senior compliance staff to grow were a competitive job market and increased opportunities within the industry following the pandemic. Firms’ approach to remote and hybrid working were also a factor highlighted by respondents. 

Budgets remain tight given increasing demands

Budgetary expectations for compliance teams have remained largely the same year-on-year. In 2022, 62% of respondents expect an increase in budgets (50% slightly more, 12% significantly more) compared to 52% in 2021 (42% slightly more, 10% significantly more).

Over the next 12 months, I expect the turnover of senior compliance staff to..


Over the next 12 months, I expect the total compliance team budget to be... 


In 2021, 20% of G-SIBs expected total compliance team budgets to fall (14% slightly less, 6% significantly less). This year, only 7% of G-SIBs expect budgets to fall and 60% expect budgets to grow again (56% in 2021). This echoes the 46% of G-SIBs that expect compliance teams to grow in 2022 and highlights that the cost of skilled staff is expected to increase.

Regionally, 67% of firms based in the United Kingdom expect total compliance team budget to increase over the next 12 months, compared to 50% of firms in Continental Europe.

In Asia, the “pulse” survey showed that organisations expected that compliance budgets would remain roughly the same during 2022.


Asia pulse survey: What best describes your organisation's compliance budget in 2022?


Compliance officers held responsible if things go wrong 

As well as the budgetary pressures placed on compliance officers, regulators have tightened requirements to hold compliance officers to account should things go wrong in their firm.

Regulators have introduced senior manager accountability regimes that place an extra burden of responsibility on senior managers. Many of these regimes include compliance officers. This places another reason why financial services, and compliance, is in danger of becoming an unpopular career choice for junior employees and as a consequence remuneration and other costs increase.


Over the next 12 months, I expect the personal liability of compliance professionals to be:

The expectations on personal liability show that nearly half (45%) expect the liability of compliance officers will continue to grow (40% slightly and 5% significantly) in 2022. That growth is from an already high level with, year-on-year, the personal liability of compliance officers being seen to continue to increase.

For senior managers themselves there remains a clear expectation that culture and conduct risk remains a source of personal liability, albeit a diminishing one.

In 2022, more than half (56%) of respondents still think that the regulatory focus on culture and conduct risk will increase the personal liability of senior managers. However, this has been falling since the question was introduced to the survey in 2020, from 61% in 2021 and 73% in 2020.


Do you think that the regulatory focus on culture and/or conduct risk will increase the personal liability of senior managers?

The top three practical changes identified by firms that affect the management of potential personal liability were enhanced regulatory training programmes (46%), deployment of technology (39%) and increased use of attestations (36%).

…good governance and strong oversight by the board of directors and senior management are fundamental to responding to both existing and emerging risks, especially in a fast-changing environment. Regulation and supervision cannot replace the pivotal role of the board and senior management in ensuring asset managers do what is right and in the best interests of their investors, and not just what is legally required.

What practical changes have taken place in your firm that affects the management of potential personal liability?

Enhanced regulatory training programmes remain among the top areas where practical changes have been made to address the management of potential personal liability (46% in 2022, 51% in 2021, 66% in 2020).

Regionally, enhanced regulatory training programmes were a priority among firms based in Australasia (60%), Continental Europe (56%), and Asia (51%).

Increased use of attestations were the top practical changes selected by G-SIBs in 2021 (57%).

Regulators need accurate and timely information to assess emerging risks and to make informed supervisory decisions. Project Ellipse has now developed a potential tool for the global regulatory community to further explore and collaborate on common solutions that can improve the data and analytical capabilities of regulatory authorities. It has the potential to be a game – changer by giving supervisors access to more and better data, structured and unstructured, with greater predictive insights than ever before, it can be scaled to provide real time analysis on a national or cross border supervisory basis.

Liaising with regulators remains a key requirement

At a time when both regulatory developments and compliance resource constraints are increasing, the need is growing for liaison with regulators, for clarification, understanding and direction. This is particularly pertinent when sanctions compliance is a key regulatory and political priority.


Over the next 12 months, I expect the time spent liaising and communicating with regulators and exchanges to be....

The expected amount of time spent liaising and communicating with regulators and exchanges has been falling in recent years. In 2022, half of respondents said they expect the time spent liaising and communicating with regulators and exchanges to increase over the next 12 months (38% slightly more, 12% significantly more). In 2021, this was 56% (43% slightly more, 13% significantly more) and 61% in 2020 (43% slightly more, 18% significantly more).

