Scoping the Size of Compliance Workforce
Several weeks ago I had a podcast about the new accounting standard for leases, where a main point of discussion was that companies lack the skilled workforce talent to implement the standard efficiently. Two questions have been bugging me about that discussion ever since.
Why is that? How tight is the market for skilled compliance talent right now?
Clearly it’s valid to say that compliance with the new standard for leases is difficult, because the Financial Accounting Standards Board just proposed giving private companies another year to implement it. But the leases standard is only one instance of a broader issue.
For example, not only does FASB plan to extend the deadline for the leases standard. It’s also going to give private companies another year for a new standard on hedging, and two extra years for a new standard on credit losses.
Also consider why FASB is granting these extensions. First, because private companies are swamped this year with implementing a new standard for revenue recognition; and second, because public companies are struggling with that new leases standard right now. So all the lessons private companies might learn from public filers, or all the talent private companies might scoop up after public filers complete their implementations, aren’t available yet.
That’s only in the realm of corporate accounting. I also noticed a recent article in the Wall Street Journal about the gigantic data breach Capital One disclosed in July. The article explored how a bank with such an esteemed cybersecurity function could suffer such a disaster. One main reason: high staff turnover (one-third of the department departed in 2018!) leading to slipshod implementation of security upgrades and maintenance. If this is happening at one of the largest banks in the country, with ample resources, it’s happening elsewhere.
In financial reporting, we also have the arrival this year of critical audit matters in the audit report (Microsoft became one of the first to disclose CAMs a few weeks ago), which inevitably will lead to more revisiting of internal controls. In ethics and compliance, we have a vast move toward digital processes for, well, everything; and an attendant push for strong analytics functions to put all those digital processes to maximum use.
That’s a lot of work. So how tight is the labor market for compliance workers doing it all?
Workforce by the Numbers
The Bureau of Labor Statistics has some data about employment in the compliance, audit, and security professions — but nothing quite on point for what we want to know.
For example, I pulled together data from 10 fairly large metro areas around the United States. It’s from May 2018, the most recent month available. See Figure 1, below.
This picture doesn’t feel right to me. Nearly three times as many compliance professionals in Boston than in Charlotte? Charlotte is a gigantic banking hub, and banks are full of compliance officers. More compliance jobs per 1,000 people in Phoenix than anywhere else, but the lowest mean annual wages there? That would only happen if corporations were sourcing compliance back offices to Arizona. They might be, but I heard that all the jobs were being sourced to Jacksonville.
You might also wonder how BLS defines “compliance officer.” The definition is this:
Examine, evaluate, and investigate eligibility for or conformity with laws and regulations governing contract compliance of licenses and permits, and perform other compliance and enforcement inspection and analysis activities.
That definition is correct as far as it goes, but it doesn’t go very far. For example, it doesn’t include training and development specialists, when training is a significant part of what many compliance officers do. It doesn’t include auditors, who also play crucial roles in compliance and can often be the compliance function.
I also pulled up employment data for “accountants & auditors” in those same 10 cities. The results are in Figure 2, below.
Again, I don’t doubt the accuracy of the statistics. I doubt whether the definitions the BLS uses capture what we mean when we talk about what compliance professionals do. For example, neither of our charts above capture lawyers working in compliance, or financial examiners, or records managers, or HR specialists following up on hotline calls, and so forth. There’s just too much that goes into corporate compliance programs today to be captured in these fixed categories.
Or by the Issues?
Go back to all those new standards and implementation projects we mentioned above. That work is difficult because it’s about redesigning business processes to reduce different types of risk, and to know that you’ve reduced the risk. They involve sweeping, enterprise-wide reforms to improve governance.
For example, the leases standard isn’t just about reporting the value of operating and financing leases on the balance sheet. To achieve compliance, firms need better management of their processes to lease assets, from start to finish: how items are leased, what the terms are, who does the leasing, how that data is stored, how that data is summed up and disclosed in financial statements, and so forth.
Or in cybersecurity, compliance with security and privacy standards isn’t just about keeping hackers away from data. It’s about governing how employees and third parties use confidential data within the organization’s control. That’s everything from access controls, to third-party due diligence, to data deletion policies, and much more.
Confining all those duties to specific job categories is a fool’s errand. The ingredients for success in this emerging world of compliance are much more about forging alliances with key partners elsewhere in the business, grasping the nuances of how to achieve business and regulatory objectives, and blending business acumen with subject matter proficiency.
In other words, it’s about knowing how to put people, processes, and technology together to achieve different types of objectives at the same time.
That sounds more like general professional or managerial work to me. If we measure the compliance profession by that standard, we find that total employment has risen by 40 percent since 2000; and unemployment has mostly been 2 to 3 percent, except for a few years in the early 2010s when it “spiked” to 5.7 percent. See Figures 3 (jobs creation) and 4 (unemployment rate), below.
What does all this mean for compliance professionals’ employment in the future? That’s something to explore in a future post. Suffice to say that whether we define the compliance workforce by numbers or by substantive issues and duties — yes, that market for skilled labor is tight.
No wonder we’re all struggling to keep up.