NEW YORK (August 15, 2018) — Almost half (48.3 percent) of risk and compliance, internal audit, C-suite executive and board professionals plan to modernize their compliance functions by changing core compliance execution practices during the next 12 months, according to a recent Deloitte poll. Further, resource levels for compliance teams are expected to increase (27.5 percent) or stay flat (37.6 percent) in the year ahead for the majority of organizations.
“Regardless of whether an industry is highly regulated or not, we often see compliance budget fluctuations due to shifting business priorities,” said Rebecca Chasen, Deloitte Risk and Financial Advisory partner, Deloitte Financial Advisory Services LLP. “Thankfully, compliance modernizing technologies are evolving quickly and becoming more available, enabling compliance teams of various resourcing levels to streamline processes, increase capacity and continue to do more with less. Of course, compliance teams need more than technology alone to offer strategic counsel and predictive insights to leadership.”
Deloitte defines compliance modernization as a functional transformation that pulls on productivity levers across the organization, including emerging technologies, such as cognitive compliance, automation and robotics, to drive integration of risk and compliance with business strategy and drive value across the enterprise.
Only 11.5 percent of professionals surveyed reported that their compliance functions are value-creating, or seen as a strategic advisor that offers predictive insights and greatly efficient through the use of RegTech (regulatory technology; cognitive compliance, risk sensing, automation/robotics, etc.). This is a marginal improvement from a similar Deloitte poll in 2017, in which 10.9 percent of respondents said their organization is value-creating.
Compliance modernization trends to learn from
“One of the typical challenges we see companies face while trying to achieve a modernized compliance program is weighing ‘shiny and new’ solutions against those that have been evaluated as sustainable, effective solutions. It may seem simple to differentiate between the two, but it’s not always,” said Tom Nicolosi, Deloitte Risk & Financial Advisory principal, Deloitte & Touche LLP. “To me, the question to ask of a solution is ‘will this robotic process automation, artificial intelligence and/or cognitive computing solution have the power to increase productivity, drive down costs and create value across the organization via a solution all three lines of defense — business units themselves; risk management and compliance functions; and internal auditors — can leverage?'”
When asked which group in their organizations is most responsible for executing compliance, 24.9 percent say the first line of defense — business units, their professionals and centers of excellence; even more (26 percent) say the second line of defense — risk management and compliance; and, 34.4 percent say the first and second lines of defense are equally responsible.
Nicolosi continued, “While there is a trend to over rely on the second line of defense — risk management and compliance teams — to execute compliance, it’s encouraging to see one-quarter of respondents indicate the first line of defense is taking primary responsibility for compliance in their organizations. I suspect we’ll see further acceleration adopting that approach to compliance management.”
Compared to 12 months ago, respondents say their organizations’ compliance and information technology teams work more closely together (37.4 percent) or just as closely together (34.5 percent) now as before. Just 6.8 percent report compliance and IT functions working less closely together now than they did a year ago.
Nicolosi concluded, “Engaging IT is a critical step in compliance modernization, as compliance teams need the instrumental IT guidance and support that’ll help identify, tailor and operationalize new technologies.”
About the online poll
More than 420 professionals in compliance (22.4 percent), internal audit (31.8 percent) and risk management (12.3 percent) or holding C-suite or board (32.3 percent) roles participated in a Deloitte Dbriefs webcast, titled “Modernizing compliance: A tech lens on value protection and creation,” during which they were polled, June 14, 2018. Answer rates differed by question.
Deloitte provides industry-leading audit, consulting, tax and advisory services to many of the world’s most admired brands, including more than 85 percent of the Fortune 500 and more than 6,000 private and middle market companies. Our people work across more than 20 industry sectors to make an impact that matters — delivering measurable and lasting results that help reinforce public trust in our capital markets, inspire clients to see challenges as opportunities to transform and thrive, and help lead the way toward a stronger economy and a healthy society. Deloitte is proud to be part of the largest global professional services network serving our clients in the markets that are most important to them.