How Miles Davis Might Run A Financial Compliance Program
Classical vs. Jazz Music 🎶
Classical music is very technical in nature; each and every pitch is prescribed to the musician on sheet music, and the musician is expected to play it exactly as it appears. Improvisation is not tolerated. For example, here are the first six bars of the piano part for Beethoven’s Für Elise, in which every note, dynamic, and use of the sustain pedal is dictated:
Jazz music, by contrast, relies on improvisation. As the adage goes:
“In classical music, play a wrong note once and it’s a mistake. Play it twice and it’s Jazz.”
While it is true that sheet music for jazz exists, it often contains long phrases for improvised solos where the musician is expected to ad lib the part. It looks like this:
Classical Compliance Programs 🎼
My first job in FinTech was at a then-tiny US bitcoin exchange in late 2013. Bitcoin was four years old and banks were terrified of it. The startup I was working at was one of a lucky few with a bank partner, allowing us to launch one of the first US-based retail bitcoin brokerages. However, maintaining the relationship with the bank was difficult given the fact that bitcoin had a reputation problem at the time and no other US bank would support a bitcoin business; we were completely on the bank’s terms. The bank provided our sheet music, and were expected to play it note for note.
One of these terms included regular customer audits by the bank. This meant a weekly song and dance with the bank where they would provide a long list of high-volume customers/transactions and ask us to explain the transactions and provide customer KYC documentation to ensure that we were collecting the proper documents on our high-volume customers.
These inquiries were burdensome and instilled a sense of paranoia in the compliance team. We responded in detail and had to run a very tight shop to assure our banking partner; otherwise we could lose the bank and the business would instantly fail, as there were no backup banks.
Rather than taking a risk-based approach, our early Compliance Program took a zero-tolerance approach. Instead of giving our customers the benefit of the doubt on weak suspicious activity alerts, we would simply shut down the account. We were playing Classical, and it was music to our banking partner’s ears. To our Business Development team and the many good customers who were caught up in our zero-tolerance Compliance Program, it probably sounded more like nails on a chalkboard.
Jazzy Compliance Programs 🎷
As bitcoin entered the mainstream a few years later, more banks began supporting bitcoin FinTech startups. I was still working for the same company, which at this point had consumed most of the US market, had gone international, and enjoyed the security of multiple banking partners.
Our Compliance Program had evolved accordingly. Rather than rushing to close an account on each and every suspicious activity alert, we developed a set of Policies and Procedures to provide guidelines for when to dismiss alerts and when to action accounts. Our internal expertise in blockchain analytics grew with the research required to develop these Policies and Procedures.
Our Compliance Program was maturing. The frequency of customer audits from the bank declined until they eventually ceased altogether. We were closing fewer good accounts, and more bad accounts. We took the initiative to investigate many bitcoin hacks (some of which had nothing to do with our company or customers) and provided investigative assistance to law enforcement and competitors alike. We were actively training Federal law enforcement agencies on how to trace bitcoin. We were playing Jazz, and both our banking partners and our customers were enjoying the music.
So What?
Point is, you want your Compliance Program to sound more like Jazz rather than Classical music.
Compliance Officers of early-stage FinTechs that are still building trust with their banking partners and do not have the luxury of a mature Compliance Program should acknowledge to themselves and their colleagues that Compliance Programs evolve and mature over time. Having a mature Compliance Program and backup banking partners will enable the business to take more compliance risks in the future. That said, you may need to play Classical music before learning Jazz.
