Major Pratima Pinto Thomas, Head – HR, Fino Payments Bank, explores how the HR function supports and empowers compliance:
Ravi Lalwani: What are the most common queries or actions that CEO/CXOs come to HR with regards to regulatory compliance?
Major Pratima Pinto: When it comes to regulatory compliance, CEOs and CXOs often engage with HR on several key areas. Some of the most common queries on an operational basis include: understanding and keeping abreast with legal and compliance requirements and updates, ensuring adherence to them, risk management and mitigation, lines of defence, policy development and enforcement, ensuring best practices when it comes to doing beyond the regulated mandatory.
However, the most important area of expectation is to create a culture of compliance percolating out of policies and practices from the topmost level of strategy to the last mile execution, which the HR facilitates with the subject matter experts being the legal, compliance and risk functions of the bank.
What policies or practices have you put in place to facilitate compliance?
Adherence to compliance norms in the banking industry is facilitated through a structured framework that ensures regulatory alignment and operational integrity. This begins with well-documented policies and practices that define the bank’s approach to compliance, incorporating legal, regulatory, and internal control requirements. To strengthen awareness, regular training sessions are conducted for employees, ensuring they understand compliance obligations and their respective responsibilities. Audit and monitoring play a crucial role, with both internal and external audits, along with continuous operational reviews, identifying and addressing potential compliance issues early.
Additionally, an effective risk management system is in place, incorporating compliance risk assessments and mitigation strategies to minimize violations. The presence of legal counsel and consultation, either in-house or through external advisors, ensures expert guidance on compliance-related matters. A robust whistleblower and vigilance mechanism provides employees with a secure and anonymous platform to report violations or unethical behavior without fear of retaliation. To safeguard sensitive information, data security and privacy controls are implemented, ensuring adherence to relevant privacy laws. Lastly, documentation and record-keeping remain fundamental, maintaining detailed records of compliance efforts, training programs, and audit findings to enhance transparency and accountability.
What training programs has the company undertaken in the last 12 months to boost compliance?
The bank has institutionalized a process of on-going training for mandatory compliance areas at regular intervals, in the areas which affect our business model apart from the behavioral areas and adherence to the code of conduct, viz Anti-Money Laundering (AML) and Fraud Prevention; Cyber security and Data Protection and Information Security, and Areas of Risk Management and Process Compliance. The trainings are across levels and are self-paced and can be accessed on the go, apart from very specific niche and in-depth areas which are conducted through captive sessions.
What trends do you expect in people moving from other departments such as business, operations, technology, etc. into compliance and vice versa?
The banking industry inherently follows the culture of Job rotation rightly enforced by the regulator for sensitive and key critical roles. While this also mitigates the aspect of people risk, it also creates a funnel of talent with additional skill sets, capabilities and capacity enhancement, if planned meticulously. This evidently increases collaboration between departments. Job rotation also on an employee front reduces burnout, caused due to stagnant roles, creating new avenues for professionals. As organizations recognize the importance of cross-functional knowledge and adaptability, professionals are looking forward to horizontal movements as part of a plan for career enhancements.
Very specific to compliance, as regulatory frameworks evolve, there’s an increasing need for compliance professionals with technical expertise. This can mean a shift from traditional compliance roles toward more tech-savvy positions, such as compliance data analysts, risk managers using AI/ML, or even cyber security compliance specialists. Technology professionals, especially those with experience in data security and system audits, may transition to compliance to ensure their company meets growing digital regulatory demands and interpret complex regulatory data.
Business leaders moving into compliance for strategic alignment: Many business leaders are realizing the importance of compliance in shaping company strategy. As regulations grow more complex and impact business models, professionals in operations or business development might move into compliance roles to help bridge the gap between operational execution and risk management. This shift would also support an organization’s drive to proactively manage legal, financial, and reputational risks while staying competitive.
Rise in compliance in operational roles: As compliance becomes a critical part of every function, people from operations may increasingly take on governance responsibilities. For example, people with operational risk management backgrounds may transition into compliance roles to address regulatory concerns specific to their operational areas.
Hybrid roles in business, operations, and risk and compliance: Cross-functional roles that combine business acumen, operational experience, and compliance understanding are likely to increase in future across industries. For instance, a ‘compliance business partner’ could emerge as a role where professionals leverage both business strategies and compliance practices to help departments navigate regulatory challenges while driving growth and mitigating risks. The same could apply to technology, where IT and compliance experts may work closely together to ensure systems meet the latest legal and regulatory standards while facilitating business efficiency.
Diverse skill sets in compliance: As compliance expands in scope, especially with the introduction of new regulatory requirements, we are observing an increasing need for professionals with multi-disciplinary skill sets. We may see individuals with business, support, or tech backgrounds moving into compliance to ensure they can integrate regulatory needs within the context of their functional expertise.
In conclusion, this agility in roles reflects a broader trend toward organizational adaptability and a recognition of how essential compliance is across all facets of a business, particularly as regulations become more stringent and dynamic.
What special efforts have you and your team undertaken to facilitate compliance?
To facilitate compliance, the people and learning functions are driving various initiatives to ensure adherence to regulatory frameworks and company policies. Regular compliance training sessions are conducted for employees and management, covering legal requirements and industry-specific regulations to enhance awareness and accountability. Clear policies and procedures are established, ensuring a comprehensive understanding of compliance expectations, including regulatory obligations and codes of conduct. Regular audits and monitoring mechanisms are implemented to assess adherence, identify gaps, and make necessary improvements.
HR teams collaborate closely with legal experts and compliance officers to ensure alignment with evolving laws and regulations. Additionally, employee support systems such as anonymous reporting mechanisms and whistleblower programs are in place to encourage a safe reporting culture without fear of retaliation. Accurate record-keeping is maintained for employee contracts, payroll, training completion, and disciplinary actions, ensuring preparedness for audits and compliance checks. Continuous communication and engagement efforts reinforce the importance of compliance and the potential consequences of non-compliance, embedding it into the organization’s culture. Lastly, an internal talent pool is being developed to drive compliance through various strategic initiatives, ensuring a proactive approach to regulatory adherence.
Recent Articles:
Customized credit solution; Seamless intuitive user experience
