Compliance matters

The Guardian, one of my favorite UK newspapers, just released an excellent, frightening article on Mexican drug cartels laundering money through an American bank, Wachovia. The drug money ended up in a lot of different places after winding its way through Mexican Casas de Cambio (money exchange and transfer services), the City of London and the world’s money laundering capital, Miami Florida.

One statistic that caught my eye was the amount of unchecked money Wachovia shifted from 2004 until the bank got caught out in 2010 — some US$378.4 billion, more than $4 billion of which Wachovia moved in cash. Some part of that total (the full numbers may never be known) was in effect, according to the Guardian, “no questions asked” banking services for drug dealers.

You can find the article here.

The ending of the story doesn’t look too bad for Wachovia or for its new owner Wells Fargo. Some public embarrassment, a fine, costs and a deferred prosecution, which means the company got its wrists slapped. As one security expert noted in the article, nobody in the boardroom ever got to hear the rattle of handcuffs.

Things don’t seem to be working out quite so well for Mexico.

Things may not be working out quite so well for the rest of us either. As Martin Woods, the whistle-blower who sparked the investigations, said:

“What happened at Wachovia was symptomatic of the failure of the entire regulatory system to apply the kind of proper governance and adequate risk management which would have prevented not just the laundering of blood money, but the global crisis.”

If you are responsible for learning and development, you are likely responsible for compliance training, certification and reporting too. This story drove home for me, yet again, just how important the compliance function is. Our clients tell us that compliance courseware, testing and policy and procedure documentation can take up anywhere up to 70 percent of the normal use of an in-house learning management system.

I wonder if we’re nearly as serious about it all as we should be. If you knew, if you truly understood that your failure to help properly communicate and enforce know-your-client and anti-money-laundering policies at your bank could contribute to mayhem and lawlessness in a country like Mexico, along with all of the social ills the drug trade causes everywhere, would the stakes suddenly feel different?

How about for health and safety standards? Dangerous goods handling? Workforce tolerance issues? Environmental safeguards?

What if we got serious, what if we got very pro-active and, for example, started sending weekly, thought provoking compliance questions to employees’ smart-phones? What if we gave surprise examinations with anyone who failed put on immediate unpaid leave pending re-certification? What if we got the CEO to host “what if” webinars on what constitutes best practice and what constitutes cause for immediate dismissal or referral to the authorities?

This all sounds harsh I know but the stakes are high. At least in aggregate, the stakes are much higher than we might think day to day.