Risky Women Podcast | Complexity of the Compliance Landscape

Kimberley Cole

This is Risky Women Radio, a show that connects, celebrates and champions women in risk regulation and compliance. We’re here to share the insights on the biggest issues in our industry and hear inspiring journeys from our global members. Sign up to our newsletter at riskywomen.org. I’m Kimberley Cole, your Chief Risky Woman.

Debra Au

Thank you. Thank you, Jenny, for having me.

Jenny Wong

We would love to hear in your words about your story and your career journey. Debra, what is the biggest risk that you’ve taken in your career? And has it paid off?

Debra Au

Yeah, the biggest risk I taking in my career is the switch from my career in Soc Gen, as a pure compliance, and then when I stepped into HSBC, I actually getting myself into the frontline role into the COO office.

Jenny Wong

I’m sure during that big switch, and along the way, you’ve had obviously mentors and people who’s inspired you. So we would be really interested to know Debra throughout that journey, who’s inspired you the most?

Debra Au

I think is my mentor, my life mentor, really, someone you know, my my previous office, Eileen Flaherty, who actually inspired me the most, that the career advice that she gave me, and also, my other mentor called Gary DeWaal, who is very quite a distinguished New York lawyer, both our lawyers in US, one in Chicago and one in New York. And their combined career advice for me is, don’t limit yourself and take control of your own path. So that is one of the reason why I would love you know, being being in legal compliance or risk as the support function or control function previously being seen as cost center. I really want to understand the vast majority, you know, why we always being, you know, boxing into the boxes, as a control person where we don’t know the business. So that that is one of the reason why I put myself above my comfort zone and jump into a bank, which is, you know, shoving the precedent case as DPA, and then really rolling off nicely to try to understand what exactly is a problem in the business and how to help to provide inputs to contribute to the bank and subtle the crisis or challenges where the bank and financial industry is first and foremost facing.

Jenny Wong

That is some really good career advice. So diving in, more into our topic today, Debra, what do you think are some of the biggest regulatory compliance challenges facing the Asia Pacific financial institutions?

Debra Au

I really think you know, with the recent years of geopolitical uncertainty and the business, you know, evolving so fast, if you look into the market, if you are close to the business, you see Bloomberg everyday is changing the chart, you know, and the walls, you know, unexpected. I do think the biggest regulatory compliance challenges for APAC is to diversify, you know, jurisdiction with diversified regulatory requirements and landscape that the financial institution needs to comply with.

Jenny Wong

Yes, and I think that, you know, that that’s definitely one of the top considerations for a lot of the institutions nowadays. Moving on, I like to also get your thoughts, Debra, how do you see the compliance function changing, to adapting to the technical, technological paces, such as digital growth, entry into new markets? And also customers needing faster, easier and more efficient interaction with their financial institutions? And what are some of the consequences, would you say, of not keeping up with that pace with the business?

Debra Au

Well, I do think, you know, if given the world is changing, right, we’re not now using, you know, really new ways of working, like we’re now having the interview online, which is not, you know, usual 10 or 15 years ago, which, you know, I don’t want to quote how long I’ve been in the industry and in my age. So I do really want to highlight is, I can see that even the next, you know, five or whatever, very quick, near future, we don’t use PowerPoint presentations, in our governance forms for example, with the use of AI, technology, regtech and fintech, we may have some real time data. And then we can just use dashboard, real time clicking the button, compliance can do a real time tracking challenge to the business to the front line. And then we hold up a bit of our second line of defense roles, stewardship, to a hair to, you know, to our roles as a second line of defense. So if we don’t keep up the pace, and we’re not moving up enough to close to the business, and the consequence is that the business and us will lose touch will not be seen as the strategic business partner. So some of the quick, evolving landscape, like I want to use some sort of metaphor is that recently, I just, you know, finished my vacation from Greenland, and I passed through a couple days in Iceland. In October, I’m still able to drive and walk in the city of Grindvik in Iceland. Where else can get in November. You know, the whole city have to evacuate, Blue Lagoon with no tourists while a month ago, it still flourish with tourism. And a lot of people walking around everywhere and myself is actually enjoying the city with the prosperity in Iceland. And today, you can see with almost 20,000 air freight per day, and the whole city evacuate and the earthquake erupt. Everyone is like an empty Dead City now. So I think that agility is key and then keeping up the pace with what’s happening. And then close to the business is very important. Otherwise, how can you know, Iceland been able to interpret the earthquake is coming and they give us, I mean, give them, the warning signs to evacuate people from the city to the safe place. I think same amount of force applies.

Jenny Wong

I really liked that analogy. I think that’s just the emphasis to your point is just how quickly can we adapt and agility is really key in for us to keep up with the business. So Debra, looking ahead, I mean you’ve you’ve already touched on it a little bit. What do you think, or how do you foresee the compliance function forming in the next five to 10 years? How’s that going to differ from today? And, you know, you’ve already mentioned earlier AI, what role will AI play, and what will be the keys to success for us?

