Experts cite lack of tech adoption and need for ethical culture as key to strengthening compliance

By the end of 2024, the compliance industry – still – remains largely underserved by technology. However, while technology offers powerful tools to streamline compliance, on its own – it is not a silver bullet.  

Leaders must pair tech solutions with human oversight and a proactive culture of ethics. Speaking at the #RISK Conference in London, the panelists from Citi, TikTok, and other companies emphasised that compliance requires more than just technology - it demands a strong organisational commitment to ethical practices. 

Nikita Munn, Product Specialist at LexisNexis, noted, it's about equipping teams with tools for compliance training, third-party onboarding, content distribution, elements that technology can powerfully streamline but not handle on its own. There is a need to integrate technology with human oversight to ensure compliance permeates an organisation’s culture. 

Gayle Sparkes, Global Head of Conduct Risk ICRM and Managing Director at Citi, pointed out that compliance is often treated as a reactive process in many organisations, with a lack of strategic intent behind adopting technology. She warned that leaders need to think strategically and do more than just rely on tech - they must actively cultivate a culture of compliance within their organisations.  

As Sparkes stated, "Over the past 25 years, we have built the compliance industry where financial institutions have developed fragmented taxonomies and approaches, for instance, to conduct risk. This, she argued, has led to silos and inefficiencies across institutions. She compared the approaches in the UK and US, where the UK, for instance, focuses on market integrity and doing the right thing, while the US often frames compliance in terms of punishing "bad actors." Moreover, at present, the industry still remains largely underserved by technology. In any case, compliance isn't just about technology or processes - it's about making sure employees understand and embody the organisation's ethical standards.” 

According to Amrita Aurora, a Governance, Risk, and Transformation Consultant, it's not a matter of 'if' technology will play a role but 'when' it will be fully integrated into compliance strategies to streamline risk management, controls, and reporting. She noted that in cybersecurity, breaches are inevitable, and this mindset is increasingly being adopted across other areas of regulation. She pointed to third-party risk management as a key area of focus over the last decade, now expanding further into operational resilience and frameworks like DORA, underscoring the growing need for integrated approaches in compliance. 

Amrita also mentioned the increasing focus on consumer duty in financial services over the past five years, linking it to discussions on strategic compliance and ethical business practices.

Victoria Harman, former Head of Listing Governance at TikTok e-Commerce, discussed how artificial intelligence (AI) is starting to reshape regulatory compliance. Harman shared her work on the Digital Securities Act, emphasising AI’s potential to document risks, identify trends, and improve policy drafting. She cautioned, however, that AI must be used responsibly, with strong data governance and privacy measures to prevent bias and ensure ethical compliance practices. 

Throughout the discussion, panelists echoed the sentiment that while technology like AI can provide powerful tools for identifying risks and ensuring compliance, it needs to be backed by human oversight and organisational commitment. Compliance, they concluded, isn’t just about ticking boxes - it’s about building a culture that integrates technology, people, and processes to drive long-term, ethical business practices and better business outcomes.