You’re the first lawyer at a scaleup. Alongside legal work, you also have to manage compliance. How do you do it? Where do you start? We asked Juni’s compliance director, Stephanie Michael.

Hi 👋 who are you?

I’m Stephanie, I’m the compliance director at Juni. We’re a Swedish fintech, servicing the eCommerce online industry, as well as media buyers, media affiliates, and other digital marketing affiliates. We’re aiming to be the best financial companion to that customer segment.

What does your role involve?

As is the case with people who work at scaling companies – I wear many hats! My biggest hat is to ensure that we have a proper understanding of our regulatory obligations, monitor those obligations, and advise the business accordingly. 

That could be anything from understanding what licences we need to procure to be a best-in-class financial companion, to improving know your customer (KYC) services for our customer base.

From a legal perspective, I work closely with our in-house function to ensure that we interpret guidance correctly and balance best practices with commercial sensibility. 

“You often need to ‘choose your fighter’ – are you a GC who is also the head of compliance, or a head of compliance that also does legal work a GC would normally do?”

Lawyers at scaleups often also have a compliance-related responsibility, but how do legal and compliance actually overlap? 

There’s definitely a correlation – most compliance officers are trained lawyers. Many of the skills you need when speaking to regulators and understanding the global mechanics of a fast-moving organization are the same as when you’re a general counsel – from attention to detail, to being commercially accessible and knowing when to say no. There’s also plenty of commonality around the education and training you go through. 

You often need to ‘choose your fighter’ – are you a GC who is also the head of compliance, or a head of compliance that also does legal work a GC would normally do? I chose the second option – I am the head of compliance, but I also assist with legal tasks for the business, from contract review to ongoing due diligence.

Who are compliance’s key internal partners? Does it vary from legal’s key internal partners?juro-contract-automation-secure-character-with-key-min (1)

The key partners for both legal and compliance are your points of contact across all lines of the business. Alongside management and the executive board, this also includes team directors. It’s important for legal and compliance to be fully upskilled in the product, the go-to-market strategy, customer base, and IT framework. 

We’re offering a B2B product at Juni, so understanding the product and being commercially feasible is essential – so I also work closely with commercial teams and the product team to understand integrations, how money moves, who our vendors are, and so on.

Who’s responsible for defining the roles for legal and compliance?

Interestingly, it’s actually a situation we’re working through right now, and it’s tricky – who should manage compliance? Should you hire a compliance officer who also has a legal background? What are the reporting lines? Should there be a dedicated function for compliance? 

Every startup goes through this challenge of figuring out what they need, when it needs to be deployed and how to deliver it effectively and properly.

At Juni, we have a governance, risk and compliance committee who helps steer us through these challenges. We also have a board of directors that make themselves available for all these important decisions.

“With so much to consider, having a tunnel vision for your ambitions is important – it’s easy to underestimate how much you can achieve in a quarter, but dedicated focus and harsh prioritisation makes all the difference”

How do you balance both roles? Where do you start?

Planning ahead is key. My main priorities are:

  • The regulatory landscape: we recently completed a funding round, and we’re soon launching a product with credit that is separate from our main offering. Both these projects mean that I need to dedicate a specific amount of time to regulation and making sure that we are compliant

  • Future projects: we’re looking to get our own payment institution licenses, which is an onerous regulatory filing. If successful, I’m going to have many more reporting requirements – so I need to look ahead and plan accordingly for that increased demand

  • Time allocation: as we continue to scale, can I give the team the same level of attention as I did in the past? What’s my bandwidth going to look like? Will we need additional dedicated resource? And if so, should that be a legal or a compliance professional? 

  • Hiring: if I decide to hire someone, that’s a significant chunk of my time that will now go towards finding and interviewing the right candidate. Even finding a tech recruitment firm takes time, so I need to figure out how that scope of work will fit with my other responsibilities.

  • Landscape for processes: I should always be willing to reconsider how we work on different processes, and consider reimagining them to scale with the business. Can we continue our due diligence process in the same way, for example? How will that oversight and escalation look once we’re double, or triple, in size?

With so much to consider, having a tunnel vision for your ambitions is important – it’s easy to underestimate how much you can achieve in a quarter, but dedicated focus and harsh prioritisation makes all the difference.

Does compliance require a mindset shift? Do you have to operate differently for a compliance role compared to a legal role?juro-contract-negotiation-prepare-laptop-character-min

If you come from a legal background that isn’t in-house, then absolutely. Compliance and legal may have the same reporting lines, but the main purpose of an in-house lawyer is to protect the business and convey that in a way that other teams understand. 

Compliance may be similar but there’s a strong horizon-scanning aspect to it where you need to look at the ‘what ifs’. You need to look ahead at how that landscape will change in two, five, ten years – nothing’s set in stone, but that’s also the best part of the role. How will a regulatory change affect business operations, and how can we mitigate any problems that may arise from it?

Any advice for lawyers balancing legal and compliance work?

Whether you’re looking to become a compliance officer in your industry, or just managing both responsibilities, take some time to understand:

  • Your product from the inside out 
  • The industries the product is serving
  • How to operate in that landscape in a way that maximises customer value 
  • How to communicate with the relevant external bodies
  • What their requirements are

Having a solid understanding of the business you’re trying to serve is half the battle, and will save you so much time in the long run. 

Thanks, Stephanie!

Stephanie Michael is the compliance director at Juni. Join our community of 500 lawyers and legal operations experts to get the latest insights, attend exclusive events, and network with some of the brightest minds in legal.