Thursday, February 25, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

What Do Compliance Directors Need to Know to Sleep at Night?

by Jon Siegler
November 7, 2016
in Compliance
Compliance officers navigating personal liability risk

Between new rules from the likes of the SEC and FDIC, a compliance director’s day-to-day is getting increasingly complex. In fact, the House Financial Services Committee estimates private sector firms will spend 24 million man-hours annually to comply with Dodd-Frank rules alone. And now that compliance directors can be held personally liable for failing to stop negligence and fraudulent activity within their organization, these key players not only want to, but also need to do everything in their power to ensure compliance.

Comprehensive governance, risk management and compliance (GRC) programs are the best solution and, truly, the only way to guarantee a compliance director’s continued success. While they used to be homegrown and enormously complex, new innovations in cloud services have allowed a complex and agile GRC program to be within reach of organizations of any size. It won’t solve all the compliance director’s concerns immediately, but it will be the key first step to enable critical change and comprehensive oversight.

What else will help these compliance directors get a good night’s sleep? Knowing the following:

That Agility is Built In

Rules are multiplying, but not budgets, and compliance directors are being asked to do more with less. They need to feel confident their systems are flexible enough to navigate a variety of potential compliance issues. If a GRC program is agile, it means that controlled systems can be applied to all business processes — even unexpected ones.

The best GRC systems allow compliance directors to create a flow chart of those various business processes and build compliance logic out from there. By diving into the various configurations of these processes, compliance directors can use the same system across the spectrum of compliance concerns and incident reporting.

Agile GRC also means that once solutions are in place, they’re fully automated, but can still be tweaked based on new problems or a changing landscape. If a compliance director needs to make a change to the workflow, it will be automatically distributed to the entire organization, lessening the need to retrain or refamiliarize employees.

That Code Isn’t Going to Be Their Downfall

Compliance is an enormously complex task, and more basic solutions, such as spreadsheets or many on-premises solutions, require compliance directors to build custom workflows with code or complex queries. If compliance directors have well-proportioned budgets, they might be able to hire developers to streamline this process, but oftentimes they’re working on a shoestring.

Contemporary cloud GRC solutions abstract out complex coding, ensuring that a mistyped query or a bug in a spreadsheet equation won’t halt compliance oversight or remediation processes.

Ease-of-use also ensures buy-in from employees, meaning they’ll actually take advantage of the GRC program available to them. The compliance director can feel at-ease knowing these important systems won’t require putting the company’s entire staff through hours of expensive training. On top of that, compliance directors can enable anyone at their organization to make modifications to rules or logic, all without code; the system automatically navigates around change and makes accommodations as needed.

That Everything is Documented

Using the GRC software to establish a quarterly or annual cycle for risk identification makes sure that employees buy-in completely to documenting every aspect of processes that could be under regulatory scrutiny.




New Call-to-action




Financial services companies, for example, must meet a myriad of rules from organizations at both local and international levels, and some of them require that workflows and processes are documented. These companies need to document the entire internal structure around compliance, and contemporary GRC systems eliminate much of the guesswork and manual labor involved.

Let’s say that a financial services company has already rolled out a GRC program using a cloud service, but there remains an unintended gap in compliance. Now, the route back toward full compliance needs to be documented, on top of the immediate response. Tracking the necessary changes made during the entire change life cycle ensures not only compliance, but also that the compliance director can help the whole organization explicitly learn from its mistakes.

That They Know What’s Next

Any solid compliance program isn’t just maintaining a hold on the current regulatory landscape — it should also be automatically looking out for new risks and new regulation that could affect the organization. This continuous monitoring process helps alleviate the burden from the compliance director and can be used to funnel action items directly into the inboxes of key stakeholders able to make the right changes to meet future and imminent regulatory changes.

Compliance directors can’t keep the day-to-day completely free of surprises. But, by applying the right software, they can reduce the chances for catastrophic compliance mistakes to emerge, giving them more time to prepare for the future.


Previous Post

Agile Performance & Goal Setting

Next Post

C-Level Executives May Be Liable For Cyber Breaches

Jon Siegler

jon-sieglerJon Siegler is a co-founder of LogicGate and has a decade of experience helping some of the largest enterprises overcome challenges in governance, risk and compliance. LogicGate empowers businesses to automate risk and compliance operations by visually designing their end-to-end workflows and deploying them as highly controlled process applications – reducing compliance violations and eliminating mission-critical risks.

Related Posts

illustration of hand holding flashlight illuminating hidden stairs

The Corporate Transparency Act: Pulling Back the Veil

February 23, 2021
King & Spalding: GC Decision Tree for Internal Investigations

King & Spalding: GC Decision Tree for Internal Investigations

February 19, 2021
mini businessmen separated by COVID particles

Compliance, Culture and COVID

February 9, 2021
closeup of gear shift with red face

Preparing for the Inevitable Regulatory Policy Shifts in Q1 2021

January 29, 2021
Next Post
C-Level Executives May Be Liable For Cyber Breaches

C-Level Executives May Be Liable For Cyber Breaches

Access realtime data
Addressing systemic racism in the workplace SAI Global
Dynamic Risk Assessments with Workiva
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk supply chain technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights