Towards organisation-wide compliance: together is better | Regulatory Risk | Deloitte


Towards organisation-wide compliance: together is better

Risk Powers Performance

The compliance landscape is changing. It's not only laws and regulations, corporate ethics is becoming more and more important. This requires extensive skills and cooperating with other functions. How should compliance functions cope with these changes?

Changing landscape

There are more and more expectations regarding corporate ethics and compliance. Not only do digitalisation and global social and economic developments result in increasing regulations: the ‘legal but harmful’ discussion, following events such as the Panama Papers, demonstrates that just adhering to laws and regulations is not sufficient anymore. The conduct of organisations and their employees is closely watched by regulators, investors, business partners and clients.

Unsurprisingly, this has an impact on the compliance function. It broadens the scope of the compliance function, mostly with an organisation-wide impact. Think for example of recent extensive requirements around privacy, product compliance and duty of care. Additionally, investors and business partners ask more and more around how topics like human rights and third party compliance are managed.

In addition, a pro-active approach towards compliance is expected. A core – and by no means new – responsibility of the compliance function is the development of a solid compliance program. It is the ability to demonstrate its effectiveness that has increasingly drawn regulatory and supervisory attention. This urges compliance functions to adequately measure and prove that effectiveness. With that, the compliance function is increasingly expected to pro-actively identify risks and control gaps.

It is evident that compliance functions are confronted with the challenge of addressing these elements throughout the organisation, with often a limited number of compliance resources. How could compliance functions address this seeming gap?

Extensive skills

Traditionally, the compliance function has been positioned fairly isolated from the rest of the organisation. As compliance functions have been experiencing, this makes it hard to reach the entire organisation and a truly implemented and effective compliance program. Additionally, compliance officers have been generally recruited based on their in-depth knowledge of laws and regulations. As the compliance landscape has evolved, other skills are required too – how to influence, how to leverage data and technology, how to reach the new generation in their day-to-day activities? In order to keep up with both expectations as well as changing business models, compliance functions need to think about different and creative solutions. What is clear, is that this means that the required skill set is extending beyond the standards of the recent past.

"Being compliant and ‘doing it right’ is not a task of the compliance function: it is the responsibility of the entire organisation."

Dependency on other functions

Being compliant and ‘doing it right’ is not a task of the compliance function: it is the responsibility of the entire organisation. Compliance requirements directly impact business and operational processes, while the compliance function is often not the primary owner of – or the expert on – the specific processes. As a result, compliance may not have all required insight into or access to key processes, systems and data.

For example, in order to demonstrate the effectiveness of the compliance program access to different types of data, including business data, is crucial but often perceived as one of the largest challenges – let alone interpreting and processing the data. Another example: how to correctly embed human rights principles in the organisation, without missing any crucial points, is probably better done in cooperation with colleagues from HR. Cooperation with other functions is of the essence. And for this cooperation to happen, an integrated position and well established network within the organisation, is of great importance to the compliance function.

Together is better!

Compliance officers have more on their plate than ever before. This requires broader knowledge and skills and access to other parts of the organisation. There is only one way how this can be achieved: through cooperation. Not only because it is needed, but also because it results in a widely supported compliance program and can serve as a catalyst for success.  

More information?

For more information about regulatory compliance? Please contact Ellen Huisman via her contact details below.

Vond u dit nuttig?