Dulani De Silva, Compliance Risk Country Officer of Citi Sri Lanka, reflects on her three-decade career in banking and what it takes to succeed in this demanding yet rewarding field.
“Over the past 32 years, I’ve watched compliance evolve from a back-office obligation to a strategic, business-critical function. It was once seen as a formality, but growing regulatory scrutiny and penalties shifted that perception. Today, compliance is involved early and plays a central role in shaping long-term success,” De Silva explains.
Tighter regulations like Dodd-Frank, Basel III, Data Protection and from a local regulatory perspective, Corporate Governance, Financial Consumer Protection Regulations, which demand greater transparency, have driven the change. Technology has also played a role. AI and analytics allow us to monitor real-time risk and act before problems escalate. The function has matured, driving ethical leadership and better decisions. Also, digital banking has brought new risks like cyber threats and third-party exposures, and for global institutions, aligning international standards with local rules remains a constant balancing act. These pressures have elevated compliance as a strategic voice at the table.
“I’ve learned to expect resistance, but how we respond matters,” De Silva said. “When compliance is trusted and engaged early, risks are managed before they grow. Leadership sets the tone; clear communication helps others see we’re working toward the same goals. Adaptability is essential. The landscape will keep shifting, and we must stay ahead of it. Compliance has shown that it’s more than a safeguard: it’s a key part of responsible growth. Keeping the conversation open and aligned with business goals makes that possible,” De Silva noted in a recent interview, excerpts of which follow:
As Compliance Risk Country Officer, you oversee Citi’s Compliance Risk Management Programme. What are your biggest challenges in ensuring global policies align with local regulations, given the current dynamics of the economy?
Regulatory uncertainty in Sri Lanka demands constant attention. Shifting economic conditions bring sudden changes in rules, and staying aligned with local and global standards requires continuous monitoring and constant engagement with regulators. We adjust quickly, ensuring compliance without slowing down the business.
Applying Citi’s high global standards locally takes careful judgement. It is important to uphold these expectations while ensuring operations remain smooth and efficient. Foreign exchange controls add pressure, especially during economic stress, but we remain fully compliant: every transaction is scrutinized against local rules and broader obligations.
The evolving economy has heightened credit, operational, and financial crime risks. We work closely with risk and business teams to adjust policies without disrupting legitimate activity. This collaboration helps us manage risks with precision.
We prioritize open, proactive engagement with regulators. It’s not just about compliance but building trust and finding common ground. Internally, we do the same, ensuring teams understand their responsibilities and why they matter. Clear communication and ongoing education help make compliance part of the culture.
How do you balance regulatory compliance with business growth, ensuring Citi remains compliant and competitive in the market?
Balancing compliance with growth is a constant challenge, but it becomes a competitive edge when done right. At Citi, compliance is built into business decisions, guided by a risk-based approach that targets what matters most without stifling innovation.
Early involvement helps us shape solutions and avoid roadblocks. We focus on high-risk areas and stay flexible where risk is low, enabling the business to move quickly and responsibly.
We engage frequently with regulators to stay ahead of changes and build trust. Technology like AI, automation, and data-driven monitoring boosts speed and oversight. Internally, we emphasize culture, showing teams that compliance drives growth, not blocks it.
Agility is key. We adapt global standards to local needs, keeping compliance relevant, practical, and central to Citi’s resilience and long-term success.
How would you describe your experience at Citi in terms of opportunities, growth, and leadership?
Compliance demands tough calls and a strong ethical compass. It’s about protecting the organization, not challenging individuals. Trust and clear communication are essential, especially when the message is difficult.
At Citi, compliance is seen as a strategic partner, not just a checkbox. That recognition reinforces our purpose.
I encourage my team to be fair and bold, take ownership when mistakes happen, and always ask when unsure. Questions lead to better decisions.
When people are empowered, they grow. I’ve seen my team gain confidence and step into leadership roles, and that growth is the most rewarding part of what I do.
What advice would you give aspiring compliance and risk management professionals who want to build a long-term career in this field?
Success in compliance depends on more than technical skills; it also requires strategic thinking, clear communication, and strong collaboration.
By understanding regulations and how the business operates, it will enable you to offer practical, risk-aware advice. Getting involved early has helped me shape decisions and manage risks before they escalate.
It is important to focus on making rules clear and relevant, which helps build support even in the face of resistance. Staying adaptable and using tools like AI and analytics is essential as new risks emerge.
A risk-based approach keeps our efforts focused, while integrity remains non-negotiable: ethics and the courage to speak up define the role.
At its core, compliance is about guiding sound decisions and building lasting trust.