How concerned should the chief compliance officer be about reputational risk?
Whether we are head of internal audit, chief compliance officer, or a front-line staff member, we all need to work collectively to ensure that the right values and behaviors form part of our personal and corporate DNA to mitigate reputational risk. This means applying integrity and judgment in everything we do, and thinking about our customers, clients, shareholders, and communities in everyday decisions. I see the respected second line of defense function as compliance checking, challenging the business, and being the conscience of the company.
What is internal audit's compliance role?
Compliance — as well as other functions such as risk management, legal, and finance — is an essential part of an organization's corporate governance structure and second line of defense. As the third line of defense, internal audit should be independent of these functions. However, greater collaboration and knowledge sharing will help all parties drive improvements to the control environment. This could ultimately lead to a combined assurance approach which, if well coordinated, can streamline reporting, avoid duplication of effort, and reduce overall assurance costs.
What have you learned as head of internal audit that can help you lead Barclays' compliance function?
The effectiveness of any team is dependent on its people, and in internal audit we focus heavily on our people agenda. Diversity and inclusion initiatives, encouraging a culture of feedback and mentoring, and our own in-house training courses all contribute to improved individual and team performance. I will continue with the people agenda in compliance so that my colleagues all feel good about what they do, we are sought out as leaders and talent for the Barclays Group, and everyone has the opportunity to develop their careers. Proactive partnership with the business also has helped us to strengthen the control environment, in addition to promoting improved risk management knowledge through guest auditor and rotation schemes.