Committee Reports

Chief Compliance Officer Liability in the Financial Sector


Financial firm compliance officers serve as essential gatekeepers to prevent, detect, and remediate violations of laws, regulations, and internal policies and rules.  Because of their role, compliance officers are inherently at risk of becoming subject to regulatory investigations and personal liability.  While the intent of such investigations and liability risks may be to strengthen the “gatekeeper” function, they can also discourage appropriate activity by compliance officers, isolate compliance officers from other business processes, or, at the extreme, lead individuals to leave compliance roles for fear of bearing liability for the misconduct of others.  This paper explores the ways in which the compliance community and the regulating agencies can better achieve their shared goals. 

Based on recent regulatory enforcement actions, compliance officers face and, equally importantly, perceive, a growing risk of personal liability from the day-to-day performance of the compliance function.  In particular, there is a risk of liability arising out of an assessment made in hindsight regarding what a compliance officer or program ought to have detected and prevented.  This risk of liability threatens to reduce the ranks of effective, qualified candidates seeking and remaining in compliance positions. Compliance officers also face an enforcement culture focused on individual accountability, a greater regulatory focus on the compliance function, and an increase in state and federal regulations potentially implicating personal liability.  This increase in exposure is often coupled with uncertain prevailing standards of liability and insufficient guidance regarding regulatory expectations.

Enforcement actions against compliance officers in their individual capacity remain an important regulatory tool to deter malfeasance, punish misconduct, and prevent fraud.  And, to their credit, regulators have attempted to reassure compliance officers by stating that they do not intend to target compliance officers and use enforcement actions as a method of last resort only to punish compliance officers who engage in truly egregious conduct.  But this tool is most effective when compliance officers understand the boundaries of their duties and responsibilities and can clearly demonstrate those boundaries to other stakeholders in their firms.  Despite the recent regulatory pronouncements, compliance officers remain concerned that their good faith efforts and well-intentioned conduct may be punished.  This Report attempts to outline compliance officers’ regulatory concerns, recent enforcement actions against compliance officers and meaningful ways for compliance officers in the financial services industry to bolster regulatory and compliance communication, interaction, and understanding with their regulatory counterparts.  Through this approach, we hope to reduce the apprehension regarding personal liability that threatens the quality of service in the regulated community, clarify the principles that underwrite regulators’ approach to enforcement, and generate more consistent liability outcomes without sacrificing the achievement of regulatory goals.

In Part I, this Report examines ways in which liability risks may undermine compliance officer effectiveness and efficiency.  Through both quantitative and qualitative analysis, the Report articulates compliance officer risks and concerns and describes how these concerns affect the quality of service in the compliance function.  Part II of the Report examines recent enforcement actions from a variety of regulatory agencies, including the Securities and Exchange Commission (the “SEC”), Department of Justice (the “DOJ”), Financial Industry Regulatory Authority, Inc. (“FINRA”), and Financial Crimes Enforcement Network (“FinCEN”). Through this analysis, it highlights recent trends in compliance officer liability and enforcement.  In Part III, this Report recommends certain regulatory undertakings that would serve regulatory goals, improve compliance results, and dispel the uncertainty and apprehension associated with compliance officer liability.  These recommendations seek to establish stronger ex-ante relationships between regulators and the compliance profession and better equip compliance officers to accomplish the mutual goals of industry actors and the regulatory agencies that oversee them.

            *                                                          *                                                          *

To read the full report please click the link above