Election years in the United States, United Kingdom, and at European Parliament, along with ongoing geopolitical tensions regarding the conflicts in Ukraine and Gaza, make 2024 difficult to predict from a regulation and risk perspective.
The year is expected to be busy for compliance officers as regulators rush to push through outstanding rule proposals in anticipation of potential change. Meanwhile, global focuses on cracking down on sanctions violators, money launderers, and instances of bribery will put the defenses of businesses and their third parties to the test.
Against this backdrop, I offer my annual list of what I’d like to see in the coming year:
Leniency from the SEC on final rule compliance dates: When the Securities and Exchange Commission published its fall 2023 rule list in December, it indicated 29 different proposed rules as being in the final stage. As mentioned above, the agency will be keen to push those changes through in anticipation of a potential shift in the U.S. political landscape.
Should Republicans fare favorably in the election and take control of the SEC, many rules could be reversed during the early years of a new commission—like what happened with Democrats in 2020. But if SEC Chair Gary Gensler remains in power, that will mean all rules passed will remain on pace to take effect at their set date.
Either way, the SEC should be mindful of the burden passing a flurry of rules in short order creates when setting compliance dates. SEC Commissioner Mark Uyeda has previously spoken to this point on multiple occasions.
The outcome of the SEC’s climate-related disclosure rule: Sticking with the SEC, it’s been nearly two years since the agency first proposed its ambitious rule to require public companies to quantify, measure, and disclose their effect on the environment.
If there’s an SEC rule primed for Republican reversal or legal challenge, it’s this one. That, along with more than 16,000 comments to consider, has the agency taking its time to craft a final climate-related disclosure rule.
Potential concessions the agency might make to its initial proposal include weakening Scope 3 requirements or changing the details of its bright-line standard.
More DOJ declinations: I’ve shared previously my belief the success of the Department of Justice’s new voluntary self-disclosure initiatives will be affected by how many declinations the agency announces. If you’re going to float a carrot to companies that come forward, they’ll want to see the payoff in action.
Last year saw the DOJ publish three declinations—believe it or not, the most the agency has posted in a year since 2018. In its November declination for Lifecore Biomedical, it specifically noted how the pharmaceuticals company met its new voluntary self-disclosure requirements.
With more of these examples will come more of an understanding regarding the DOJ’s expectations.
More Nicole Argentieri speeches: One more from the DOJ—if you haven’t had a chance to read the speech Argentieri, acting head of the Criminal Division, delivered at an industry event in November, I advise you do.
In it, she provided great detail on the agency’s recent Foreign Corrupt Practices Act resolutions with Albemarle, Tysers Insurance Brokers, and H.W. Wood and offered information on how the DOJ intends to increase its use of data analytics to identify potential misconduct.
Such speeches are a great reference for compliance officers—and a great source of content for Compliance Week.
Clarity on bank failure fallout: We’ve written a lot about changes U.S. banking regulators have proposed or are considering after the collapses of Silicon Valley Bank, Signature Bank, and First Republic Bank in early 2023. How and when some of these requirements might take effect remain to be seen.
What is clear is regulators aren’t looking lightly at three of the largest bank failures in the country’s history happening in quick succession.
Swiss regulators are also worth keeping an eye on after the tumult in the markets contributed to the need for Credit Suisse to be acquired by its larger competitor, UBS. The Swiss Financial Market Supervisory Authority in December called for greater power to impose fines against bank senior managers as part of its Credit Suisse postmortem.
Progress toward crypto compliance guidelines: I touched on cryptocurrency last year in the aftermath of the collapse of FTX and said I wouldn’t get too into the weeds on the topic. Still, I feel it important to include again this year after how many damning findings came out of the U.S. government’s $4.3 billion crackdown on Binance in November.
It’s clear the crypto industry needs more meaningful compliance guidance, even if the SEC believes it unnecessary. The Commodity Futures Trading Commission is an agency to watch here, while a new Congress could also pay the topic some mind.
A shift in compliance reporting line trends: Are the days of compliance reporting to legal coming to an end? Our “Inside the Mind of the CCO” survey didn’t suggest as much, with 39 percent of its 322 total respondents saying that was the reporting structure in place at their business.
The independence of compliance from legal has long been debated, but now the structure is likely to be closer scrutinized following guidance from the Department of Health and Human Services’ Office of Inspector General released in November that stated compliance officers “should not lead or report to the entity’s legal or financial functions” and “should report directly to the CEO or the board.”
The guidance is voluntary and directed toward the healthcare compliance community, but one regulator’s viewpoint can have a way of catching on among firms anticipating other agencies might share a similar view. We’ll see what the data holds during this year’s CCO survey.
More discussion around AI successes, failures: Another takeaway from our survey was that most compliance departments (59 percent) are not using artificial intelligence to assist with compliance obligations.
A lot of companies remain concerned about AI and are taking a cautious approach. Rightfully so. That’s why any time a business is willing to speak to its successes and failures in utilizing AI, it goes a long way toward increasing comfort around the topic. Industry events are a great forum for these discussions.
In our survey, respondents indicated they anticipate AI being most helpful regarding keeping up with regulatory change, rooting out corruption and fraud, third-party monitoring, and improving policies and procedures in the next five years.
More guidance on off-channel communications: One more from our survey, which found confidence levels low across the board from compliance officers on their firm’s ability to track employee use of off-channel communications.
“Have you tried to control or monitor 42K employees? Silly question,” said one CCO from an engineering company.
This sentiment is likely shared by many trying to confront the communication preferences of thousands of employees. With the DOJ now paying scrutiny to this area, the stakes have increased. The agency has made clear companies must at least be making an effort to track communications, but more information could go a long way.
More accountability for supply chain due diligence: A report from the New York Times in December about auditors overlooking migrant children working for U.S. suppliers is a troubling reminder how much work remains to root out labor misconduct in supply chains.
New laws, such as the Corporate Sustainability Due Diligence Directive in the European Union, help to put more scrutiny on human rights-related risks, but an attitude shift is necessary as well. A survey conducted by the International Compliance Association last year found forced labor and child labor a low priority for businesses, with many struggling to receive support from the C-suite regarding the topics.
- Accounting & Auditing
- Artificial Intelligence
- Chief Compliance Officer
- climate-related disclosure
- Corporate Sustainability Due Diligence Directive
- Credit Suisse
- Department of Health and Human Services
- Department of Justice
- ESG/Social Responsibility
- Ethics & Culture
- Financial Services
- First Republic Bank
- Gary Gensler
- Inside the Mind of the CCO
- Nicole Argentieri
- off-channel communications
- Office of Inspector General
- Regulatory Enforcement
- Regulatory Policy
- Risk Management
- Securities and Exchange Commission
- Signature Bank
- Silicon Valley Bank
- Supply Chain
- Surveys & Benchmarking
- Third Party Risk
- United Kingdom
- United States
- Voluntary Self-Disclosure