This speech was delivered by Theodor Kockelkoren, Inspector General of Mines, Staatstoezicht op de Mijnen, at the Leaders in Finance Compliance Event which was held on the 18th of September 2025.
–> Leaders in Finance Compliance Event 2026 will be held on the 25th of June.
Ladies and gentlemen,
I am honoured to be with you, a well-established compliance community. You have been mainstream and growing for over two decades. The number of compliance staff now compared to the turn of the century is staggering. Compliance as a function has become more solidly engrained in organizations including boards. Today, a world without compliance is impossible if not unthinkable.
Should we interpret this development as a menace, from a ‘system says no’ perspective? Or should we interpret it as an accomplishment? A reflection of our technological advancements and the complexity of our societies?
Where the common interest value chain ends
Before we explore these questions, let’s look at compliance as the end of what I will call the common interest value chain. This chain starts with defining common interests. Oftentimes done in society without state intervention. However, increasingly politics takes over and decides state intervention is required. The underlying logic is that without intervention the common interest would cease to exist. State intervention most often involves crafting regulations—a dominantly political step. In the wake of regulations, organizations respond, the larger ones with compliance functions and systems.
Big compliance growth motors—such as the U.S. Sentencing Guidelines, Sarbanes‑Oxley, the Patriot Act, the EU’s GDPR and successive AMLDs—have typically beegn triggered by societal discontent or crisis. Politics moves and the state intervenes to redress injustice or limit harm. Organizations then respond, the larger ones with significant compliance programs. Looking back to banks in the past twenty years, it is fair to say that limiting financial crime as an overarching common interest has driven the enormous growth of compliance staff.
Compliance is also relevant when safeguarding common interests without state intervention. Ensuring industry standards and certifications are met is, essentially, compliance as well. These standards do not follow from political decision‑making, but rather from societal decision‑making when communities of experts and professionals recognize the common interest in, for example, technical, safety, or management standards.
Today there is a far denser framework of standards guiding industry than existed two decades ago. The growth has been fueled by rapid technological innovation, especially in high‑tech arenas. For example: by the end of 2008 the International Electrotechnical Commission (IEC) had published just over 6,000 standards; by 2023 the IEC reported more than 20,000. That is a multifold increase in little over a decade and a half—evidence that complexity and innovation go hand in hand with more rules and norms.
In this light, the avalanche of new regulations for the financial industry in the past two decades—just as in tech—can be seen as a reflection of its innovativeness, growth, and significance in society. With continued innovation and new technologies such as cryptocurrencies and AI, we have not seen the end of regulatory growth, and quite likely not the end of compliance growth either.
So we can see that compliance is driven by politics, society, and technology. Some of it seems inevitable and even desirable—for example, to ensure technology works well and does no harm. Some of it is debatable and to some undesirable—for example, to ensure the safety of AI systems or the safeguarding of the integrity of the financial system.
Our values drive our perspectives
Now back to that penetrating question: is the growth of compliance a menace or an accomplishment? Your values will drive your perspective. If you stress individual performance and prioritize individual freedom over collective responsibility; if you think people can and should take care of themselves, and therefore the state should retrench to minimal essentials—safeguarding property rights, maintaining security– you will think we have overshot; and the growth of rules and regulations is insane.
However, if you stress individual responsibility alongside a shared responsibility for our collective wellbeing; if you think that when people have fallen—or are inherently unable to cope with the challenges of our changing societies—they need to be cared for to some degree and therefore the state should provide and deliver on a wide range of politically defined common interests; then you will probably see compliance as a reflection of that shared responsibility, in which not only individuals but also organizations contribute to the common interest.
I just painted these two perspectives in black and white. In reality, most of us hold a mix of these values depending on the domain—healthcare, finance, technology, environment. But the key point remains: values drive the common interest value chain and how we read the rise of compliance.
Fact based dialogue preceding decision making: easier said than done
Oftentimes, the public, political debate on regulations and compliance is conducted in black‑and‑white terms as well. Needless to say, in reality the way people look at compliance is much more diverse and nuanced.
Since humankind is gifted with such diversity, the debate about compliance will last forever—and it should. We need it at societal level, within our sectors, and within our organizations. It is our common responsibility, especially as compliance community, to take good care of this debate.
A proper debate means first having a fact‑based dialogue before decisions are taken. Easier said than done. “Fact‑based,” “dialogue,” “decision‑making”: each of these is fraught with challenges. Let’s explore them.
Fact based
There is a recurring debate about why we have so many regulations, especially in comparison to the U.S. Yes, since the turn of the century there are many more rules and regulations. And although this is also the case in the U.S., the Draghi report mentioned around 13,000 acts at EU level alone over five years—well over twice the flow at the U.S. federal level. This is not a perfect comparison—there are few true like‑for‑like benchmarks, as Draghi also notes. Is it not striking we lack good comparative metrics?
There was one exception. The Draghi report cites a comparison of the regulatory approach to banking between the U.S. and the EU, commissioned by the European Banking Federation. That benchmark finds that, as a result of regulations, U.S. banks are roughly one full percentage point more profitable (using RoE). It suggests that much of that difference flows from higher safety standards rather than simply “more rules”. The report also points to a reduced ability of EU banks to fund businesses. What it is thinner on are the benefits: how much safer are European banks, and can we test and measure their resilience? Benefits are harder to quantify; that should not be a reason to pass them over.
