When it comes to spending on compliance, companies aren’t shy. Every year, the average multinational will easily shell out millions on compliance, according to reporting in Harvard Business Review. In heavily-regulated sectors, that number is even higher.
In finance, for instance, compliance costs tend to run around four percent of total company revenue. And that figure is set to double by 2022. So with all that budget going into compliance, the question is: are companies really getting the most bang for their compliance buck? The answer is unfortunately no.
Though companies are spending the big bucks, they’re making those investments without a clear, companywide framework for compliance management, the kind of enterprise-wide approach that would help companies avoid making non-strategic, case-by-case compliance interventions. Meanwhile, the piecemeal approach that firms stumble into only succeeds in limiting the situational awareness of senior leadership, who rely on an accurate picture of compliance risk in order to make strategic decisions for the business.
Lack of a centralizing compliance strategy incurs other negative downstream consequences, as well. One of the most significant: compliance siloing throughout the business. Simply put, individual teams start managing compliance requirements on a one-by-one basis with little to no cross-functional communication. As a result, compliance activities end up getting duplicated across the organization.
Of course, compliance management is difficult even if you get the high-level strategy right. The pace and volume of regulatory change since the financial crisis has put untold pressure on compliance teams who are now tasked with implementing regulatory changes, meeting new regulatory expectations, and coping with increased regulatory supervision. Those pressures are only increasing: 70 percent of the firms polled by Thomson Reuters expected focus on managing regulatory risk to increase.
But more regulatory volatility only bumps up compliance costs and creates more operational headaches for teams. Those headaches are, then, exacerbated by a lack of a centralizing approach to managing compliance risk, particularly common in companies who tackle compliance in house. As you’d expect, those are the companies most likely to lack processes, personnel, and tools to achieve basic compliance goals.
Without advanced technology, in particular, compliance actors have to rely more heavily on manual structures like spreadsheets, Word documents, and shared folders to get the job done. Sure, a fledgling startup with relatively few reporting requirements could get by with these rudimentary solutions. But homespun compliance processes don’t scale. Indeed, they increase the likelihood of misreporting, which exacerbates compliance risk.
But it’s not just compliance processes that don’t keep up with the times. Traditional forms of risk management are becoming outmoded too. Risk teams are also heavily reliant on disjointed, disconnected, and overly manual processes. What’s more, they often lack the internal (communications) tools to properly integrate their knowledge base of risk into their systems for managing risk.
But business leaders don’t have to continue running blind when it comes to compliance risk. And teams don’t have to keep struggling to stay ahead. Sure, it takes time and effort, but developing an effective enterprise-wide approach to compliance risk management is possible. To learn how to get started, download our introductory guide.
For more content on compliance management, follow @teamnoggin on Twitter