Estimated reading time: 7 minutes
As winter ends in the northern hemisphere, many people will be engaged in the age-old ritual of spring cleaning. This year, they’re very likely to be following the guidance of Marie Kondo, a cleaning guru with her own Netflix series who has sold millions of books globally. Kondo’s method of organising, the KonMari method, consists of gathering together all of one’s belongings, one category at a time, and then keeping only those things that “spark joy” (ときめく tokimeku, the word in Japanese, means “flutter, throb, palpitate”) and choosing a place for everything from then on.
Regular readers will know that I’m on a mission to bring Behavioural Science to Compliance. As part of that, I think it’s also time to give it the KonMari treatment. Here are just a few (of the many) ways I think we can do that:
What’s in a name?
Let’s start with branding and the word “Compliance”. For me, it is far from reflective of the actual role and more reminiscent of over-zealous parking attendants and petty bureaucrats. To see quite how little joy it sparks, try inviting someone to Compliance training that isn’t mandatory or send an email entitled “Compliance update”. In fact, don’t. If you’re responsible for either, try something entirely different and do avoid using the C word. Instead, use language that at least seeks to engage the target audience, rather than scare it.
So, what would I use instead of Compliance? Good question. It’s not easy, particularly when regulators continue to specifically require the existence of “Compliance” functions. Perhaps we can take inspiration from the medical profession, who recognise some of the negative connotations of the word. As it explains here, they draw a subtle distinction between Compliance and something they call Adherence:
“Compliance” literally means following (or complying with) doctor’s recommendations for medication dosing. It implies a paternalistic role for the physician and a passive role for the patient.
On the other hand, “Adherence” means that the patient himself or herself is adhering to the proper dosing schedule, and it implies that the patient is empowered to take matters into their own hands for their own health.
Whilst I’m not advocating the word Adherence as a perfect replacement for Compliance, I do like the idea of patient engagement it encompasses.
One way we could re-brand is to ask our customers what they think. Sadly I suspect, they’d come up with less than complimentary things like “Business Prevention Unit” or “Necessary Evil Unit”. Obviously, that’s not entirely fair. But my aim in writing these blogs isn’t to be fair. Or indeed to have all of the answers. Rather my mission is to provoke discussion with the purpose of changing things. What I call Constructive Disruption.
Part of the reason Compliance has a “non-joy sparking” reputation is that all too often our processes aren’t designed with the end user in mind. Which is where I think some KonMari thinking could come in useful.
Of course, organisations need to be compliant. But they can’t be compliant of their own accord: it’s the people within them that, through their decisions and subsequent actions, will determine whether they are or aren’t. Robots tend not to read policies, though all too often it feels like they’re written more with robots than people in mind.
So when we think about Compliance, we need to do so from the perspective of the target audience, not solely from the organisation’s. Because what is easiest or best from an organisational perspective, might not be for the individual.
Take a regulation like MiFID, the EU Markets in Financial Instruments Directive; Part II of which came into force last year. I’m aware that merely name-checking a specific regulation risks me losing most of my audience. That’s kinda my point! Don’t worry though; we’re not going to go into any more detail than that. All you need to know is that it has a big impact on how Financial Services firms go about their business. Though if you work in the industry, you might need a little more than that (try the last hyperlink for starters!).
What happened in most Firms when MiFID arrived, is that it became the story and the lens through which Compliance with it was (and is ensured. What I mean by that is that it was introduced to staff by requiring them to read MiFID policies and attend MiFID training. This arguably makes perfect sense; when new regulations come in, staff need to know what the impact is on their part of the business and them individually.
But, once it’s no longer new, the interests of the organisation and staff arguably diverge. The Firm’s interest remains best served by viewing the world largely through a regulatory lens; maintaining training, policies and controls directed at ensuring compliance with MiFID. From the employee’s perspective, it becomes yet another set of rules they need to comply with, which sit alongside a host of others. Unless they’re in Compliance, they won’t be going to MiFID meetings, they’ll be going to client meetings, where MiFID is just one of the many components they need to consider.
In KonMari terms, the organisation wants to arrange its proverbial regulatory wardrobes and drawers like high-end department stores segment their clothing departments by designer brand. However, the employees who have to wear the “clothes” on a daily basis, can’t just opt to wear “head to toe” Hugo Boss or Chanel; they need to wear outfits that contain items from different designers.
I know I’ve probably pushed the analogy too far and lost those of you that weren’t put off by the reference to MiFID. But I’ll crack on regardless… With a picture. The relevance of which will become clear as we go on.
See how I tried to keep your interest? How often do Compliance materials or processes do that? Not often. .
I might not have the answer to the branding challenge, but I’ve seen one for reducing Firm-centricity. My friend Maarten Hoekstra’s Broccoli approach to Compliance is built around a user-centric approach which focuses on “moments”; real-life situations that are recognisable to the average employee. Like “prospecting a new client” or “working in another country”. Training and support are framed and delivered through the lens of these “moments”, rather than the lens of the underlying regulation. Much better.
