Fill in the form below and we will contact you shortly to organised your personalised demonstration of the Noggin platform.
An integrated resilience workspace that seamlessly integrates 10 core solutions into one, easy-to-use software platform.
The world's leading integrated resilience workspace for risk and business continuity management, operational resilience, incident & crisis management, and security & safety operations.
Explore Noggin's integrated resilience software, purpose-built for any industry.
Continuity Management Software
Updated September 29, 2023
Even before the pandemic, challenges to effective compliance management were acute. Unexpected political outcomes, such as Brexit and the 2016 election of Donald Trump, led to major regulatory changes, overhauls which left businesses catching up.
Nor had businesses completely recovered from the previous systemic shock: the global financial crisis of the late 2000s. Following that crisis, national and supranational bodies issued sweeping financial reforms.
The years 2009 to 2012 saw more than 50,000 regulations sweep across the G20i . That number rose to 50,000 in the year 2015, according to the London-based think tank, JWG.
Those regulations had the effect of upping the ante on compliance management, especially on the cost side. Compliance with the Dodd Frank Wall Street Reform and Consumer Protection Act cost banks USD 36 billion, according to the publication, Trade. All told, regulatory compliance cost banks USD 100 billion in 2016.
Financial regulation, though significant, isn’t the only contributor to ever-increasing compliance costs. Australian enterprises spend around AUD 94 billion to administer and comply with public sector rulesii.
Besides adhering to external edicts, companies also develop their own set of rules, regulations, policies, procedures, and by-lines. Compliance with these internal mandates have cost implications, as well. Australian enterprises spend around AUD 155 billion to administer and comply with self-imposed rules and regulations, according to Deloitte.
Sure, the rules are meant to improve the health and functioning of companies. That doesn’t make them any easier to comply with.
Indeed, compliance management – the end-to-end process of monitoring and assessing systems, tools, and structures needed to adhere to rules and regulations – only becomes more difficult in moments of regulatory upheaval.
Difficult but not impossible.
Of course, companies must fully understand the threats stacked up against the governance, risk and compliance practice before they can effectively tackle them. And that’s why we’ve pulled together a non exhaustive list of common threats. They include the following:
What can be done to overcome the threats? Senior leaders must first redirect their company’s compliance efforts and resources away from piecemeal interventions, instead, towards an enterprise-wide strategy, unfurling in multiple stages.
Implementing such a strategy begins with first identifying the areas in the organisation with the highest compliance risk, then recalibrating the compliance function to monitoring these risks.
Here, some concrete steps to turn enterprise-wide compliance management into a reality include developing a single, overarching framework for compliance across the organisation. That unifying thread, in turn, will govern processes taken and tools procured.
Of course, that strategy must be premised on a comprehensive understanding of the company’s compliance risk, especially existing levels of regulatory scrutiny, which are predictive of future scrutiny. How to achieve such an understanding?
Beyond taking common-sense compliance measures, organisations should be turning to industry best practice, as well. The industry has been rolling out best-practice standards to inform organisations seeking to get their compliance house in order. The best of the lot in this respect is international standard, ISO 31000.
Published originally in November 2009, ISO 31000: 2018 is the international standard for the practice of risk management. The standard is broadly applicable, independent of type of operation, size, complexity, or type.
The standard itself offers a framework for establishing the context of, identifying, analysing, evaluating, treating, monitoring, and communicating risk, prioritising executive buy-in. The logic, here, is that only a proactive stance on part of senior leadership can ensure that best-practice risk processes are fully integrated across all levels of the organisation.
Per the standard, senior leaders are advised to do the following:
The standard also calls on individual business process owners to identify and consider risks in their business decisions, as well integrating risk management principles in all other key aspects of decision-making.
That’s not all. The standard offers strategies on how to design and implement the risk management framework so that it is comprehensive. Risk framework design pointers include:
How to operationalise the standard and other bestpractice strategies (more broadly) meant to overcome the threats to compliance management? That’s where digitised governance, risk and compliance software comes in.
Of course, not all software is created equal. That’s why we recommend risk and compliance leaders invest in tools, such as the Noggin Governance, Risk and Compliance module, that collect real-time risk data from multiple stakeholders, across the organisation.
These solutions are based on ISO standards, as well fully customisable. With everything from a simple pre-task assessment through to an organisational risk register, the solutions make it easy to capture risk data and provide the analytics to derive rich insights.
What else? These solutions also provide better bang for your buck, a consistent set of common GRC features that can be used in out-of-the box, safety and security management software.
Other GRC features to look out for include:
Governance | Risk | Legal Compliance | Standards Compliance |
|
|
|
|
Dedicated governance business workflows including:
|
Dedicated risk management and assessments business workflows including:
|
Dedicated compliance management business workflows including:
|
Dedicated compliance management business workflows including:
|
More Noggin GRC features and benefits | |
Controlled documents |
|
Audits |
|
Risk assessments |
|
Finally, effective compliance management is most difficult in moments of crisis and regulatory upheaval, like the present. But that doesn’t negate the reality of everyday threats to compliance management.
Understanding those threats, as we’ve sought to do with this guide, is the first step to mitigating their effectiveness. After that, implementing cohesive compliance risk management strategies, in tandem with technology investments like the Noggin GRC module, is the best way to capture the risk data that provide the requisite analytics and insights needed to keep your organisation safe and compliant.
i. Tom Groenfeldt, Forbes: Taming The High Costs Of Compliance With Tech. Available at https://www.forbes.com/sites/tomgroenfeldt/2018/03/22/taming-the-high-costs-of-compliance-with-tech/ sh=531894495d3f.
ii. Deloitte: Get out of our way: Unleashing productivity. Available at https://www2.deloitte.com/au/en/pages/building-lucky-country/articles/get-out-ofyour-own-way.html