With the financial crisis of Enron and Steinhoff in the distant past, we seem to have forgotten the forces that caused harm to both the financial markets as well as the economy. Risks today are no longer contained within the confines of offices or meeting rooms but can travel at the speed of light around the world.
Since then, with most of the compliance landscape considerably changed due to the introduction of various regulatory mandates, are corporate executives doing a better job of promoting a proactive culture of compliance?
Creating a culture of Proactive Compliance
The word “compliance” is often synonymous with audits, a fallout of the reactive approach to compliance, that we are all familiar with. Starting with a checklist of rules and regulations, compliance has been muted to simply ticking off items on auto-mode and scheduling audits to ensure observance. This approach to compliance is largely driven by a need to maintain a bare minimum level of adherence at lower costs, leading to a self-defeating cycle.
Proactive compliance, on the other hand, is a more holistic method. It maps processes, controls, audits, and risk plans back to the business. Being dynamic in nature, it re-evaluates risk every time there is a change and prepares mitigation plans accordingly.
Here are 3 steps that can get your organization started on the journey of healthy proactive compliance: –
Do not encourage or ignore unethical practices
Be firm when it comes to playing by the rules. All employees must understand that unfair practices, whether in dealing with each other inside the organization or with external parties such as suppliers and partners, will not be tolerated. Rightly put by Scott Borden, the Ethics and Compliance Head at AECOM,’ Fraud occurs when a series of errors in detecting red flags and a lack of oversight takes place.’
Lay down the right policies and communication structure
Well laid out policies act as a guiding path for employees, especially when it comes to dealing with sensitive information like data confidentiality, information sharing, interacting with stakeholders, etc. Communication also plays a key role since the policy needs to be communicated and understood by everybody in the organization. There should also be a mechanism to receive feedback and review these policies from time to time. This has to start at the top and drill down to every level in the organization.
Make Regulatory Compliance Software work for you:
Due to excessive human effort involved, compliance staff in most organizations remain merely involved in managing documents and reconciling information as opposed to actual regulatory risk and compliance planning. Technology can help introduce checks and balances into processes, automate repeatable tasks and create an audit trail to track actions. The right technology tools can reduce efforts spent on risk assessment, testing, reporting, and issue management.
IRIS CARBON® is one such Regulatory Compliance Software that helps you prepare and manage your financial compliance and regulatory compliance reporting. The platform is a completely cloud-based collaborative platform and provides a robust and easy way for you to create, manage, check for inconsistencies with the in-built validator, and file with your regulator. With our solution, challenges of traditional reporting such as too much back and forth on emails, version management of documents, and pressing need to make frequent updates including last-minute edits right until filing can be easily addressed.
To summarize I would say, achieving effective ethics and compliance culture in an organization requires much more than adding rules and additional layers of controls. There are a multitude of things that go into creating a culture of compliance; but if organizations can make a start simply by addressing the 3 key areas mentioned above, it can surely give them a head-start to better Compliance Culture.