Top 4 Warning Signs of Non-compliance

Compliance failures can manifest through unintentional or deliberate acts. We highlight the warning signs to help spot and stop non-compliance.

The reality is it's impossible to eliminate non-compliance, especially if an employee decides to commit acts deliberately. However, certain red flags could signal non-compliant behaviour. If we know what those non-compliance warning signs are, we can be alert to prevent them from happening.

Warning signs of non-compliance

We attempt to identify these red flags, look at why people might commit violations, and address how we can manage the people dimension of compliance.

1. Deliberate non-compliance

Knowing the reasons why someone is deliberately non-compliant can give an indication of misconduct. Understanding what motivates people to deliberately breach compliance is not always easy. However, some examples include:

• Lack of pay rise, bonus or promotion - the individual feels aggrieved and wants to punish the company
• Pressure to meet targets - causes a person to fiddle with the numbers or ‘bend’ the rules
• Greed and a perception that they can get away with it
• Serious monetary concerns
• Acceptance of small theft as ‘no big deal’

2. Unintentional non-compliance

Some examples of why a person might commit a violation unintentionally include:

• Blissful ignorance of the rules
• Errors caused by a lack of training
• Failure to report breaches due to lack of time or lethargy
• Failure to take action ("Compliance is a job for compliance")
• Poor training
• An ambiguous or ineffective tone from the top leads to mixed messages
• Errors caused by overwork/understaffing
• Errors caused by a momentary lapse of care and diligence.

It could be that an employee isn't aware they have committed a violation. External parties may have targeted them for ways to breach your compliance walls. Or, they may find themselves in an impossible position where they can't get themselves out of trouble - like in the well-documented Barings Bank case.

3. Personal red flags for non-compliant individuals

Some personal red flags may indicate a higher risk of non-compliance. The presence of two or more of these warning signs in the same person could indicate an even higher risk.

• Living beyond their means - their clothes, car, house, and holidays are all financially out of reasonable reach compared with their salary
• Indebtedness - always asking for overtime or looking for a second job
• Substance abuse - known or suspected to have become dependent on alcohol or drugs, and their work has become careless
• Gambling - known or suspected to be gambling (in person or online), boasts of winning to colleagues and shows intermittent signs of living beyond their means and indebtedness
• Never away - doesn't take more than two or three consecutive days off or continue to work remotely when on leave
• Weekend or evening word - always willing to stay late or work at weekends when there is no incentive to do so
• Overly protective of clients - never wants anyone else to speak or deal with certain clients, never allows anyone access to certain client files, becomes uncharacteristically angry if someone attempts to do so
• Lack of training - never completes their compliance training or attends workshops (even when mandatory) and/or regularly fails training assessments
• A disgruntled employee - one overlooked for promotion (often consistently), with no regular pay increases or bonuses.

Of course, just because someone appears to be flaunting their money a bit more, or appears to have a problem with alcohol, doesn't mean they must be up to something non-compliant.

The majority of the time, it will have nothing to do with compliance. However, it's important to know that these could be red flags for non-compliance.

4. Compliance vulnerabilities in job roles

In addition to personal factors, certain roles are more vulnerable to non-compliant acts. Job role vulnerabilities can heighten the risk of non-compliance by providing opportunities to employees who are motivated to carry out such acts deliberately or those who may commit them unintentionally due to a lack of care or understanding.

Some examples are:

• Account/Relationship Managers - may execute a client's instructions without taking notice of the risk that they are laundering money
• Sales/Marketing/Procurement - could give or receive bribes to win business, secure or provide contracts
• Customer management staff - vulnerable staff could be bribed by a criminal to provide details of the firm's customers
• Counter staff - could (deliberately or unintentionally) allow fraudulent withdrawals or transactions, money laundering deposits, or facilitate identity fraud and account takeover.

How to manage the people side of compliance

Attaining 100% compliance is an enormous task for your company. But there are steps you can take to get close to your 100% goal, including:

• Do not ignore personal red flags
• Increase your scrutiny where an employee with red flags is working in a vulnerable job role
• Maintain adequate staffing levels
• Beware of departmental cliques where team members are overly close
• Communicate a clear and strong message of compliance that is endorsed by senior management and the Board
• Proactively identify, investigate and analyse the most minor acts of non-compliance, for example, an employee who repeatedly fails to complete compliance training.

Mitigating the risk of unintentional non-compliance by training staff and ensuring they are aware of their responsibilities is one step towards compliance that a firm can achieve.

Want to learn more about Risk Management?

We’ve created a comprehensive Enterprise Risk Management roadmap to help you navigate the compliance landscape, supported by IIRSM-accredited e-learning in our Risk Management Course Library. The IIRSM approves quality content and integrates risk decision-making to help keep people and organisations safe, healthy and resilient.