If we speak to people about real-life situations in which they are likely to find themselves, they’ll be much more engaged than if we codify a world into unrecognisable theoretical situations. As Maarten once told me: the world isn’t black and white, it’s grey. Rather than pretend that it is, we should help them navigate the grey.
Context isn’t the only area where Compliance could improve. How we say things is equally important.
Tone of Voice
Often how Compliance policies are communicated to employees exploits a perceived asymmetry of power between policymakers and the “supplicant” users of their policy. Too frequently, minimal effort is put into making the content engaging or relevant. I’ve blogged before about the overuse of the term “regulatory requirement” which sparks no joy and serves to do little to improve the quality of Compliance.
There’s no reason for Compliance requirements or training to be written or delivered in dull, tedious technical terms. In fact, there’s every incentive to do the opposite. As John Cleese, comedian and founder of training company Video Arts says:
People learn nothing when they’re asleep and very little when they’re bored.
The more important the message, the more critical it is that it engages the user. In her book, The Influential Mind, neuroscientist Tali Sharot explains that
our instinct is that if we have something important to convey, the other person will want to know. This instinct is wrong. In particular if the information is tied to a bleak message, many will actively avoid it.
Behavioural Science also teaches us that if we spend a lot of time doing something, then we attribute greater significance to it than other people do. So Compliance Officers who spend their whole days looking at a particular regulation, need to be careful not to presume that the target audience has a similar level of interest.
If we really want to engage people, then we need to ensure that the way we communicate isn’t merely informative. It needs to positively spark joy!
We live in an increasingly litigious society, and we’re used to seeing warning signs everywhere. Sometimes useful, but all too often designed to protect the organisation from being sued. We are warned that cups of coffee might be hot, that packets of peanuts might contain nuts and that beer might contain alcohol.
Compliance isn’t immune to this tendency. Vast amounts of cognitive effort are spent on telling people things they already know. Both on the part of recipients, but also on those required to transmit the messages. There’s a massive downside to this approach. The more we see warnings, the more we become de-sensitised to them.
Equally, we can err too much on the safe side and mitigate for tail risks. A good example is forcing people to do training that has little or no relevance to their job, just because they happen to find themselves working in a particular area. Personal Assistants are unlikely to find themselves needing to know the intricacies of regulations like MiFID, yet they are often forced to do training on it. Usually, because it is easier for the organisation in question or because someone has made a promise to a regulator that “everyone” will do the training.
This might seem harmless; after all, what damage can getting someone to do a 30-minute training course on a peripheral topic do? And maybe, just maybe they’ll find it useful. The answer is that it can do damage because it potentially normalises the idea that training is irrelevant and they’re unlikely to pay any attention to the subject matter, even when it is relevant.
I’m not arguing that Personal Assistants shouldn’t do training. I think they should. But I believe that a better use of their time would be to do more training than the rest of us on responding to threats like phishing emails and fraudulent calls. After all, that’s much more relevant to them, and they’re arguably much more likely to come across this, given their role is often precisely to screen inbound requests.
Each of us has limited cognitive capacity; if we fill people’s minds with things that don’t seem relevant, then we’re risking them not focusing on what really matters. The volume of content we need people to be aware of is immense and ever increasing. And If we’re hiring smart people to do smart things, then treating them like small children seems like a bad idea. After all, if you treat them like that, then don’t be surprised when they behave like them. Which really won’t spark joy.
These areas are just the tip of a massive iceberg. As we’ve seen, Compliance can spark precisely the opposite of joy: anxiety. It can often unnecessarily feel like a huge burden.
Those of us in the profession should think about that. Because we can add tremendous value to our organisations. Thoughtfully executed, with the end-user in mind, what we deliver is a huge competitive advantage and serves the interests of all stakeholders, including employees, really well.
But if it doesn’t feel that way, then we’re arguably not doing our jobs properly. It doesn’t matter what our intention is, what matters is how our target audience perceives us.
As I go about my mission of Bringing Science to Compliance, I think the principle of sparking joy is a good one. It won’t always be possible, and I’m not suggesting we become children’s TV presenters or dumb down complex issues. But it would be good if we could focus more on our target audience and at least try to spark more joy. Just because they are effectively forced users of our monopolistic service, doesn’t mean we shouldn’t work at making them more positively disposed towards what we’re doing.
If we do that, then we’ll increase the quality of Compliance within our organisations, and we’ll find it much easier to challenge them when we need to. That’s because we’ve shown them respect in how we’ve approached our role. Which means we can demand the same thing back.
The views expressed in this blog are the personal views of the author and are not made in any official capacity.
Title image (c) Netflix. All others courtesy of unsplash.com