Risk and compliance management involves dealing with a company’s reputation with regulatory bodies. It’s important for us to stay within the boundaries of stipulated regulations by the designated regulatory body like the Central Bank of Nigeria and attend to law enforcement requests. My job is to ensure that we do.
I also work with the different product teams as they develop products. I’m there to guide them on the risks to consider and remind them of regulations that guide their design.
Because this is a field that not many are familiar with, I often get asked what I do. Here are some peculiar things I have to do daily or weekly as a risk and compliance manager in the tech industry;
Bonding with internal stakeholders
One of the foremost things I must do is to bond with my colleagues. When my name is mentioned, I don’t want people to become defensive, as this puts a strain on my ability to successfully perform my role. It’s much easier to work with people when they’re relaxed around me, as it makes it easier to know the processes they’re undertaking and give advice.
I always work hard to buy that confidence and trust across internal stakeholders. It helps to ensure they don’t feel compelled to contact me. Instead, I want them to naturally feel like they can carry me along when they have an ongoing project or challenge and not that they have to do it out of compulsion.
No matter how good you feel as a risk and compliance executive, you will have hitches if you don’t understand the company's products. So, I work hard to ensure that I have a good rapport with my colleagues across the company to be efficient. With this rapport, whenever I give recommendations, they realise I’m on their side and are willing to listen and consider them.
Propose solutions when there are no existing regulations for the business
The tech industry is pretty face paced. This means that sometimes, regulations are unable to keep up. Every day, we see new ideas within the tech ecosystem—for instance, crowdfunding platforms and companies. But then, we didn't have a regulatory body for crowding until it was signed last year.
This is why a part of what I do involves acting proactively and proposing solutions to the regulators. Certain things never change regarding regulations, and I want to make the regulators see that. So, I write to the regulators to get our processes reviewed and checked for compliance.
Through this, I’m inviting them and not waiting on them. They’ll check if we have processes in place, and once they are, there wouldn't be issues with the regulatory bodies.
You can also find me checking the regulations governing similar businesses in other countries. It’s often said that “there is nothing new under the sun”. Someone somewhere must have started something similar. So, it is my job to check, and armed with that knowledge, I can use the regulations in that country as a guide, pending when my country has a local law to address the business.
Gain the trust of external stakeholders
Another part of my routine is building relationships with stakeholders outside of my organisation. Collaboration is key, especially in risk and compliance. Without collaboration, covering all the necessary grounds to ensure we abide by regulations becomes impossible.
By gaining their trust through regular interactions, I also make it easier for them to give me access to the necessary information I need to carry out my role seamlessly. It's like buying a house. You need the keys to all the rooms if you’re going to inspect them fully, and that access is what building trust provides.
So, it’s important for me to keep working and delivering to show these stakeholders that I can be trusted and that working with me is collectively beneficial.
Communicating with the team
I’d say that one of the superpowers of any risk and compliance officer is having effective communication skills. It is a needed skill as you would always have to communicate with members of your immediate team or even other interrelated teams.
I always have to communicate every day, especially when there are overlapping functions. With an auditor, for example, I must employ the use of awareness and tact to identify that as a risk and compliance person, my role ends at point Z, and I can allow the auditor to come and continue from there.
I had to consciously build my communication skills in my early career years, especially in the office. I’d say that communicating clearly and objectively with an open mind has proven helpful so far.
Risk-free zone
When a day of analysing risks and ensuring compliance is done, I like to kick up my feet and spend time in my risk-free zone - bonding with my husband. You know what they say about all work and no play. Despite risk and compliance in tech being face paced, I create time to make memories with my husband. We do this by exploring new places and cooking new recipes. You’d always find us spending time cooking together.
Amongst the many peculiarities of risk compliance, one of the most frequent things I have to deal with is a lack of awareness about it. Because of this, one of my core responsibilities is helping people understand the importance of risks and compliance. That way, they’ll always turn to me when necessary because they understand how I come in.