The top three reasons for the expected increase were more onerous regulatory and reporting requirements (64%), increased information requests from regulators (63%) and need to understand changing regulatory expectations (57%).

Regulators need accurate and timely information to assess emerging risks and to make informed supervisory decisions. Project Ellipse has now developed a potential tool for the global regulatory community to further explore and collaborate on common solutions that can improve the data and analytical capabilities of regulatory authorities. It has the potential to be a game – changer by giving supervisors access to more and better data, structured and unstructured, with greater predictive insights than ever before, it can be scaled to provide real time analysis on a national or cross border supervisory basis.

Part 3 - The future of the compliance function

What does the ideal future of the compliance function now look like?

“Embedded in and supported by the business across all business units and functions welcomed and listened to as part of the deep culture of the organisation producing interesting reminders and training that is welcomed by colleagues.

The compliance function has shifting headwinds to contend with – not only has the pandemic changed the way their firms work, but the speed and number of sanctions issued in response to the war in Ukraine has increased the challenge on resources. What is also increasingly evident is that the open cheque book era for compliance which characterised the years after the financial crisis is over. The future is data and technology driven. Last year respondents hoped that the compliance function would be more integrated throughout the business, this year the expectation appears to have grown with the ideal future now seen to be fully integrated throughout the business.

What does the ideal future of the compliance function now look like?

Utopia….experienced, well-funded, sufficient resources to truly become 2nd line guardians of the organisation.

What does the ideal future of the compliance function now look like?

In addition, respondents stated that firms should place more emphasis on skills and experience. More automation of compliance activities drops out of the top five but remains a key priority in 2022.

Financial services firms and their compliance functions are moving to a more automated environment and embracing digital transformation. A sign that regulatory technology may be coming into its own is the shift in the time spent tracking regulatory developments – a key area where regtech solutions can be deployed.

What does the ideal future of the compliance function now look like?

Making good use of technology to automate processes and simple tasks to free up time for compliance teams to focus on more complex issues and forward planning
Regulators need accurate and timely information to assess emerging risks and to make informed supervisory decisions. Project Ellipse has now developed a potential tool for the global regulatory community to further explore and collaborate on common solutions that can improve the data and analytical capabilities of regulatory authorities. It has the potential to be a game – changer by giving supervisors access to more and better data, structured and unstructured, with greater predictive insights than ever before, it can be scaled to provide real time analysis on a national or cross border supervisory basis.

Is regtech lightening the load?

Regtech is “A subset of fintech that focuses on technologies that may facilitate the delivery of regulatory requirements more efficiently and effectively than existing capabilities.”

The percentage of compliance teams spending more than 10 hours in an average week tracking and analysing regulatory developments has fallen significantly, from 10% in 2021, to zero in 2022.

Compliance teams, on average, spend between 1 and 3 hours per week tracking and analysing regulatory developments (42% in 2022). 

The picture looks slightly different among G-SIBs, where 40% said they spend between 8 and 10 hours, and 33% between 4 and 7 hours per week tracking and analysing regulatory developments. 

Regionally, 60% of compliance teams based in Australasia spend between 8 and 10 hours a week tracking and analysing regulatory developments. With the number of regulatory events increasing this suggests that compliance departments have found more efficient ways of undertaking their regulatory tracking. This could include the use of regtech applications.

Additional evidence of the increasing use of digital solutions came from the Thomson Reuters Fintech, Regtech and the role of compliance report for 2022 which reported that “……. regtech solutions were having a growing impact on the management of compliance. At a firm level, regtech applications were mainly being used for compliance monitoring and anti-money laundering (AML)/sanctions checking. At a compliance function level, applications were being used for compliance monitoring, regulatory reporting, financial crime (including anti-money laundering/counterterrorism financing (AML/CTF) and sanctions), as well as onboarding and know-your-customer (KYC). The impact of regulatory change also featured strongly, with around a third of firms reporting that regtech will affect the implementation of regulatory change, the way it is captured and the way regulations and their impact are interpreted.”

In an average week, how much time does your compliance team spend tracking and analysing regulatory developments? (in hours)

Closing thoughts

Competing priorities have always characterised the role of compliance officer. Whether its juggling budgets and resources or risks and controls, prioritising different elements of the role has always been a key to the success of any compliance function. For 2022 the juggling act looks to be challenging, with more apparent competition among priorities. 

