[davedx]

Ha. I've worked in a fairly strongly regulated sector (energy, in the Netherlands), where I collaborated closely with our head of compliance, and she heavily over-interpreted the regulations while I often tried to find more pragmatic solutions.

I think adherence to regulation and compliance is nothing to do with whether you're a SWE, a risk officer, or C-level, and everything to do with your own principles, ethics, professional attitude, and pragmatism.

[jval43]

I've found two things to matter:

1. experience, i.e. knowing why and how a rule matters (in general, but also to auditors)

2. willingness to think

If these aren't present, you get overly restrictive compliance that at the same time accomplishes nothing.

[treszkai]

I'd also add a willingness to follow the (perceived) intent of the rules as opposed to gaming the letter of the rule. An experienced folk might say, "yeah it won't matter legally", and continue with "but it will matter to me because this rule is in place for this-and-that reason".

[notarobot123]

scruples are also often a surface of friction that get in the way of business objectives.

[Markstar]

It's not even limited to SWE - there are so many regulations in almost every trade (which sometimes contradict each other) that it often eventually boils down to your experience and your decision which rule to follow and which to 'bend' (for example in "traditional" architecture there are so many rules that the building authority itself has to compromise on following the law by the book).