2020 will be uncertain and unpredictable. Here’s what compliance can do

Written by Jake Plenderleith on Tuesday January 14, 2020

Mark Zuckerberg, it is fair to say, has endured a tumultuous few years. A series of damaging revelations about Facebook – from the Cambridge Analytica scandal to political advertising on the site during the 2016 US election – has drawn fierce criticism about the way the social networking site operates. As the company’s founder and CEO, Zuckerberg has been dragged over hot coals in public, most recently in his October 2019 testimony before the House Financial Services Committee on the details of Facebook’s proposed cryptocurrency, Libra. Zuckerberg’s awkward performance – like his other testimonies before Congress – and muddled answers were met with opprobrium and mockery, further soiling Facebook’s already fragile reputation.

Indeed, it feels like Zuckerberg’s company has become an emblem and lightening rod for some of the world’s emerging social and political issues: electoral interference; the misuse of personal data; the manipulation of social media for political ends by hostile actors; the spread of ‘fake news’; the rise of the ‘deepfake’ and its potential for pernicious activity … all are connected, directly or indirectly, to Menlo Park, California. Some of these problems are easier to pin on Facebook than others, and it would be wrong to blame Facebook and Zuckerberg for the world’s ills. Some of them, however, definitely can, and it is no doubt for this reason that Zuckerberg, as the face of his company, felt compelled to allow media access into his home in December in an attempt to salvage some much-needed prestige. 

Questions for compliance

What’s concerning is that these problems run deeper than Facebook, which is itself being buffeted and rocked by changes in the global geopolitical landscape. All of the long-established political rules that have sustained politics, trade, diplomacy and business appear to have been upended with no sign of how or when they will be corrected, or indeed if they ever will (the unexpected assassination of General Soleimani in Baghdad is representative of this new, unstable order). The terrain in which we find ourselves, unfamiliar and politically polarised, is one that the world of compliance also inhabits. Wider societal problems, such as fake news and the manipulation of technology, pose difficult questions for compliance professionals: how does compliance support and advise the business effectively in the context of constant political, social and technological upheaval? What are the best methods for assessing risk in a shifting global landscape? How can compliance ensure that it is picking out the most significant (and true) information it needs amid a deluge of data?

Take sanctions compliance as an example. Already complex, today’s rocky political climate makes adhering to sanctions regimes that little bit harder. Managing third-party risk, and ensuring that no business is being conducted with a designated person or entity, is naturally a greater task the more that sanctions regimes continue to evolve in a state of near-constant flux (it being difficult to control something that is fluctuating). As an example, at the time of writing the Trump administration is weighing up whether to impose fresh sanctions on Iran (and on Iraq, too).[1] These may or may not be implemented, but the fact that such stories now appear every day presents a huge challenge for compliance in 2020, in which we are likely to see a continuation of such conditions.

Due diligence is another major issue. Considered in the context of increased digitalisation (half of the world’s populace are estimated to be online this year), the importance of due diligence has been amplified. Talk of digital identities will only grow in a world in which China has reportedly made facial recognition mandatory for those registering new SIM cards.[2] Such technology comes with a whiff of dystopia, but compliance should look to take advantage of such developments, where it can, for nobler ends. When it arrives, the technology will be here to stay. Making it do the work for compliance is something that is already in operation.

Compliance in 2020

Since even before the emergence of such tech, and the growth of online behemoths such as Facebook, governments and regulators have struggled to keep up with the conveyor belt of development and innovation, and the risks that this gives rise to. There are signs that this may be changing. In November last year, parliamentarians from ten countries convened in Dublin to question YouTube, Google and Twitter executives about the dissemination of fake news and interference in elections. Also present was Facebook’s Vice President of Content Policy, Monika Bickert, who had so many questions directed at her that apologies were extended to the other tech giant representatives present for being side-lined. Though this is a positive step, there is the definitely a sense, underlined by the urgency and earnestness of those doing the questioning, that these reactive measures are rather late given that electoral interference has already affected several countries in Europe and North America.

It is increasingly a fool’s errand to try and predict how these issues will affect the future. There are no indications that the seismic developments we have witnessed over the last few years in geopolitics are beginning to settle. In the spiralling of political uncertainty and technological expansion, compliance practitioners are confronted by a two-headed beast. Political uncertainty, and all its attendant baggage, will continue in 2020; the diversification of sanctions regimes will likely be further stretched. Though technology poses a threat, it has the potential to help cover these risks. To achieve this, compliance policies must be updated, which goes to the heart of what will be most important for compliance: being able to successfully adapt to change. For this reason, compliance professionals should make it a priority to stay on top of developments.

Keeping ahead of technological growth is not possible for compliance: what is, is making sure that regulatory updates are known and absorbed and providing evidence to regulators of the same, thereby protecting firms against enforcement action. Information sharing and increased collaboration between compliance practitioners and with regulators is a really effective way of ensuring that regulatory change is widely accessible, and that its impact is profound. Staying informed will also help shield compliance from any geopolitical fallout. Like Zuckerberg and Facebook, compliance does not have the luxury of standing still. In Facebook’s case it seems the risks to which it has subsequently been exposed were not sufficiently taken into consideration, if at all. The aim for compliance professionals in 2020 should be to learn from this and avoid walking into the same trap.

An extended version of this article originally appeared in the January 2020 edition of inCOMPLIANCE.

[1] BBC News, ‘Trump threatens Iraq with sanctions if US troops are expelled’, 6 January 2020: https://www.bbc.co.uk/news/world-middle-east-51003159 – accessed January 2020

[2] Lily Kuo, ‘China brings in mandatory facial recognition for mobile phone users’, The Guardian, 2 December 2019: https://www.theguardian.com/world/2019/dec/02/china-brings-in-mandatory-facial-recognition-for-mobile-phone-users – accessed January 2020

This article forms part of the #BigCompConvo - Join us as we explore and debate the latest challenges and issues facing you and regulatory and financial crime compliance professionals all over the world. If you’d like to contribute an article as part of the Big Compliance Conversation get in touch with us at contributions@int-comp.org