Part 1: Painful lessons from financial services

We recently published a white paper outlining how compliance and organizational culture are inextricably linked. This is particularly relevant for innovative born-digital companies whose race to expand have outstripped their ability to lay the groundwork for healthy and, more importantly, sustainable cultures.

Conduct abuse; data mishandling; compromised integrity… Corporate misconduct, while taking many forms, has become increasingly prevalent for rapidly scaling born-digital companies. With so much investment and energy poured into rapid expansion, we often see insufficient attention paid to the arduous process of laying the foundation for a healthy organization. We frequently see the meteoric rise of juvenile startups into teenage and even grownup giants, while the hard work of aligning strategy, organizational structure, and culture trails as an afterthought. That is, of course, until friction points fester into toxic patterns of behavior and we are forced to pay attention.

Toxic cultures create real damage and can erode consumer trust. Costly and embarrassing lessons from the financial services industry remind us that prevention is worth its weight in gold, particularly when the alternative leaves the door open for reputational damage, expensive and often unsuccessful remediation from regulatory and law enforcement scrutiny. The financial services industry alone has faced over $330Bn in penalties since 2000 for toxic securities abuses, FX market manipulation, and consumer protection violations to name a few. Now consider the erosion of consumer trust that follows. When the revenue models of born-digital companies rely so heavily on consumer data and, as a result, consumer trust, these companies must protect their highest source of value.

Symbolic gestures are insufficient. As remedial actions, compliance department reshufflings and improved data privacy standards have proven solid steps in the right direction. However, recent lessons tell us these measures fall woefully short.

What does this mean for born-digital companies under increased scrutiny for data privacy or cybersecurity violations? Hiring a Chief Privacy Officer or building out your Compliance department is important, but not sufficient. Particularly as the fail-fast cultures that helped fuel unprecedented digital growth are beginning to create environments that make it startlingly easy for individuals to engage in unethical and potentially damaging behavior. 

So what’s the solution? Luckily, common structural, systemic, and cultural flaws across born-digital companies are surfacing similar symptoms and patterns of behavior, making it easier to identify and mitigate root causes. Even better positioned are those companies who appreciate the need for preventative care. But more on that next time.