Debra Au

So, I think the cornerstone, really is to, you know, in the next five years, your compliance function is to maintain private public partnership, which is, you know, to work with the regulators together. Because technology is evolving, you know, every day who can imagine AI, then Gen AI, and so forth you know we are using today, right? I don’t want to use the word ChatGPT because in Asia it’s diversified, it’s generative AI. And now, what role AI can play or will play, I think it will be a majority of roles that help us do our work much more efficient, effective, and the human touch, still wouldn’t be able to, you know, completely supersede because the essence or the crux of compliance function is to give and provide quality and strategic advice, being the trust and value strategic partners to the business, and that I don’t think AI or generative AI will be able to master it. So as long as a good compliance officer keep up the pace with business, strategic partnership. And then also externally with the other hand, is public private partnership as the cornerstone, maintain a good balance act, and keep up ourselves with mustering the use and know how of AI and generative AI can help to do our work much more efficient and effective. You know, the next time in 10 years, I can only see risk compliance, second line of defense function will be even much more a key impactful role for the financial institutions, because we are helping them to grow business safely, and then to secure their success.

Jenny Wong

So it sounds like compliance will continue to play a very key role partnering to the business while utilising AI to increase the efficiency. So it sounds like hopefully, I’ll be able to keep my job in the near future. Debra, you’ve also mentioned this a little bit already, but our friends at the regulator, what are some of the keys to maintaining a good relationship with them, especially in the current changing dynamic environment that we’re operating in?

Debra Au

I think fundamental is really the partnership and trust that we need to build. Work together in collaboration, and in a collaborative way, with the regulator together. On the key priority is where we all want the community, the industry to move forward to a better place to the better, you know, success and keep all these agenda, you know, in a transparent and collaborative way, in partnership, I think that’s kind of the cornerstone to maintain good relationship with the regulators.

Jenny Wong

Sounds like you’ve got the recipe sorted out there, maintaining the good relationship with our regulators and with the business.

Jenny Wong

Debra, I’m now going to move on and I’m going to have to put you on the spot a little bit. I’d like to know in one word, from your opinion, what’s the most important trait that a CCO a chief compliance officer should have?

Debra Au

Okay, I think if you asked me this question a couple of years ago will be very different from now. I think a couple of years ago or you know, if you are having your career in compliance for long you think technicality for compliance to know how of the graduation be able to know the rules regulation inside out, maybe the most precious. But now, I will say it is not, to me, the most important, I think, know how is the basic, but strategic and thought leadership is, is the future that each CCO must have. Because we need to look ahead, keep pace with the business, partnering with the regulator, being forefront and having the forward opinion. Not being reactive, but more proactive compliance is really to the important trait of a CCO, that today, if you are the CCO is a must to have.

Jenny Wong

Sounds like an ever changing function compliance in the next few years. And I mean, I just have to give you guys a world of credit to be able to function in this in this environment. Debra, so looking into the year ahead, what is going to be your top priority?

Debra Au

I think my top priority is to keep on upskilling and upskilling and reskilling people, changing the old school compliance, allow me to use the word, mindset with, you know, from a reactive compliance mindset to much more a proactive mode. Because previously, we always use the word reactive perform. Now I would say compliance have to proactive, prevent, and preempt. Because we cannot get ourselves into the loop. If you see the history of each financial institution that moves from crisis, or some legacy history, is there no longer, you know, the luxury to be reactive and that we perform, we need to be proactive to prevent and protect.

Jenny Wong

Sounds like you just need to be 10 steps ahead every time. So that’s that’s definitely going to be an interesting journey for all of us. And Debra, as a final question, what is the one book that you would recommend to all the upcoming leaders within the risk and compliance space?

Debra Au

So there is a book that I really want to introduce to everyone, which is the book called, from Harvard Business Review, is Stop Worrying About What People Think of You. So I think later on I will the whole book name, and it’s a recently published book in under Harvard Business Review, and it talks about the idea of FOPO theory is fear of people’s opinion, I think, compliance and especially for female, if you are in the Risk and Compliance areas, and you are one of the female leaders in the chair. We tend to be very humble, because we female. And for new leaders, we try to always observe what are the old folks think of things, but because of that, we tend to think too much. And we limit our potential and try to let the Asian brain or others to take control of what we really think. So sometimes we may, you know, so one a bit because as a as a recent compliance, we might want to observe and a little bit conservative. But now with the evolving changing landscape, I do think the, the need to start taking back the control of ourselves in order to be comfortable, and able to speak up is very important. And recently, I learned from my one of our manager, he did say something, which also inspire me quite a bit. So he gave me a feedback and say Debra, you know, I think you’re a driven and aggressive person. And, you know, my immediate reaction when I head the work aggressive. And I found that, oh, why do you use the word aggressive? And he said what’s wrong with that? We need female on the table to our senior leaders to be a bit aggressive. But in my mind, the Asian mind, brain, I equally you know, think aggressive, equal sign to stereotype. So flip side of the coin? Yeah. Why? It has to be stereotype. So, so yeah, I think there’s always two sides of the coin. And I think this book will help a lot. And I highly recommend.

Jenny Wong

I really liked that last point. On the example you gave about the aggressive, I can certainly relate to that. And that resonates a lot to me as well, just as a senior female leader walking into some of these conference rooms nowadays. You know, it’s like, well, what is wrong with coming across as as aggressive? It’s, it’s, you know. So, thank you so much for your time, Debra today. You’ve certainly inspired me a lot. I’ll definitely go and look into purchasing that book and hopefully get even more inspiration from that book. So once again, thank you so much for your time, Debra today really enjoyed our discussions and all the best in the future.

Debra Au

Thank you so much, Jenny. And thank you Protiviti and Risky Women for having me. Thank you.

Jenny Wong

Thank you.

Kimberley Cole

Thank you for listening to this episode of Risky Women Radio, be part of the ongoing conversation and learn more about our events and other programs at riskywomen.org