A question that may be increasingly asked of compliance officers is how they are defining and measuring value. In short: what is the return on investment (ROI) of their departments?
Even a quick glance back at the enforcement landscape of recent years can send a proverbial chill down the spine of any compliance officer—the legislative aftermath of the financial crisis, corporate enforcement penalties routinely adding up to hundreds of millions of dollars, and, in 2011, the highest financial sanctions ever assessed against individuals in a Foreign Corrupt Practices Act (FCPA) case.
Yet, in a recent Deloitte survey of 1,200 industry-diverse business executives during a Dbriefs webcast program on “The Changing Global Anti-Corruption Legal Landscape,” only 24 percent said they have actually changed their anti-corruption programs to comply with major new regulations under the UK Bribery Act.
As compliance challenges continue to emerge and develop, the bond between the governance and executive bodies is evolving in parallel. The conversation no longer centers on “do we have a compliance or risk management program,” rather it hinges on agreement about key performance measures of the program and empowering leaders in the organization and their employees to share in the ownership of the continuous management of compliance risk.
Compliance professionals are often challenged with effectively making the business case for—and explaining how—an integrated approach to governance, risk and compliance translates into bottom-line financial benefits for the company. A big part of this challenge may lie in how some professionals are trained to think about the regulatory drivers of compliance, rather than the equally [...]
The compliance “world” is a relatively fluid environment. The combination of changing regulations and ever-evolving organizations means that your organization’s risk profile is never static. With that continuous shifting in mind, it is no wonder that compliance professionals remain focused on preventing and detecting compliance breakdowns, occurrences of fraud or other potential irregularities through rigorous attention to their compliance programs.
Deloitte’s Rob Biskup provides 10, not necessarily obvious, stress-testing methodologies you may wish to consider and act on, depending on your particular program needs and maturity level.