It is a pleasure to be speaking to you today. Before I begin, I must give the standard disclaimer that my own compliance team prescribes — that is, that the views I express here today are my own and do not necessarily reflect those of the U.S. Securities and Exchange Commission or my fellow Commissioners.
Your contribution as compliance officers is key — not just for your firms, but for securities markets as a whole — because investors are reluctant to invest if worried that they are inadequately shielded from fraud and other violations. Let me start, then, by thanking each of you for your hard work ensuring that investors are protected against misconduct. And let me also underscore that compliance is not something to begrudge. To the contrary, effective compliance makes good business sense.
* * *
Without question, these are challenging times for firms and regulators here and around the globe. As a result, some have called upon broker-dealer firms to devote greater attention to compliance. This leaves the wrong impression, as compliance always should receive focused attention, both in good times and in bad. As all of you know, misconduct can occur in bull markets, as well as bear markets. Neither you nor the Commission should be lulled into a false sense of comfort when stock prices are rising and few are grumbling. Nor, of course, should we overreact when markets plummet.
The individuals you have heard from today have undoubtedly highlighted matters you should watch out for and offered best practices for you to consider implementing at your firms. In my few minutes, let me underscore one thought: We all could do a better job spotting risks.
Recent events have drawn attention to the importance of risk assessment. For those in this room, a particular focus is compliance risk, as compared to business risk. A risk-based approach to ensuring compliance is difficult to implement. At a minimum, it requires bringing to bear a range of perspectives and experiences to sharpen our understanding of where risks lurk and how best to anticipate them.
Risk assessment is inherently forward looking and thus uncertain. It is not enough to track what has happened and project from past experience into the future. Indeed, if compliance oversight depends too much on lessons from the past, we telegraph to wrongdoers how to conduct themselves going forward to sidestep detection. Determined wrongdoers will draw the same lessons as we do and take steps to elude us. Accordingly, effective risk assessment means anticipating what will happen, not settling for understanding what has happened. We can study the past, but it is only the beginning of what it means to assess risk. Determining risk involves anticipating the motives and incentives of those who look to evade the law. Put differently, we need to think like the wrongdoers of today and tomorrow, not just of yesterday. Compliance officers and their firms, as well as the Commission, need to stay a step ahead.
There is always room for improvement. At the Commission, we must improve upon our experience by adding more non-lawyers to our ranks if we are to spot concerns more effectively before the fact and not find ourselves reacting after the fact. We need to hire more traders and individuals with deep experience in finance — individuals who, having been in the business, will empower the Commission by affording us an even more textured and refined understanding of regulated entities, markets, and trading. More to the point, the Commission's ability to draw on additional trading and finance expertise would better position the SEC to identify fraudulent and manipulative techniques that may otherwise go undetected for extended periods.
Effective compliance oversight is not a science that can be learned from a textbook. There is, in other words, no single blueprint for assessing risk or otherwise ascertaining compliance. Rather, ensuring compliance is in part an art that benefits from the kind of in-the-trenches know-how that experienced trading and finance professionals uniquely offer.
Having said this, let me inject a word of caution for both regulators and firms. The kind of forward-looking approach to risk that I envision cannot rely on what history tells us is troubling. Because historical information and hindsight are only so useful, additional uncertainty will surround what we are looking for and what it means when we find it. Thus, when risk assessment involves anticipating what could happen even if it has not yet happened, it is important not to overreact. We should not too quickly equate smoke with fire. Something identified as a risk may, as events unfold, prove to be benign. In fact, we may decide that the conduct, although it had caused concern, should be encouraged. The practical point, then, is that while we need to use innovative techniques to spot previously-unseen risks, we need to guard against taking uncalled-for precautions that deter beneficial behavior.
* * *
Let me conclude by expressing how much I appreciate your diligence in working to combat misconduct. As I mentioned at the outset, you are an essential link in our securities markets. If you happen to be in Washington, D.C., don't hesitate to reach out. My door is always open.
Enjoy the rest of the program.