Why governance has become one of banking’s toughest jobs

As banking in the UAE accelerates toward digital-first models, cross-border capital flows, and AI-enabled decision-making, governance and compliance have moved from the margins of operations to the centre of institutional strategy. Few executives have had a front-row seat to this shift quite like Fazal Mohamed Nassim.

With over 30 years of experience across corporate and retail banking in three countries, Fazal has built and led risk, governance, and control functions at some of the world’s most demanding financial institutions, including HSBC, Barclays, and ADIB. Today, as Chief Governance and Compliance Officer at Siraj Finance, he operates at the intersection of regulation, technology, and culture — where boards are increasingly judged not just on performance, but on resilience, ethics, and accountability. In this conversation, Fazal reflects on how landmark global crises reshaped compliance thinking, what the UAE’s post-grey-list regulatory environment means for financial institutions, and why developing people not just processes remains the most critical risk-management strategy of all.

Recommended For You

'Dubai more than a second home': Usman Nurmagomedov retains PFL belt, praises crowd support

India launches inspection of 400 ‘uncontrolled airstrips’ post-Ajit Pawar tragedy

Why 5% more companies in UAE are paying bonuses this year

From a small town in Kerala to the UAE’s creative industry

Five steps to get your blood pressure under control

 

How has governance and compliance evolved in regional banking and what should institutions prioritise next?

Around 25 years ago, scandals such as Enron and the dotcom collapse became turning points for governance and compliance globally. What the Enron case clearly exposed was a leadership failure — business ethics were ignored, and it ultimately took whistleblowing to uncover deep mismanagement.

That period led to the introduction of the Sarbanes – Oxley Act in 2002, which fundamentally changed expectations around controls, disclosures, and accountability. Since then, compliance and governance have evolved from being reactive functions to becoming active participants in decision-making, well before risks escalate into serious issues.

Boards today face far more complex responsibilities than simple strategic oversight. Regulators increasingly expect compliance officers to help embed a genuine culture of compliance across institutions, not just ensure policies exist on paper. Earlier in my career, customer relationships were built face-to-face through branch networks — this was effectively the foundation of KYC. That model has changed rapidly with digital and AI-driven banking. At the same time, technology has made cross-border fund flows much easier, increasing exposure to financial crime risks. This was particularly relevant when the UAE was placed under increased monitoring for AML.

In October 2023, the FATF advised that the UAE had been removed from the grey list, but that has also brought stronger supervisory expectations. Recent federal decree laws have expanded the Central Bank’s authority around supervision, enforcement, sanctions, and licensing. The UAE has also introduced a federal fraud prevention framework that sets a global benchmark for resilience.

Looking ahead, financial institutions must strengthen institutional monitoring, enhance information security controls, and build clear governance frameworks around AI-driven processes. Governance can no longer sit outside innovation — it has to be built into it.

What lessons from leading risk functions at global banks continue to shape your approach today?

I have experienced both strong growth periods and very difficult cycles across the three countries I’ve worked in. One of the most challenging was the 2009 global financial crisis, when I was at Barclays in the UAE. During that time, the risk function was under intense scrutiny from group headquarters, which forced us to rethink how we managed credit risk while still supporting viable business segments.

It became a period of innovation under pressure. We had to listen carefully, challenge assumptions, and find practical ways to reduce credit losses without shutting down the business entirely. Continuous learning and openness to feedback were critical.

More recently, the Covid-19 period when I was at ADIB presented a different kind of challenge. It required new ways of working, rapid digital adoption, and faster decision-making to restore operations in a very short timeframe. In both situations, the common thread was people. Building trust, working collaboratively, and maintaining strong team bonds made it possible to navigate uncertainty and deliver results.

From your work in retail risk and credit governance, where can banks make the biggest impact today?

I have worked across four major banks, each with a very different approach. HSBC traditionally took a long-term, measured view of risk and strategy, while Barclays was often more driven by emerging market dynamics and speed.

One key lesson is the importance of adaptability. Institutions need to remain open to new ideas, evolving processes, and forward-looking strategies rather than relying on legacy models.

Personally, I adopted a blended approach — taking the strengths from each organisation and applying them in a way that suited the market and the moment. The greatest impact often comes from aligning risk discipline with business reality, rather than treating them as opposing forces.

You’re known for developing young talent. What has been most effective in building high-performing teams?

You can have the best systems and strategies in place, but without motivated and capable people, results will always fall short. From early in my career, I focused on mastering processes and then teaching others, which naturally evolved into coaching and mentoring.

My time at HSBC, in particular, offered a very supportive environment that helped develop these skills. I later deepened my understanding by studying leadership and management at a UK business school, alongside my banking qualifications.

Emotional intelligence is critical — being able to recognise potential, exercise patience, and support people through challenges. Every team will face difficult moments or individual setbacks, but how leaders respond to those situations determines trust and long-term performance.

Developing people is not about one-off interventions. It is about consistency, empathy, and creating an environment where individuals feel supported to grow into high-performing professionals.