A year removed from the start of the COVID-19 pandemic, the long-term effects the shift in work culture will have on the compliance profession have become more apparent.

The “Cost of Compliance Report 2021” by Thomson Reuters Regulatory Intelligence reflects these changes. The annual report, which generated responses from more than 720 practitioners across financial services worldwide, details how compliance officers in the industry have adapted to the new normal at their workplaces and which elements of these environments might be here to stay.

“The underlying drivers for changes made within a firm during the pandemic are important,” said Susannah Hammond, senior regulatory intelligence expert at Thomson Reuters and co-author of the report, in a press release. “Compliance officers must now consider the future of those changes and assess directionally what should be maintained and which are due for revision post-pandemic. Part of this analysis is understanding the limitations of what can, and cannot be, changed.”

In Thomson Reuters’ past surveys, compliance officers have typically cited “budget pressures, regulatory changes, and concerns about compliance culture” among top challenges. New citations following the pandemic include supervision of staff from home and the operational difficulties of remote work.

The top five areas identified as the biggest culture or conduct risk facing firms in 2021 also changed from last year. They include balancing competitive and compliance pressures; effectively managing and motivating remote workers; creating a unified compliance culture; evidencing good culture and conduct; and dealing with financial crime.

Major compliance changes brought by the pandemic were enabled by the deployment of technology, the report states. The top areas of compliance change were working from home and communicating and staying connected with teams. Rounding out the top five were the volume of regulatory requirements, remote oversight of conduct risks, and data privacy controls.

Boards identified their top challenges as handling the volume of regulatory change, instilling a culture of compliance, and meeting regulatory expectations. In comparison, the biggest compliance challenges were keeping up with regulatory change, increasing regulatory demands and expectations, and a lack of skilled resources.

Skills and personal liability

When asked what new skills compliance officers would seek in 2021, report respondents most frequently listed “subject matter expertise” relevant to a variety of disciplines. This includes technology to address cyber, RegTech, and artificial intelligence; business-related subjects; and softer skillsets, like culture and change management.

Half of firms surveyed expect the personal liability of compliance professionals to increase in the next 12 months, with 40 percent indicating “slightly” and 10 percent expecting a “significant” jump. Just under half (48 percent) expect personal liability to stay the same.

The survey also describes which measures financial institutions are using to manage the impact of potential personal liability. Consistent with findings in last year’s report, “implementation of an enhanced regulatory training program” was the top-cited response. Others were use of personal attestations, requirements to maintain a personal archive of evidence, and a company-wide decision register.

In the 12-year history of the survey, Thomson Reuters noted it saw the lowest percentage of respondents who expect the cost of senior compliance staff to increase (47 percent). Budget cuts and remote working were identified as potential factors.

Another notable finding: the number of firms (34 percent) that said they outsource all or part of their compliance functionality, which represented the highest rate since Thomson Reuters introduced the question in 2016. Stated reasons for outsourcing included the need for additional assurance on compliance processes (48 percent in 2021 vs. 54 percent in 2020); lack of in-house compliance skills (38 percent vs. 34 percent); and need to access third-party KYC functionality, like customer due diligence, enhanced due diligence, and verification of customer identity (37 percent in 2021).

A new question for this year asked respondents about the features of an ideal compliance function. “Respondents said their ideal future compliance functions would be adequately resourced with human and financial capital, with more automation of compliance activities,” according to the report. Additionally, respondents said the compliance function would be seen as a strategic business partner integrated throughout the business, with culture and technology appropriately enabled.