In the high-stakes world of financial services, there is a dangerous assumption: that writing a rule means people will follow it.
We see it in every sector, but nowhere is it more acute than in RegTech. Companies produce 300-page policy documents on "Non-Financial Misconduct" or "Risk Frameworks." They ask employees to sign them once a year. And then they are shocked—genuinely shocked—when a crisis hits and those employees act on instinct, not the PDF they skim-read eleven months ago.
Yesterday, at the Fintech Tables RegTech forum in Edinburgh, we sat down with leaders from across risk, compliance, and governance to discuss this exact gap. The consensus? Policy provides the structure, but culture provides the safety rails.
The "Grey Area" Problem
As one participant noted under Chatham House rules, "People generally want to do the right thing." The problem isn't malice; it's ambiguity. When a decision is messy, time-bound, and pressured, your staff don't have time to consult the handbook. They look around the room. They ask: "What does 'good' look like here?"
If your culture prioritises the "HiPPO" (Highest Paid Person's Opinion) over data, your staff will stay silent when they see a risk. If your culture punishes every mistake, they will hide the small errors until they become catastrophic ones.
5 Cultural Traits That Actually Mitigate Risk
During our session on cultural traits, we mapped out the behaviours that actually build resilience. It wasn't about "compliance checking"—it was about human behaviour.
Psychological Safety: Can a junior analyst challenge a senior director without fear? If not, you have a blind spot the size of your boardroom.
Clarity over Volume: Stop measuring policy success by word count. Measure it by understanding. Can your team explain the rule to a new joiner in 30 seconds?
Continuous Learning: When things go wrong (and they will), is the first question "Who did this?" or "What in our system allowed this to happen?"
Healthy Challenge: Conflict isn't bad. Unresolved, silent conflict is bad. A culture of healthy challenge prevents groupthink.
Authenticity: Do leaders walk the walk? If the CEO bypasses controls, no amount of training will make the team follow them.
How SolasPerform Bridges the Gap
This is exactly why we built SolasPerform. We realised that traditional performance tools are retrospective—they look at what happened six months ago.
To build a resilient culture, you need real-time evidence. You need a system that captures the "good behaviour" (the healthy challenge, the crisis resolution) in the moment, without adding admin friction.
SolasPerform ingests this evidence from the work you are already doing—emails, documents, project updates—so that compliance isn't a separate "check box" exercise. It becomes part of the operating rhythm of the business.
Because in the end, regulators don't care about your policy document. They care about your decisions. And the best way to prove good decision-making is to make it visible, every single day.