Latest Products

So, you’re interested in Financial Crime Compliance

Tuesday 14 February 2017

GRC Institute President, Carolyn Hanson, chats with GRC Professional about the fundamentals of a career in financial crime compliance.
Carolyn is Head of Financial Crime Compliance & Specialist Advisory Services, Wealth Management, at the Commonwealth Bank of Australia (CBA).
She has been in the compliance field for more than 20 years. Australia is her eighth country of residence and all her international moves have had an element of financial crime compliance.

CBA is the second of the Australian “Big Four” banks for which she has worked, having also been employed at Westpac in the Australian Financial Services risk team in the Anti-Money Laundering area.



What are some of the emerging trends when it comes to tackling ML and meeting AML regulatory requirements in 2017?
The most interesting thing to me is that we are no longer just talking about money laundering and anti-money laundering. The space has really expanded into sanctions, anti-bribery, corruption and cybercrime. So, if I am trying to define financial crime compliance, the question is ‘what does that mean?’

I think, for many people, financial crime compliance is still just anti-money laundering. The fact that there has been this expansion is one of the emerging trends that compliance professionals are going to need to wrap their heads around.

Everybody cuts the cake in different ways. Organisations, too, have different things both in- and out-of-scope, as far financial crime compliance is concerned, and sometimes, that does not always meet with what the regulators think financial crime compliance should look like.

So I believe we will see both a coming together and a moving away from “just [anti-] money laundering”, because it has many tendrils into many different areas.
I suppose one of the big issues that came up last year was the ‘Panama Papers’ and tax evasion. Previously, that was the white elephant in the room, because people simply weren’t touching tax evasion.


What are some of the key areas that might prove challenging for risk and compliance professionals?
One of the key areas and challenges is the constant evolution. Just when you think you have it all sorted, something else comes along.

Recently, I was reading that the UK regulators handbook was updated last year to reflect new reporting and financial crime requirements, and so now companies in the UK have to submit annual data on their operating jurisdictions and high riskcustomers. I don’t think many of the companies in Australia would be able to meet that kind of requirement easily. The UK is a bit further advanced, but as professionals we all need to be conscious that it’s an ever-evolving situation, and one with which we need to keep up-to-date.

Is there anything you wish someone had told you when you were an emerging professional?
It is a specialisation, and as such, you are probably never going to become Chief Executive Officer. I have not seen a financial crime compliance officer who has risen to that kind of senior C-Suite position.

We are starting to see a change, with Compliance Officers in Australia making it to the board.  However, if that’s your career goal—and I am not saying it is my career goal!—it does tend to end up being a choice between generalism and specialism.
More positively I wish people had told me how transferrable and transportable this skill set is, and that it does help you move around the world. I might have made it to more countries!


How have you handled your professional development?
I have joined associations wherever I have been, and I have got involved. I think it’s fine to say network, but networking is all about you. For me, it’s also about giving back. So volunteering, being involved and helping to set up new initiatives gives you access to people and events that you might otherwise not know about.

You should also take the opportunity to get out there, to write and to speak. Take those opportunities and expand your horizons, even if sometimes it doesn’t feel all that comfortable.


What advice would you give to emerging risk and compliance professionals?
Stick with it. I see a lot of people chasing the next bright, shiny thing—‘Should I go into fraud? Should I go into RegTech? Should I go into cybercrime?’—but first, you really need some core fundamental compliance skills. You also need to think carefully before jumping around from thing to thing, because while I do appreciate that, when I see CVs with these his kind of variety come across my desk it makes me pause. I am looking for someone passionate, someone who will stick with it, because financial crime compliance is not for the fainted-hearted.

In compliance, you don’t always have many friends. You’re not everybody’s buddy. That aside, I think it is an area where you can genuinely make a big difference. And at least at the moment, it is an area in which you can make quite a lot of money – without turning to the dark side! 


Carolyn Hanson,  Head of Financial Crime Compliance & Specialist Advisory Services, Wealth Management, CBA