Compliance officers’ responsibilities are growing, and keeping pace with a fast-changing landscape is becoming increasingly difficult. Smarsh’s Shaun Hurst points to a need for CCOs to adopt a new mindset.
Chief Compliance Officers (CCOs) have earned their rightful seat at the C-Suite table; no business strategy today can succeed without first addressing the ongoing threats of shifting regulations and newly emerging security concerns.
Whether it’s avoiding the risk of brand damage and financial loss from a cybersecurity breach or the introduction of groundbreaking regulatory changes such as MiFID II and GDPR, the scale and scope of the CCO’s responsibilities keep growing by the day.
CCOs are tasked with driving the adoption of ethical business practices that have come to be expected by their customers, partners and investors, yet diverse factors are creating new uncertainties, including trade and tariff negotiations, an ever-changing regulatory framework and ongoing geopolitical volatility.
At the same time, keeping pace with this fast-changing landscape is becoming increasingly difficult as more business communications take place outside of email. Financial and legal projects are now conducted across electronic channels, including social media feeds, mobile and text messaging, instant messaging, collaboration platforms, websites and voice messages. That’s a lot of digital data to store, review and produce for e-discovery and compliance purposes.
By extension, CCOs are being forced to take a more active role of ensuring that their employees have access to the best productivity-enabling tools while still managing the related regulatory risks. As a result, the adoption of these new communications technologies presents both a competitive advantage and a compliance hazard, because business friction gets reduced just as business risks are on the rise.
These mounting difficulties explain why this year’s PwC Annual Global CEO Survey found that over-regulation and policy uncertainties were ranked as the top concerns among business leaders. “Pervasive digital transformation also continues to increase risk,” added the PwC authors.
The PwC survey suggests that short-term strategies for compliance teams should include more frequent comprehensive risk reviews. In the past, most risk reviews took place annually, but this approach is no longer viable. A CCO must continually update the risk register and engage in regular discussions with board members about it.
Evidently, business leaders are less worried about existential threats and more concerned about the cost of doing business. As this problem continues to weigh heavily on the minds of CEOs, they will continue to turn more to their CCOs to ensure they are doing everything they can to future-proof their businesses.
However, if CCOs want to truly fill such a crucial role, investment will be needed to take compliance departments out of the firefighting mindset that still presides today. Currently, day-to-day compliance activities are taken up by managing reactive issues. For example, even a year after MiFID II and GDPR came into force, compliance teams are still struggling to meet the new compliance demands. How many are thinking about MiFID III or the introduction of greater information rights for their U.S. customers and eventually their global customers?
A recent report by Deloitte outlines the essential attributes of a modernized compliance program. By automating the day-to-day activities that require so much effort and using predictive analytics to determine where the next fire might start burning, forward-thinking companies are turning their compliance programs into sources of business value.
Deloitte recommends taking a proactive approach to oversight and execution, as most compliance professionals have historically focused on point solutions and analysis of tactical, transactional data in search of what went wrong. The time has arrived for the compliance function to shift its focus from hindsight to foresight.
Modern compliance organizations are risk intelligent and efficient, and they deliver results through business partnership and enablement. CCOs should reflect this mindset for driving insights by collaborating more closely with the business units to enable business growth. This will require modernization of the compliance function and related approaches to compliance.
If firms hope to succeed in the future economy, they will need to put compliance at the forefront of their strategies. Making the necessary investments now so that these processes are driven by advanced technology can create a real competitive advantage in the long run.
Sponsored by Smarsh
Smarsh helps government organizations get ahead – and stay ahead – of the risk within their electronic communications. Utilizing the Smarsh Connected Suite, agencies can reduce the burden and time required when responding to records requests and consolidate from multiple systems into a modernized, comprehensive retention and production solution. Capture, archiving and monitoring solutions extend across the industry’s widest breadth of channels, including email, social media, mobile/text messaging, instant messaging/collaboration, websites and voice. Government agencies in 40 of the 50 U.S. states rely on Smarsh to help meet their recordkeeping and e-discovery requirements. Founded in 2001, the company is headquartered in Portland, Ore. with nine offices worldwide, including locations in Silicon Valley, New York, London and Bangalore, India. For more information, visit www.smarsh.com.
Shaun Hurst is Technical Director, International, for 
