la systeme financiere n'existe pas, parte deux
songs my compliance officer taught me, part 2
American readers! “The Unaccountability Machine” will soon be available in your continent again/properly! It’s available from University of Chicago Press or Amazon (the UCP page has the correct cover - the Amazon one has picked up the graphics for the UK paperback version which is also imminent).
Earlier This Week, on Backofmind dot substack dot com …
For yet another thing I’m doing at present, I’m trying to make the case that many questions of “culture” can be reformed as questions of information design, and I think that the regulation/law enforcement divide is one of them. But this post is already too long, so I’ll return on Friday.
Thinking about cultures of regulation reminded me of an argument I made in “The Unaccountability Machine”, that the “financial system” is a good example of how under a cybernetic analysis, you can often end up wanting to analyse things in a way that pays absolutely no respect at all to org charts. If you want to understand how things work, you can’t assume that an organisational boundary is going to contain a system; rather, it’s quite likely to be an information-reducing filter placed somewhere in the middle of a system.
I argued in the book that for the purposes of answering questions about political economy that are usually described with words like “financialisation”, you have a big problem. Which is that in these contexts, “the financial system”, as it’s normally conceived, doesn’t really exist. (In the sense that one of the criteria for identifying a viable system is whether it could maintain viability on its own, which finance obviously couldn’t). There isn’t a separate financial system, what exists is the financial aspects of all the other systems, which share a family resemblance, and which can often be placed into a building downtown with a logo on the roof, but which are at their fundamental level part of the system of resource allocation and control of the real economy.
Maybe that’s too abstract, so instead I’ll talk about the case in point, and start with a simple statement which everyone will disagree with – the compliance officers and the regulators are, despite everything, working on the same team.
OK everyone did disagree with that. I’ll use an italic font to bring in a load of caveats.
Bearing in mind that cybernetics describes relationships between systems rather than people, and that systems analysis does not follow org charts or organisational boundaries, some activities carried out by compliance departments and some activities carried out by regulators are or can productively be analysed as if they were working toward the same purpose with “purpose” given Stafford Beer’s definition meaning “the kind of outcome that the system tends to produce”.
Are you happy now? Of course not, nor am I but we must carry on regardless. The point here is that the regulatory system and the anti-money-laundering system, to the extent that their purpose is to prevent breaches of the regulations, cross and recross a lot of organisational boundaries, including the very big and important boundary between the state and the private sector.
Organisational boundaries are information-reducing filters, which require a considerable amount of attention to their design – particularly to “translation and transduction”, the activity of making sure that the relevant information has been preserved, and remains in a form where it can be the subject of decisions.
And this is what I was heading toward on Wednesday when I said that I thought a lot of issues of “culture” can be redescribed as questions of the design of structures of information.
In particular, I think the thing which causes the problems here is that in law enforcement cultures, the “future regarding perception” part of the system (System 4, for people who have read the book) is located on the private sector side of the boundary. If the world is changing so as to introduce new ways of committing the criminal offence of money laundering, it’s your job as a compliance officer to find out about them and spot them – the public sector’s role is to spot them when they arrive, and then punish you if you didn’t do your job.
On the other hand, if the world is changing in such a way as to facilitate new ways of issuing securities (say, ICOs), then it’s the job of the securities regulators to know about this, and to make regulations. Unless and until they do, the private sector part of the compliance system is allowed to go about its business. The future-intelligence function is on the public sector side of the boundary, within the overall securities-industry-compliance system.
That’s why people got annoyed – I picked the ICO example for a reason – when the SEC decided to act like a law enforcer. It was a clash of cultures, but it was also a new demand placed on the private sector half of the compliance system which it wasn’t necessarily set up to meet. What actually needed to happen was a renegotiation of the resource bargain, because the SEC had identified a new threat, but lacked the internal capacity (including resources of the valuable commodity of “political cover”) to pick up its end of the bargain and respond with new regulations.
And so we have made a little progress here? I think? I do not actually have a solution to the problem of AML regulation, but we can now at least see that it’s basically an engineering problem, where we have made a decision to put an important piece of information processing capability on one side rather than another of an important attenuator, and now we need to organise the rest of the system to accommodate that decision.
... change other things to accomodate that decision.
Was the missing last line - I would edit the post but I am always paranoid that to do so would result in the email being sent again!
From a previous commenter: «From the private banker's perspective, a compliance officer's job is to stay out of the way and serve as fall guy if the bank is caught. At least in America, it's very hard for a person making $250,000 to push back against a person in the same firm making millions.»
Especially if the person on 250k is a cost and their job blocks profitable deals and the person on millions is a rainmakes and their job makes profitable deals.
«a simple statement which everyone will disagree with – the compliance officers and the regulators are, despite everything, working on the same team.»
They have the same *purpose* but they are on different teams: the pay and promotions of the compliance people and of the regulators are decided by entirely different organizations according to entirely different metrics.
Perhaps I am not a sophisticated cybernetician like our blogger, but let me reason from a position of naivety, one that looks more at incentives and interests than information flow engineering:
* In some regulatory systems the compliance checking is done by teams of regulators embedded within the regulated entities, in which case the compliance checkers and the regulator are literally the same team, they do not have just the same ostensible purpose.
* In that case the interests of the compliance officers would be to focus on important cases and less on covering their backs by spamming insignificant cases, and their incentive would not be to avoid offending the traders on which indirectly their pay and promotions depend (but of course there are "chinese walls" so clearly I do not understand how the world works), but please their enforcement colleagues who write their performance assessments.
Instead it has been for some decades quite popular (not just for AML not just in finance) for government to mandate self-certification for regulated organizations, by asking them to hire their own compliance checkers which has some awesome consequences:
* The self-checking staff gets a huge interest in pleasing the top executives some way or another and a great incentive to obsess about a large number of small issues.
* Being an unfunded mandate it means that taxes need not be raised to fund the costs of compliance checking, and those costs will be shifted by the self-certifying organization onto their customers with the weakest negotiating power.
Look like a win-win to me!
«the problem of AML regulation, but we can now at least see that it’s basically an engineering problem, where we have made a decision to put an important piece of information processing capability on one side rather than another of an important attenuator»
Perhaps I am too dumb to fully understand it is “basically an engineering problem” and not a *solution* that aligns with the interests and incentives of the people who matter as I naively was guessing.