Following the Rules

Today’s episode is produced in association with Willis, one of the world’s leading risk advisory, broking and solutions businesses.

It is also part of a Following the Rules series delivering practical guidance on navigating legal, regulatory, technological and cultural change.

Insurance has traditionally been viewed as a way of transferring risk. But for financial institutions facing rising regulatory scrutiny, growing cyber threats and the rapid emergence of AI, insurance is now becoming a much more strategic board level issue. Boards are increasingly expected to understand exactly what they’re buying, what it covers and how it fits into the firm’s wider resilience strategy.

So what does good insurance governance actually look like? How should firms decide what cover they need? How much is enough? And as risks become more interconnected, where are the biggest gaps beginning to emerge?

Joining us to discuss these questions are three experts in the field.

Claire Nightingale is a former bank General Counsel and Head of Global Banking Compliance who now helps financial institutions navigate and recover complex insurance claims as Global Head of FINEX Financial Institutions Claims Advocacy at Willis. Andrew Hill is a former insurance lawyer who now leads Willis’ Cyber Coverage and Innovation team alongside its AI coverage strategy. And Paul Search is a Managing Director at Willis, specialising in operational risk, insurance strategy and capital optimisation.

Together, they unpack why insurance is becoming a board-level issue in entirely new ways, and what firms need to do now to stay ahead.

Today’s episode is part of a Following the Rules series exploring how financial institutions can navigate legal, regulatory, technological and cultural change in practice.

In this episode, we look at why traditional approaches to compliance training are increasingly falling short in a regulatory environment focused on culture, conduct and behavioural risk.

Against this backdrop, firms are now facing difficult questions. Why do so many training programmes fail to change behaviour in practice? Where are institutions most exposed when culture and compliance fall out of step? And how can organisations create environments where people feel confident to speak up before problems escalate?

Joining me to explore these questions is Alison Sneddon, an employment lawyer and workplace investigations specialist who has spent her career advising financial institutions on whistleblowing, culture, employee misconduct and regulatory risk. She is also the founder of Conduct Counsel, a specialist training provider for financial institutions.

Together, we discuss why traditional compliance training is often missing the mark, how the FCA’s new non-financial misconduct rules are changing expectations, and what firms need to do now to build cultures that are genuinely respectful, psychologically safe, and regulator-ready

 

----

For more on Conduct Counsel: www.conductcounsel.com

Today’s episode is part of a Following the Rules series delivering practical guidance on navigating legal, regulatory, technological and cultural change.

In this episode, we turn to a role that has quietly but fundamentally shifted over the past decade: the Chief Compliance Officer. Once seen primarily as a control function, compliance is now expected to sit at the centre of strategy, shaping decisions, influencing culture, and helping firms navigate an increasingly complex and fast-moving regulatory environment.

But while expectations have evolved, practice has not always kept pace. Many firms are still grappling with how to move beyond checklist compliance, how to prioritise effectively in the face of competing demands, and how to embed compliance thinking into everyday decision-making, not just frameworks and documentation.

So what does good look like in practice? Why do compliance programmes still struggle to deliver consistent, decision-useful insight? And how can firms reposition compliance as an enabler of sustainable business, rather than a cost centre?

Joining me to explore these questions are Natalie McManus-Barnett, a former regulator at the Financial Services Authority and senior compliance leader at Citigroup, now founder of thought leadership institute Innovate Compliance, and Jennifer Geary, a former Chief Operating Officer and Chief Risk Officer with senior roles at Barclays and Santander, now a non-executive director and author of five best-selling books in the C-Suite series.

Together, they have brought their experience into a new book, How to Be a Chief Compliance Officer, which sets out a practical framework for modern compliance leadership.

If you are thinking about how to make your compliance function more effective, more credible, and more aligned with business strategy, this episode is for you.

----

More on The C Suite Framework: https://csuiteframework.co.uk/

More on Innovate Compliance: https://www.innovatecompliance.co.uk/

Today’s guest argues that after decades of regulatory expansion, compliance is still failing at the basics. From incomplete client records to fragmented legacy systems, he warns that poor data remains one of the industry’s most persistent, and underestimated, risks.

He challenges the industry’s growing reliance on process, questioning whether accountability regimes and surveillance have come at the expense of judgment, culture and open challenge - the very things that prevent problems before they crystallise.

And he explores what happens as technology accelerates ahead of understanding, from AI-driven efficiency to the rise of crypto, warning that regulators and firms alike risk falling behind the businesses they are meant to oversee.

Mark Taylor began his career at the Securities and Futures Authority, a predecessor to the Financial Conduct Authority, and spent two decades at Goldman Sachs in various senior compliance positions including its EMEA Head of Financial Crime Compliance. Since 2023, he has run consultancy Ibex Compliance as its partner.

Today’s episode is a special one, produced in association with Smarsh, an AI technology firm providing global financial institutions with tools to capture, store and monitor their communications across 100+ channels. 

This episode is part of our ‘Following the Rules: How To’ series, focused on practical guidance for firms navigating legal, regulatory and technological change.

In this episode, we turn to trader voice - a mission-critical part of market infrastructure now under growing pressure as trading evolves, with hybrid working, mobile devices, multiple platforms, shorter settlement cycles, and increasing regulatory scrutiny around supervision, auditability and operational resilience.

That raises some important questions.
Are the voice systems many firms still rely on fit for today’s environment?
What does good look like under current regulatory expectations?
And how should firms be thinking about surveillance, data and defensibility as scrutiny continues to increase?

Joining me to discuss this are Eric Wiggins, product marketing director at Smarsh, and Shaun Hurst, principal regulatory advisor at Smarsh.

They share their perspectives on how the risk profile of trader voice has changed, where legacy infrastructure falls short, and what firms should be doing now to build voice frameworks that are genuinely regulator-ready.