There is a common assumption in insurance broking that compliance is primarily a function of frameworks, policies, and controls.
In practice, those things matter—but they are not what determines whether issues are identified early, managed well, or missed entirely.
That comes down to culture.
This was a consistent theme from a panel discussion at last year’s Curium Risk & Compliance Summit, where Heads of Compliance from broker networks were joined by the Chair of the Insurance Brokers Code Compliance Committee (IBCCC). The message was clear: strong compliance outcomes are less about formal structures, and more about whether people feel able—and willing—to speak up.
The problem: silence is the real risk
Most compliance failures don’t start with major misconduct.
They start small:
- an email that was missed
- a disclosure that wasn’t quite right
- a delay that seemed insignificant at the time
The difference between a well-run business and a high-risk one is not whether these things happen.
It is whether they are raised early.
Where culture is weak, people hesitate:
- “Is this really a complaint?”
- “Do I need to log this?”
- “Will this reflect badly on me?”
That hesitation creates delay. And delay turns small issues into systemic ones.
Removing the stigma from compliance
A recurring point from compliance leaders was the need to de-stigmatise compliance.
If compliance is seen as:
- policing
- escalation
- something that creates problems
then people will avoid it.
If it is seen as:
- support
- guidance
- a normal part of doing the job well
then behaviour changes.
This is not about messaging alone. It is about how compliance shows up day-to-day:
- how incidents are handled
- how people are spoken to when something goes wrong
- whether the focus is on blame or improvement
Encouraging early reporting
The IBCCC perspective reinforced a simple but important idea:
Early reporting is a sign of a healthy business, not a problematic one.
High volumes of reported incidents or complaints are often misinterpreted as a risk indicator.
In reality, they can indicate:
- transparency
- awareness
- strong internal processes
Low reporting, on the other hand, can signal under-detection rather than good performance.
The role of collaboration
Another theme from the panel was the importance of collaboration between compliance and the business.
In effective broker networks:
- compliance is embedded, not separate
- conversations happen early, not at the point of escalation
- teams work together to interpret obligations and solve issues
This reduces friction and improves decision-making.
It also changes how compliance is perceived—from a checkpoint to a partner.
What this means in practice
Building a strong culture of compliance is not about adding more controls.
It is about creating an environment where:
- people feel comfortable raising issues early
- questions are encouraged, not avoided
- mistakes are used to improve systems, not assign blame
- compliance is part of everyday work, not a separate function
Technology and frameworks support this—but they cannot replace it.
Final thought
Controls will always be necessary.
But they only work if the right information flows into them.
And that depends on culture.
In broker networks, the most important question is not:
“Do we have the right framework?”
It is:
“Will our people speak up when something doesn’t look right?”
Author:
Tetiana George, CEO of Curium, Co-Chair of Insurtech Australia and member of ASIC Digital Finance Advisory Committee. LinkedIn Profile.
Learn more about our upcoming Curium Risk & Compliance Summit