At the recent European Compliance Week event, as well as interviewing compliance professionals, I was fortunate enough to moderate a panel session. Below are the highlights of my discussions.
On the backend of such a devasting pandemic, one that arrived so quickly and unfortunately continues to mutate, compliance professionals catapulted into the limelight by proactively updating compliance programs. For it to work, there needed to be clear communication, outstanding cross-function cooperation, and a strong element of business resilience.
Successful compliance departments create an environment where the right channels are fostered and compliance policies which include the encompassing code of conduct document are regularly updated.
Organizations have found it challenging to track third-party vendors, who although can be strategic partners and play a pivotal role in an organization’s supply chain, still need to be managed delicately. Compliance assessments, control testing, policy, and process updates have all been challenging at a time when remote working is a permanent fixture for millions of us.
Compliance teams have shown agility. They are pushing for C-suite representation and asking for support to cope with the stress and additional work burden.
CEOs have to steer the ship and address the pressures of results and the overall performance, but what is equally important is promoting the right culture. Although it might start from the top, all employees need to take responsibility. Compliance and the value associated with it should not be sidelined. It needs strong representation and respective departments should stay close to their compliance teams.
The compliance lens needs to marry up with the commercial lens. Once you show commercial benefits, you have senior management buy-in. Again, a point that is strongly correlated with fostering the right culture and promoting the right conversations.
Compliance officers need to recognize the organization’s business needs and challenges. They should take an interest in their colleagues’ priorities and build relationships (even if it needs to be done remotely).
Data is of particular concern. Today, companies gather, create, and store an eyewatering amount of it. Most probably, this data will be saved for a rainy day. However, without the right technology, data can do more harm than good. Technology has the prowess to identify, manage, and evaluate the data so strategic decisions can be executed.
The importance of technology has taken center stage. We are in a phase where agility and adoptability are strong contenders to disrupt the old ways of thinking. Implementing the right technology does not take as long as you think. Organizations are realizing the rationale of a solution that works for them, albeit to replace their existing technology or supersede their in-house functionality. Compliance teams need structure, they need to understand the ever-changing regulatory environment, demonstrate how policy management will influence their markets, and provide solutions for observations and whistle blowing.
Companies that adopt, implement, and embrace the right technology will significantly notice improvements across the spectrum and align their business objectives with their compliance needs.
Examples of where technology has helped these teams include:
With an increase in business risk, social unrest, and climate change, compliance is not an easy task, and without fully digitized platforms and processes, organizations may be left behind.
As we step into a new year, there are several points for consideration:
To build effective compliance programs, organizations need robust, automated compliance tools that make it easier to identify and manage regulatory changes, assess and test controls, and improve visibility into compliance across the enterprise. With the right technology, processes, and teams, organizations can transform compliance into a strong competitive advantage, strengthening trust and credibility with stakeholders, customers, and regulators.
“Life is either a daring adventure or nothing at all.” Compliance officers, you are doing a great job.
This blog is part of the Instagram of Risk Blog Series, authored by Suneel Sahi, VP, Product Marketing at MetricStream, which captures discussions and insights trending in the risk community.
Check out Suneel’s other ‘Instagram of Risk ’blogs on the key takeaways from the Charted Institute of Internal Auditors event in London and the Oct 21 MetricStream GRC Summit held in London, Copenhagen, and Zurich.