In today’s quickly changing and strictly controlled world, innovative product teams see compliance not as a necessary evil but as a competitive edge. They embrace regulations as a pathway to product safety, but also as a route to innovation and, to use a modern buzzword, “trust-building” with their users. This new perspective makes it imperative for product teams to work closely with compliance teams. More collaboration means both more efficiency and more resilience when teams hit inevitable slowdowns. This virtuous cycle enables these forward-thinking firms to build better, safer products.
About the Expert
Nebius’ Kira Balabanova has specialized in mobile apps for iOS and Android as well as websites during her over ten years of experience in B2C and B2B software development. In the fintech sector, Kira has successfully led a multitude of projects from inception to launch. Her many achievements include leading the push to create an actual Fiat+Crypto Card that met all compliance hurdles by the time it launched.
Kira’s experience in leading Product initiatives allowed her to speak with authority on the matter of mixing compliance into the lifeblood of products.
Kira explained that constant attention to compliance is necessary when working in a high-stakes area like finance. This is even more true when one considers that products built in the financial space have a tendency to impact large numbers of people (think back to the 2008 crash). Kira notes that today, compliance is largely an afterthought during product development; failing to consider how a product will comply with the relevant regulations during the course of its build is a huge risk. Since today, building allegedly non-compliant products seems to be a greater risk (in both a legal and reputational sense) than not innovating at all, Kira believes that getting compliance and the relevant professionals involved during the early stages of a product’s life is simply essential.
“Product teams often avoid involving compliance professionals from the early stages of a project. Compliance professionals tend to ask uncomfortable questions, add constraints, and insist on requirements that may not seem immediately essential to product teams. Many product managers, myself included for many years during my career in Fintech, have postponed the “compliance stage” for as long as possible.
In my view, this phase can feel like one of the most challenging (and least engaging) parts of product development. Teams often feel emotionally that compliance is “putting a spoke in the wheel.”
After reading Silos, Politics and Turf Wars: A Leadership Fable About Destroying the Barriers That Turn Colleagues Into Competitors by Patrick Lencioni, Kira’s view of compliance changed. In her opinion, what’s great about Lencioni’s book is its powerful message about preventing and dismantling silos, which Kira believes is the key to not just organizational effectiveness but also to seeing the compliance/product development bridge as a span instead of a gap. That message makes Kira’s own work as a compliance officer more meaningful.
The Strategy
View Compliance as a Partner and Co-Creator
Kira suggests that product teams need to think of compliance teams as “co-creators” and not just ‘stakeholders’. They should be engaged with and shown care for their input. Essentially, treated like partners. In this collaborative environment, their expertise can be leveraged to enhance the product instead of viewing their involvement as an obstacle in need of overcoming.
Example: JPMorgan Chase has integrated compliance into its product development. By involving compliance in the early stages of mobile banking app development, the biggest bank in America ensures that these apps not only meet rigorous regulatory standards but also deliver a friendly user experience. The same holds true for these other major product categories Kira examined.
Involve Compliance Early in the Product Development Process
Kira thinks it is essential to involve compliance professionals from the very beginning of product development. She recommends engaging them in the initial stages of product development and asking them to do what they are best at, challenging ideas and providing a perspective that is critical but not negative. Kira contends the practice they are developing may seem counterintuitive at first but will become something they look forward to after a while because it is productive and even (as Kira puts it) enjoyable.
Example: PayPal’s integrated approach to compliance is one of the key reasons the company has been able to build a global user base. Why? Because the world is not just one, but many, laboratories of regulatory experimentation.
Organize Regular Demo Sessions for the Compliance Team
Kira believes that holding consistent demo sessions for the compliance team is extremely valuable. These can either be a part of product demos or separate meetings. Making sure that a member of the compliance team is present, and that they have the chance to ask questions, helps to ensure that the product development team and the compliance team are working in concert.
Example: In product demonstrations, Stripe includes compliance team members. This way, new features and regulatory updates are guaranteed to be given a meticulous once-over by the sign-off squads, significantly cutting down the risk that what’s about to be launched is dodgy.
Formalize Compliance Requests
When dealing with compliance requests, accuracy is essential. Kira recommends that all requests be formalized so that the necessary details are provided and nothing is overlooked. Once, she created a specific task type in Jira and explained it to the compliance team. They liked it because it allowed them to have traceable artifacts rather than fragmented emails.
Example: IBM uses a ticketing system to manage compliance requests. This system allows for clear communication and better accountability. It enables the compliance team to keep everybody informed about anything that is related to compliance.
Centralize Storage for Compliance Documents
Kira believes that compliance can be achieved only when official documentation is accessible and organized and that it can be reached only if there are repositories that are easy to find and that store the documents that need to be found in a way that’s easy to comprehend at first glance.
Example: A centralized repository for compliance-related documents is frequently established in Confluence, shared with all relevant team members. This ensures that all members of the team are operative in the loop, to the extent that they need to be, with relevant and necessary compliance documents and the most up-to-date regulatory guidelines.
Perform Regular Reviews with the Compliance Team
Because regulations can change so quickly, Kira insists on holding regular reviews with the compliance team. The reviews keep everyone current and help avoid any inconsistencies that might arise when a rule changes and not everyone knows about it yet. The first step she takes to ensure the team is up to date with anything new is to go over and confirm that the products are still adhering to the most current set of standards.
Example: Every three months, Microsoft takes an account of the state of its cloud services. It runs a test, of sorts, to see if everything is not only compliant at the moment but also stays compliant in the long run. And if anything looks suspicious, the quarterly test is designed to help Microsoft identify it and fix it. For a company that serves customers all over the world, with a service that involves storing people’s data across many different jurisdictions, these quarterly reviews must be a Hell of a Thing to run.
The Outcome
Implementing these strategies yields several positive outcomes:
- Better Understanding Between Product and Compliance Teams: Kira sees enhanced communication and teamwork as the path to achieving team alignment. She credits this alignment with the creation of new products that meet regulatory requirements without stifling innovation.
- More Accurate Planning for Compliance-Related Launches: Compliance professionals should be involved as early as possible in the planning process for product launches. This is because compliance aspects need to be planned out, too, and if they’re not, last-minute changes could become unavoidable and likely chaotic.
- Better Expectation Management: Effective communication and well-established procedures minimize the potential for misunderstanding and result in a project that moves ahead on a much more predictable timeline.
- A More Friendly and Calm Atmosphere Overall: Kira thinks that a shared work atmosphere is better. It is less stressful, open communication is daily, and collegiality is the norm. This, she believes, is good for business because it promotes a kind of communication that makes a company run smoothly across diverse departments.
And Lastly
Kira believes that building compliance into product development in highly regulated sectors is not merely a matter of checking off compliance requirements on a to-do list. In Kira’s view, it is much more about creating a seamless integration that adds value to the end product and also satisfies regulatory demands. In order for product teams to do that, they must treat the folks in compliance as partners; involve them from the get-go; and have them see the product, not as a regulatory impediment, but as a pathway to the kind of end-to-end, full-stack product that regulatory bodies expect.
For further insights on integrating compliance into product development, Kira recommends:
- Silos, Politics and Turf Wars: A Leadership Fable About Destroying the Barriers That Turn Colleagues Into Competitors by Patrick Lencioni
- Understanding Cloud Compliance For Data Security and Privacy by DigitalOcean