Another example is the decades‑long grapple with financial crime that led to successive EU AML directives, U.S. laws such as the Patriot Act, and the FATF’s expanding standards. This regulatory avalanche has driven banks to hire tens of thousands of compliance staff and spend heavily on KYC, transaction monitoring and reporting. The drivers were powerful: the post‑9/11 push to cut off terrorist financing and geopolitical pressure via FATF grey/black‑listing. Yet where are the hard‑nosed evaluations of both costs and benefits? For AML, quite some research exists, but insights are much clearer on the cost side than on the benefit side. Where are the benefits? Has the AML system help fight financial crime significantly? Or has financial crime found sufficient alternative channels? Can our approach become more clever?
Better data and information are critical. The frequent absence of good comparisons and cost–benefit calculations for regulations is frankly unacceptable. Why are we not spending more time and resources to do this better, so our dialogue and decision making becomes fact based?
Dialogue
Dialogue is needed at a societal level. How to do that—especially when values collide and trade‑offs must be made? The banking example may serve as an illustration of a broader challenge: how much cost do we accept for how much increased safety and resilience? We have grown more risk‑averse as we have come to value our way of life. As European society (all European countries excluding Russia en Belarus) we are also more prudent with a debt burden of 85-90% of GDP, whereas the US have leveraged their earning power to over 120%. Our values have led to choices that provide Europeans with on average roughly five more years of healthy life compared to the US. And at the same time we spent as society 11% rather than 18% of GDP on healthcare. However, on average we are less wealthy, we work less and we earn per hour worked a quarter less compared to workers in the US. The net sum of our choices is nevertheless that Europeans score higher on the World Happiness ranking compared to the US. But should we be more happy? How long will our happiness last? As the Draghi report shows, we may need to make different choices for our future wellbeing.
Many years ago—before politics fully debated the Wet Financiële Dienstverlening (Wfd)—the AFM under Arthur Docters van Leeuwen initiated the Platform Financiële Dienstverlening. All stakeholders were invited—and increasingly attended eagerly. The platform discussed the need, form, and implementation of new regulation. It served as a source of advice to the ministry and as a preparation and implementation vehicle for both industry and regulator when the new law would be enacted. Without quantifying costs and benefits, the discussions in working groups did allow a weighing of sorts. The diverse interests around the table produced proposals for regulation and for clever implementation approaches. The relative quietness in which these talks took place—away from black‑and‑white publicity and political theatre—and the trust that grew among participants enabled a proper dialogue.
Of course, this may not always be possible. If a public discussion is already raging; if the topic requires a global approach; or if everything has become geopolitical, the challenge to engage in a proper dialogue may simply be too high. All the more reason to start early, before positions calcify.
Decision making
Without a preceding dialogue, decision‑making risks yielding regulation that is inefficient, ineffective, or just simply unnecessary. By contrast, when dialogue is done right, decisions become easier and the quality of regulation goes up. In the case of the Wfd, when parliamentary discussions dragged on, the financial services industry actually called on parliament to enact the draft law. The Wfd’s introduction are often cited as a case study in proactive regulation—tackling acute problems with targeted rules—contributing to a more reliable financial sector.
European regulations can be effective too. A good example from my current domain is REACH (Registration, Evaluation, Authorisation and Restriction of Chemicals). Implemented in phases since 2007, REACH requires companies to register and assess the risks of chemicals and effectively shifts the burden of proof to industry. The European Chemicals Agency and academic reviews have seen significant substitution of the most hazardous substances to safer alternatives. Internationally, REACH is seen as the “gold standard,” and countries including China, South Korea, and Turkey have adopted REACH‑like systems.
Life is often good in Europe—but not always. When there is insufficient trust between countries and Commission, regulation like the Methane Directive is introduced. Methane is a potent greenhouse gas; tackling it matters. But overly fine granularity and prescriptive detail can prevent a genuinely risk‑based approach for both industry and regulator. To my eyes, this is an example where the aim of the regulation is valid, but the means to get there are flawed. Spending more time early in the process to build trust and allow facts and analyses to enter the discussion might have led to better rules.
The anti‑money laundering system, discussed earlier, is another case where cost–benefit is at best unclear and probably heavily skewed. Rethinking AML is hard because the system is locked in by international treaties, FATF standards, and national laws—all of which create inertia. Moreover, powerful states use AML rules as security and foreign‑policy tools, making them politically untouchable.
The current trend seems to be that any contentious topic can become a tool of geopolitics. Whether it is the regulation of AI, cryptocurrencies, or digital services, geopolitics is surfacing for everyone to watch. It can lead to despair: where are the facts, where is the dialogue to be had in this dynamic? Political power may dominate; let us therefore invest even more in facts, dialogue, and building trust. Let that serve as a counterweight—and a tool for our political leaders.
What can we do?
Compliance should take a leading role in fostering a fact‑based dialogue before political and regulatory decisions are made. Compliance officers—up to the CCO—are uniquely placed to stimulate open debate inside their organizations and then with stakeholders, ensuring curiosity, attention to facts, and inclusion of unheard voices. Businesses can collectively support this by financing better research—benchmarking across regions and assessing the true costs and benefits of regulation. Done well, this shifts the conversation on regulation from repeating values and fears to a genuine, fact‑driven dialogue, enabling society to distinguish which regulations are unnecessary and which are desirable, and then to design them more intelligently to safeguard public interests while supporting innovation.
So let me end with a direct appeal. Do not just guard the rules—guard the dialogue. Invest time and money to bring all relevant facts to the table. Make unheard voices heard. Start early, before positions harden. Prune where regulation is shown to be ineffective; cultivate where it delivers real benefits. If we do this, compliance will be more than a brake—it will be a steering wheel. It will be more than a checklist—it will be a contribution to our common interests.
–> Leaders in Finance Compliance Event 2026 will be held on the 25th of June.