There is an acceptance that the economic environment following the pandemic and geopolitical developments have put pressure on firms. Compliance officers are reporting frustrations when trying to deliver on their objectives.

As firms diversify, transform and develop strategies into new areas that are a necessity of the post-pandemic world, it could be seen as understandable if senior managers’ attention has been distracted from culture and conduct difficulties. Any scenario which has the potential to distract senior managers from the fundamentals of culture and conduct requires a strong compliance function to advise on the appropriate priorities and redress the balance.

The emerging challenge is that the tightening of compliance budgets and possible shortage of skilled staff will make it more difficult for the compliance function to deliver successfully on the broadening range of activities now being asked of them.

The greatest compliance challenges I expect to face in 2022 is/are

Decreasing support from the top as they see less output from compliance, not recognizing this is due, in large part, to reduced budget, competing initiatives, and silo-driven culture.
[boards and senior managers] need to have sufficient understanding of the breadth of the changes and their implications and gain assurance that there is sufficient depth of expertise within the organisation to take advantage of the opportunities and manage the associated risks. The second line (compliance and risk) and third line (audit) functions have an important role to play in both supporting and challenging boards and senior management in these areas.

The greatest compliance challenges the board expects to face in 2022 is/are

Keeping up with regulatory change remains one of the greatest compliance challenges a board can expect to face in 2022. This is closely followed by resource allocation and budget limitations in the face of demands such as ESG compliance, company culture and the need to manage risk.

The 2021 cost of compliance report highlighted the need for enhanced strategic planning and for compliance functions to shape their own futures. The need for compliance functions to innovate to maintain their relevance and functionality has only increased for 2022.

In some firms there may be a perspective that technology could reduce the need for compliance functions. The increased popularity of regtech is a step down this path, but technological solutions are often immature and need to show their value.

What is the single biggest culture or conduct risk your firm is facing?

Due to rapid expansion, the single biggest conduct risk we face is we seem to be constantly reacting, instead of proactively researching the risk/compliance landscape and learning what we do not know.

 It is imperative that compliance functions, whether manual or automated, showcase their value and necessity to senior managers. A well-resourced, skilled and managed in-house compliance function remains the most effective way of delivering effective compliance at a firm. Compliance skills are a core competency, and an appropriately resourced compliance function is a key way in which a firm can ensure it thrives.

In some firms there may be a perspective that technology could reduce the need for compliance functions. The increased popularity of regtech is a step down this path, but technological solutions are often immature and need to show their value. It is imperative that compliance functions, whether manual or automated, showcase their value and necessity to senior managers. A well-resourced, skilled and managed in-house compliance function remains the most effective way of delivering effective compliance at a firm. Compliance skills are a core competency, and an appropriately resourced compliance function is a key way in which a firm can ensure it thrives.

Strong compliance functionality is difficult to achieve especially in the current climate. Firms should consider a wholesale review of compliance strategy. A board sponsored directive that the compliance function evaluate the post pandemic position, the impact of new geo-political tensions, refresh of skills and continue to invest in digital transformation, may go some way to untangling competing priorities.

Annex 1 - Examples of developments in key regulatory areas in 2021 

Download your digital PDF copy of the Annex 1 resource report table:

About the authors


Susannah Hammond

Susannah Hammond is a senior regulatory intelligence expert for Thomson Reuters with more than 30 years of wide-ranging compliance, regulatory and risk experience in international and UK financial services. She is co-author of “Conduct and Accountability in Financial Services: A Practical Guide” published by Bloomsbury Professional.

Mike Cowan

Mike Cowan is a senior regulatory intelligence expert for Thomson Reuters with more than 30 years’ experience of compliance, regulatory, risk and internal audit in UK financial services as regulator and practitioner.

Compliance Clarified is a podcast from Regulatory Intelligence featuring the hot topics of the day; the challenges faced and offers up practical ideas for emerging good practice. It seeks to de-mystify regulation and explores the art, as well as the science, of the ever-expanding role of the compliance officer. Enforcements, digital transformation, regulatory change, governance, culture, conduct risk – anything and everything affecting the compliance function is up for discussion


About Thomson Reuters Regulatory Intelligence

Thomson Reuters® Regulatory Intelligence is a market leading solution that empowers you to make well-informed decisions to confi dently manage regulatory risk, while providing the tools to make proactive decisions and action change within your organization. It has been developed with a full understanding of your compliance needs – locally and globally, today and in the future. Learn more

Download your digital PDF copy of the report below.