I recently recommended a piece in two installments by financial technology blogger Patrick McKenzie, in particular a section on how laws against lying to banks enable (and are meant to enable) prosecutors to go after offenses unrelated to banking. There’s much more in McKenzie’s piece, including a pointed discussion of how the modern regulatory apparatus tends to inculcate a certain posture from the compliance staff of regulated entities:

Regulation is an iterated game; both regulators and financial institutions expect to meet each other many times over the years. Regulators, in particular, expect to meet individual CEOs and Chief Compliance Officers many times over their careers, and derive a portion of their power over large organizations by being able to end individuals’ careers.… everyone knows that a Compliance Officer who has lost the trust of their regulator is done.

I would add that this fatal sanction of the lifted eyebrow (as it has been called in some other legal contexts) is even more final in lacking any formal process of appeal or review, by a judge or otherwise.

Financial regulation is a trust game; merely conveying to reference checkers that you’d prefer not dealing with someone again is enough to blackball them. ….Compliance reports to two masters by nature and everyone who deals with compliance is aware of this.… You simply need to be able to function as a profit‐​seeking capitalist and responsible professional who is also, at society’s direction, expected to be a deputized law enforcement officer, and you need to be acutely cognizant of that and not complain about it.

The “not complain about it” element is worth a closer look, because it has implications both for the rule of law and for the degree to which public discussion of regulatory matters can be expected to proceed in a frank and free manner. For example, if you as a responsible bank executive have doubts that the KYC (know your customer) category of federal regulations amounts to some sort of bureaucratic make‐​work or worse, “you definitely cannot say that out loud,” McKenzie says. 

You can certainly think it to yourself, but whatever your qualms about the rationale and downstream effects of your responsibilities, the name of the department is Compliance and you must comply gladly. You will be trained—mandatorily, like every other worker in finance is trained, down to the least senior teller capable of opening a cash drawer—how important it is that you make a conspicuous effort in taking compliance (and Compliance) seriously.

More on the “culture that is Compliance departments”:

Compliance is performed. The word frequently used to describe the tenor of this performance is “ingratiating”, as if one is a courtier to a monarch who is not unreasonable but does have a reputation for executing other‐​than‐​diligent courtiers.

These facts have implications both for the general observance of the rule of law and for the politics of whether and by whom, if anyone, bad regulations get pushed back against.

While the passages above are nominally about banking, they can be readily carried over to many other regulated sectors, from FDA compliance to federal contracting law to the utilities business. Beyond their significance in understanding particular company cultures, they also help explain why many sectors of the business community are simply unwilling to push back in a vocal public way and with firsthand documentation against regulations they believe directly to be useless or bad.