Compliance: The path of least resistance
I wanted to write an article that could also serve as a form of guidance or training piece. Something that new or aspiring compliance officers could learn from, but also a reminder to myself and others that have been doing this a while of what works and, of course, what doesnât. For anyone working in compliance, before you even start a role in this area, you are fighting an uphill battle. This is because, as I have said many times before, we have given ourselves the worst possible name â âcompliance.â It sends the wrong message to our peers and, quite frankly, sounds outdated and incorrect. I much prefer aligning our function to risk management as that is our aim, after all. We want to help a business understand and manage their risks. We are here to advise on the laws and regulations â and how to adhere to those laws in a way that helps business grow. Compliance rules are designed to keep businesses safe and operations running smoothly. But when these rules are disconnected from the realities of the people who follow them, they become as ineffective as a paved path ignored for a quicker, well-worn shortcut. When compliance feels cumbersome, employees find ways around it, introducing risks that could be avoided with better planning. I have broken this down into âlessons,â meaning they have come from things I have either got right or wrong, but either way, a lesson was learned.
Lesson 1: Compliance need to be realistic and accessible
Imagine a company that rolls out a new compliance policy, which requires an extensive checklist before even minor actions. Initially, everyone follows the rules to the letter. But, soon, employees start skipping steps to keep up with their workload. Compliance policies should enhance workflow, not create unnecessary roadblocks. When policies are complex or out of touch, employees are likely to create their own methods, which may not align with the intended compliance.
A real-world example: One client implemented a multi-step approval process for every technical change, not just via the compliance team, but layers across other departments that simply delayed implementations. What they found was that teams were simply no longer forthcoming with improvement ideas. Team members who were previously forthcoming with suggestions to improve systems or user experience no longer came forward as the number of hurdles arising from the system began hindering progress. The fix? Streamline the development policy so that the most essential steps were emphasised, and minor tasks didnât hold up the process.
Takeaway
Design compliance thatâs easy to follow. By involving employees in the development phase, youâll gain insights into how the process impacts their day-to-day work and adjust accordingly to reduce unnecessary friction. Sign-off processes are vital but must be implemented in a way that is smooth and explainable to the wider teams.
Lesson 2: Barriers can lead to creative detours, not compliance
Some policies act as barriers rather than guides. Picture an office or system where accessing a crucial tool requires multiple sign-offs and password resets. Employees soon start sharing passwords or finding unofficial ways to bypass the process. This defeats the purpose of compliance, which is meant to protect, not inconvenience. We live in an age where people prioritise ease and simplicity. So, we should be making compliance easy for our peers. I have lost count of how many times I see people take shortcuts because the compliant choice is harder, i.e. how many people skip through compliance e-learning training and go straight to the exam because they donât have the 30 minutes available it takes to sit through a bunch of slides⊠Effective compliance should guide, not obstruct. One of our clients faced a similar issue where password changes were mandated so frequently that employees began writing passwords on sticky notes. There was an increase in security breaches and a huge GDPR risk. After revisiting the policy and extending the password change period while adding two-factor authentication, adherence improved without sacrificing security.
We live in an age where people prioritise ease and simplicity. So, we should be making compliance easy for our peers
Lesson 3: Understand the ‘desired paths’ of your team
I love the term âdesired paths;â it is so simple but rarely considered by compliance departments who are typically more focused on installing rules into a business. Urban planners use the term âdesired pathsâ to describe natural trails people create when the paved path isnât practical. In compliance, these show up as informal workarounds. When policies donât match the workflow, employees create their own ways to get things done. For instance, I witnessed a process whereby AML Officers had to re-review accounts on a monthly basis, even if there had been no increase to risk levels or activity. This resulted in them creating a shortcut of âcopy and pasteâ the old reviews with a slight tweak in the notes. It meant they could hit their KPIs, but at the risk of missing something important in their review. If the steps donât add value, employees will skip them. Instead of blaming staff, take the time to understand why theyâre taking shortcuts. It could be that some steps are redundant.
Methodology tip
Map out these âdesired pathsâ during staff workshops. Employees highlight which parts of the process they find cumbersome, and together refine policies to align with actual needs. This not only improves compliance but fosters trust and collaboration.
Lesson 4: Listen to the team â they’re walking the path every day
When I first stepped into the glamourous role of compliance, I thought drafting policies was going to be the focus of my job. I was dishing out policies like there was no tomorrow. After a few setbacks, I sat down with one of my previous teams to find out why they were not following the policy. Someone kindly pointed out that the policies were useless to them because they assumed what their job entails. Too often, compliance policies are created in silos by people removed from daily operations. While well-intentioned, these policies can be impractical. Including the team in shaping compliance processes ensures theyâre both realistic and effective.
Example
One client revamped their compliance approach by creating a cross-department taskforce to gather input from different perspectives. This group identified outdated or overly complicated rules that needed revisions. By including employees in these discussions, the company streamlined its policies and gave teams a sense of ownership.
Make compliance the path of least resistance
Compliance should be a seamless part of operations â integrated, not imposed. Policies that follow the natural flow of work will always be more effective than those that disrupt it. The psychology behind compliance isnât complex: people prefer processes that help them, not hinder. Designing compliance with employees in mind â by involving them from the start and making adjustments based on their feedback â creates a culture where compliance is respected and followed. A compliance policy thatâs easy to follow is one that will be followed. And thatâs the real win for everyone.
Henderson is the Group Head of Compliance for AMLGS, currently applying his services to GIMO and NetBet Enterprises; he started his career working within UK Law Enforcement Agencies as a Financial Investigator and AML expert advisor. He has more than 15 years of experience advising companies in the UK and internationally within sectors including financial services, hospitality and gambling operations. Alex is a dedicated advocate for ethics, risk management and inclusion and has set out his strategic agenda for a culture of compliance across the organisations he works within. He is a frequent guest speaker at ethics, diversity and compliance events with the focus on empowering employees within their organisations to achieve their goals and the highest of compliance standards.
Gambling Insider delivers the latest industry news, in-depth features, and operator reviews that you can trust. Our team combines rigorous editorial standards with decades of specialized expertise to ensure accuracy and fairness. We are committed to delivering clear, impartial, and dependable coverage across the global gambling sector.
