Wednesday, January 20, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Internal Audit

Protecting the Enterprise: 2015 Compliance Trends Survey Reveals Growing Role of the Compliance Officer

by Corporate Compliance Insights
May 19, 2015
in Internal Audit
Protecting the Enterprise: 2015 Compliance Trends Survey Reveals Growing Role of the Compliance Officer

Deloitte and Compliance Week survey reports third-party assessment remains greatest risk followed by lack of GRC capability in IT systems

NEW YORK, May 19, 2015 — The latest findings released today from the anticipated Deloitte and Compliance Week survey demonstrate a tidal shift with modern corporate compliance functions gaining more authority and stronger organizational support for compliance programs. Fifty nine percent of respondents reported that the Chief Compliance Officer (CCO) job is now a stand-alone position, up from 37 percent in 2013, with 57 percent now reporting directly to either the CEO or the Board.

In its fifth year, the “In focus: Compliance Trends Survey 2015” measured the responses of more than 360 compliance professionals from around the world representing more than a dozen industries including financial services, health care and consumer and industrial products. While the survey data shows a clear trend toward a more empowered CCO with a higher position in the organization, concerns and challenges related to broader recognition of the value of compliance appear to persist. In addition, many companies’ existing technology solutions continue to fall short of compliance needs.

“In the five years since we began the survey, we’ve seen a significant rise in the establishment of compliance officers and departments as critical functions across organizations worldwide,” said Matt Kelly, editor and publisher, Compliance Week. “That growth strengthens the findings of this survey and hopefully sheds the collective spotlight on the ethics, compliance and risk issues organizations are facing today.”

CCO Authority Across the Enterprise

According to this year’s survey, challenges remain in embedding compliance culture throughout the entire organization and its extended enterprise. Results are mixed on whether the enhanced authority and positioning of the CCO has also enhanced the perceived value and level of support of the program throughout the entire organization. As with prior surveys, a minority of respondents – only 32 percent in the 2015 study – feel that the compliance program is recognized for driving business value throughout the company. With small staffs continuing to be the norm, support of the compliance program within the business is critical to the CCO as he or she tries to help build a strong, transparent, risk-intelligent enterprise.

On a related point, only 43 percent of respondents said their corporations have designated compliance officers in subsidiaries, business units or geographic markets. And within that group who do, only 49 percent of those business unit compliance officers report to the global CCO; 40 percent report to local senior managers. One question to contemplate as CCOs digest this report, then, is whether their entire compliance “function” has proper ability and authority to carry out its mission, regardless of the CCO’s particular reporting relationship.

Assessing Risk and Program Effectiveness

Thirty percent of respondents still say they do not measure the effectiveness of their compliance programs. Tom Rollauer, executive director, Deloitte Center for Regulatory Strategies, Deloitte & Touche LLP, emphasizes the importance of the risk assessment process. “For me, the risk assessment is at the center of the effort to manage compliance risk. If you have a robust enterprise-wide risk assessment process, your priorities will evolve out of that. CCOs should be setting compliance monitoring and testing priorities based upon these risk assessments.”

A potentially concerning trend, one which is carried over from the 2014 and prior surveys, relates to the oversight of third-party relationships across the extended enterprise.   Third parties’ compliance risks continue to be the single biggest worry for surveyed compliance professionals, and proactive management of risks within the third-party population appear to remain inconsistent. Forty-two percent of respondents indicated that they always audit compliance with policies or regulations; 38 percent always perform extensive background checks; and 32 percent always require training or certification.

Big Problem with Big Data

Compliance teams are keenly interested in advanced predictive analytics that can aid in predicting future risks before they erupt into a catastrophe, or to assist with regulatory change management. Few tools now can perform those functions without a major customization effort. “While big data and GRC tools may hold the key to effective risk assessment and control monitoring, many organizations are still waiting for the promise to be fulfilled. New applications and increasing access to data are coming, and that will take compliance to the next level with predictive analytics,” said Nicole Sandford, national practice leader, enterprise compliance, Deloitte & Touche LLP.

Only 32 percent of survey respondents report feeling confident or very confident in their IT systems, down from 41 percent in 2014. The report suggesting lack of confidence in IT systems may trace back to the relatively small size of compliance departments, which forces them to depend on other departments or business units in the enterprise to supply the data CCOs need. “In essence, compliance functions are still spending a disproportionate amount of time collecting data, versus time spent adding strategic value to the business through analyzing and trending the data collected,” added Sandford.

 

About Deloitte’s Risk Advisory Practice

Deloitte’s market-leading Risk Advisory practice helps organizations build value by taking a strategic risk approach to managing financial, technology and business risks. This approach helps clients focus on their areas of increased risk, bridge silos to effectively manage risk across organizational boundaries and seek not only risk mitigation, but also pursue intelligent risk taking as a means to value creation.

Deloitte’s governance, regulatory and risk strategies (GR&RS) professionals provide consultative services to assist organizations and their Boards in their efforts to create and protect value and enhance effective management of their strategic, regulatory, financial, operational and compliance risks on a sustained basis. As part of Deloitte’s Risk Advisory practice, GR&RS helps our clients develop sustainable governance, compliance and risk management programs by helping organizations identify, remediate, monitor and manage their enterprise risks in addition to coordinating the utilization of people, process and technology to improve effectiveness and help manage costs.

About the Deloitte Center for Regulatory Strategies

The Deloitte Center for Regulatory Strategies (the Center) provides valuable insight to help organizations in the financial services, health care, life sciences and energy industries keep abreast of emerging regulatory and compliance requirements, regulatory implementation leading practices and other regulatory trends. Home to a team of experienced executives, former regulators and Deloitte professionals with extensive experience helping clients solve complex regulatory issues, the Center exists to bring relevant information and specialized perspectives to our clients through a range of media including thought leadership, research, forums, webcasts and events.

About Compliance Week

Compliance Week, published by Wilmington plc, is an information service on corporate governance, risk and compliance that features weekly electronic newsletters, a monthly print magazine, proprietary databases, industry-leading events and a variety of interactive features and forums. www.ComplianceWeek.com

As used in this document, “Deloitte” means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.


Previous Post

Historic Survey of Financial Services Professionals Reveals Widespread Disregard for Ethics, Alarming Use of Secrecy Policies to Silence Employees

Next Post

Corporate Counsel Say Regulatory Environment Bad For Business

Corporate Compliance Insights

Related Posts

AICPA: Implications of Blockchain in SOC for Service Organization Examinations

AICPA: Implications of Blockchain in SOC for Service Organization Examinations

January 7, 2021
Protiviti & ISACA: IT Audit Perspectives 2021

Protiviti & ISACA: IT Audit Perspectives 2021

December 28, 2020
fintech cloud emanating from smartphone on blue-green background

Fintech Pressure on Internal Audit

November 30, 2020
illustration of professionals in videoconference

4 Tips for Conducting Virtual Internal Audits

November 11, 2020
Next Post
Corporate Counsel Say Regulatory Environment Bad For Business

Corporate Counsel Say Regulatory Environment Bad For Business

Access realtime data

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management culture of ethics cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security internal audit KYC/know your customer machine learning monitoring regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights