Soft Skills Matter: What to Look for Beyond Technical Compliance Expertise

Guest article. Views are the author's own and do not necessarily represent Initia Risk.

When hiring compliance professionals, leaders often give me a long list of technical expertise they want.

That list matters. You need people who understand regulations, risk frameworks, AML, sanctions, policies, procedures, and everything else that comes with a career in compliance.

But technical expertise alone does not make someone successful. So what else should you look for?

Five soft skills that show up in every strong hire

1. Commercial awareness
2. Communication
3. Relationship building
4. Emotional intelligence
5. Adaptability

Commercial awareness

The best risk and compliance professionals understand the business they work in. They understand the organisation's risk appetite.

They do more than identify risk. They grasp the commercial goals behind decisions - and help senior leadership move forward with eyes open.

What good looks like

• Conversations shift from “we can't” to “how can we, and what guardrails do we need?”
• Risk advice is tied to revenue, clients, or strategic priorities - not only rule citations.
• The hire can explain trade-offs to executives in business terms.

Interview prompt: “Tell me about a time you helped the business proceed on a deal or initiative while keeping risk within appetite.”

Communication

This is where many candidates fall down. I often hear: “They clearly have great knowledge, but I think they'd struggle communicating this to partners.”

You can be the most technically knowledgeable person in the room. If you cannot explain risk in a way the rest of the business understands, that knowledge becomes redundant.

What good looks like

• Translates technical analysis into practical advice.
• Writes and presents for non-specialists - boards, sales, HR, finance.
• Listens first, then advises - not the other way around.

Relationship building

Compliance can be an isolated role. In smaller firms you may have one person - or a small team - sitting away from the core of the office.

Yet the role is central. You need to work with sales, HR, finance, legal, technology, and everyone else. Building trust across those functions is a superpower.

What good looks like

• People involve compliance early - not as a last resort.
• Issues land on your desk when they first arise, not a week later.
• First-line owners see compliance as a partner, not a police force.

That dynamic mirrors what strong GRC programmes need: real ownership in the first line, with the second line challenging quality - not doing everyone else's job. See how to create real risk ownership for the operating side of that partnership.

Emotional intelligence

In compliance you often face competing priorities. You may be in the room with people who need a deal signed this week.

Empathy and perspective help. The best professionals challenge decisions without burning relationships.

What good looks like

• Disagrees clearly and respectfully.
• Separates the person from the risk decision.
• Stays calm under pressure from commercial teams.

Adaptability

Risk and compliance never stand still. Technology changes. Regulators publish new rules. The risks on your register shift every year.

People who keep learning and evolving progress fastest. We all know firms whose AML records still sit in paper files from twenty years ago. They often carry more risk than they realise.

What good looks like

• Comfortable with new tools and ways of working.
• Curious about regulatory change - not defensive.
• Helps the firm modernise controls, not just preserve old process.

Technical knowledge is still the foundation

None of the above replaces regulatory depth. You still need the hard skills.

But more firms use risk and compliance as a tool to support growth - not only to manage risk. A broader skill set will take you further than technical expertise alone.

Key takeaways for hiring managers

• Screen for influence, not just credentials. CVs show technical depth; interviews should test communication and commercial judgement.
• Ask for examples, not opinions. Real stories reveal EQ and relationship skills faster than generic competency questions.
• Align the hire to how your firm uses compliance. A growth-oriented business needs a different profile than a pure control-and-reporting culture.
• Pair great people with usable systems. Even strong hires struggle if the firm still runs risk and compliance on spreadsheets with no first-line engagement.

Related reading on Initia Risk: what GRC means in practice, the Three Lines of Defence model, and questions to ask GRC vendors when you are upgrading the tools your compliance team relies on.