The Psychology of Regulation: Applying ‘Nudge Theory’ to Compliance08.11.2015
By Bill Mulligan, Chief Executive Officer, Cordium
As we steadily approach the 10-year anniversary of the financial crash, there can be no doubt that it has transformed the regulatory culture and environment that firms inhabit. On one level this means most firms now find themselves far more heavily regulated than before. The desire among authorities to ‘fix’ the causes of the crash – as well as improve transparency and minimize risk more generally – has inspired pages and pages of new rules and controls, such as the comprehensive ‘Dodd-Frank’ (Wall Street Reform and Consumer Protection) Act.
But it isn’t just about the volume of new rules. The way and extent to which these rules are enforced is also changing. Alternative funds are coming under unprecedented scrutiny from an increasingly proactive SEC. The numbers illustrate the extent to which the Regulator is on the warpath: in 2013 the Enforcement Division of the SEC opened up 908 investigations (a 12 per cent increase on the year before) and obtained 574 formal orders of investigations (up 20 per cent over the same period). It is estimated that in today’s environment a whopping one in twelve firms will face action at some point. And fines are have reached record highs. This isn’t some covert operation; to quote the SEC’s Mary Jo White verbatim, “We are casting our nets wider, and using nets with smaller spaces, paying attention to violations and violators regardless of size… we will be in more places than ever before.”
It would be wrong to interpret this as a reaction to increased wrongdoing or a fall in standards within industry. No such trend exists. On the contrary it reflects a fundamental shift in the Regulator’s attitude and role. Whereas enforcement and investigation used to be ‘last resort’ measures in cases of clear wrongdoing, they are now increasingly being used as broad regulatory and investigative tools.
How should firms respond? Well, the traditional answers apply now as much as they ever have: firms should work to ensure they fully understand what is required of them, and review their internal compliance processes to ensure they are robust and fit for purpose (an external audit is often of tremendous use here). Education will also always be key: ensuring that staff at all relevant levels within the firm understand SEC rules on suitability, and so on.
However, in a new environment with zero room for error, it might also benefit firms to start to think about compliance within a relatively new dimension – that of convenience.
In recent years, ‘nudge theory’ has risen to prominence within various social, political, and economic fields. The root idea is that humans are deep down creatures of habit and convenience, and that ‘anti-social’ (or otherwise sub-optimal) individual behavior are often triggered (or at least made more prevalent) by the ‘right’ option being too difficult or unobvious, rather than an active malice or intention to do the ‘wrong’ thing. Its broad conclusion is that ‘making the right thing as easy as possible’ is a crucial ingredient in effecting a culture of compliance, equally important to – if not more important than – threats, education or moralizing.
The philosophy has been embraced by both the US and UK Governments as a new means of achieving social behavioral change. In the US, Obama appointed Cass Sunstein – a vocal proponent of the theory – as administrator of the Office of Information and Regulatory Affairs. This new-found popularity at the top is in part due to financial constraints Governments have found themselves in since the crash: ‘nudges’ are perceived to generally be less costly and drastic than authoritarian alternatives. For instance, encouraging shops to put fruit at eye level is a ‘nudge’ as opposed to simply banning junk food.
Other prominent examples of this theory in action include the recent innovation whereby banks are encouraged to put ‘donate to charity’ buttons on ATMs. This makes donating to charity very easy and something you have to consciously choose not to do, rather than actively put in effort to do. The switch from opt-in to opt-out regimes for organ donation is another example. There is a large number of people who would be happy for their organs to be donated, but would simply never get around to filling out a form to say so. The opt-out approach demonstrably increases organ donation rates without forcing people against their will.
The theory is very applicable to the world of regulatory compliance, and provides a new way for firms to think about their culture of compliance. The stereotypical image of a compliance breach is the sensational act of wrongdoing – intentional fraud, and so on. But in fact the vast majority of compliance breaches are unintentional – the result of something not being filed quite right, a process being forgotten or a detail missed. This truth is reflected in the SEC’s change of stance – these are precisely the sort of ‘housekeeping’ infractions they are now going after full throttle. Yet nudge theory would suggest that in this case the most effective way of creating a culture of compliance is not stricter rules, penalties, or even endless education (though these will remain important). Instead, the most effective way of creating a culture of compliance is to make acts of compliance (filling in this form, following that process) as convenient, simple, and easy as possible for the individual concerned – and for it to slot as seamlessly as possible into their day-to-day habits and schedule.
The role of technology
Modern technology is one obvious way of achieving this. Even the most well-meaning employee or firm is more likely to fall short of compliance standards if doing so involves a major distraction from the day-to-day work, and involves substantial additional time and effort (such as having to fill out long and arduous forms). By contrast, if the process can be largely automated behind the scenes (without taking up the time or brainpower of the employee in question) and be made into something unobtrusive that takes two minutes (such as pressing a few buttons on a screen), compliance will improve – it’s just human nature!
A similar effect can be observed via recent technological innovations in other industries. iTunes, Spotify and the world of music provides a neat example. The industry went through a difficult period during the transition away from physical discs to downloadable music; a struggling business model failed to adapt to new ways of consuming and listening to music. A piracy epidemic emerged. Innovations in the world of online music downloading and streaming however – the latest and greatest being Spotify – have reversed this trend. This is largely because it is now very convenient to access and download a wide range of high quality music – how you want and when you want – with just the press of a few buttons. Most people don’t want to pirate, and are happy to pay money for music: convenience was the missing ingredient, made possible by technological innovation.
This is why leading compliance consultancies – whose business model has in the past been built squarely around expert human advice – are investing heavily in technology, and to some extent transitioning to being tech companies themselves. A range of software solutions designed to make compliance convenient and easy – from self-updating calendars prompting users with regard to important regulatory deadlines through to algorithms that run client information against international watch lists – are starting to come to market.
None of this is to suggest that the old pillars of financial compliance – human expertise, appropriate deterrence, educational initiatives, and so on – are on their way out. These will always have an important role to play. But nudge theory and the rise of smart technology promise a new front and new tools with which to fight the good fight, in a world where the dangers of non-compliance have never been greater.
Cordium provides regulatory compliance consulting services and software to the asset management and securities industries.
Eventus won Best in RegTech at the 2022 Markets Choice Awards.
Elliptic can support more than 500 crypto assets.
JPMorgan was fined $200m for failing to monitor their employees use of WhatsApp.
Solidus detects fraud, manipulation and market abuse in crypto and DeFi.
Solidus HALO is currently used to monitor more than 1 trillion events per day across more than 150 markets.