As Chief Compliance Officer at ANZ, it is the thought of the unknown event which can keep me awake at night and this is what we work so hard to prevent. But would I want a computer to be an extra pair of eyes for our organisation?
Of course, I can understand the motivation. JP Morgan has suffered through the multiple shocks of fraudulent mortgage-bond sales, the 'London-Whale' trading loss and services provided to Bernie Madoff's Ponzi scheme.
The effect of these events is twofold – the financial loss of regulatory fines (US$36 billion at the last check) and, just as significantly, reputational damage. Clearly, it's in the interest of any organisation to prevent them.
Sadly, what hit JP Morgan were no means an isolated incidents – just recently we have also seen enormous fines for a number of banks for the role of a handful of employees involved in interest rate fixing. So to quote another Hollywood movie, the threat from employee misconduct is a “clear and present danger".
GETTING ON TOP
So would we ever go so far as trying to prevent breaches before they happen? The answer would have to be yes. But there might be a different way of achieving this without resorting to tactics which could damage the critical bond of trust between employer and employee.
As our Global Chief Human Resources Officer Susie Babani has said, when the dust settles on scandals in the financial services world the finger invariably ends up pointed at culture, or more precisely, the failure of an organisation's culture.
Organisational culture can be a tricky thing to define but for me, at heart, it is the sum of the people who work for a company and the things they believe in. I also think it tells us what people will do when they are not being watched.
I firmly believe the majority of people go to work each and every day wanting to do the right thing and, moreover, they want to work for organisations that do the right thing. This makes it more surprising when things do go wrong – why did no-one speak out when it was apparent something was amiss?
The challenge is to ensure we put in place, and manage, the right processes and systems to support our people in doing the right thing.
This means everything from recruiting the right people to ensure we have a diverse range of voices and opinions to making sure we reward the right behaviours and provide the right training to building a shared understanding of the standards we expect when people work here.
Crucially, organisations also need to make it clear that it is okay to speak up if something looks wrong.
For me, this strong and often intangible framework, designed to build a risk-aware culture, can be more powerful in building the right culture than the most powerful computer program.
I also happen to think that most people would prefer the idea of an organisation which helps to support them in doing the right thing and doing things right, than the idea of receiving a tap on the shoulder for something they are yet to do. Particularly a tap from a AI robot.
But I'm interested to know what you think. What is the best way for organisations to make sure they are doing the right thing?
Mark Evans is Chief Compliance Officer at ANZ.
Photographer: Arsineh Houspian.