Thursday, February 25, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

The True Cost of Compliance

by Peter Merkulov
March 26, 2018
in Compliance, Featured
businessman with his head in a cardboard box with dollar signs

Making Sense of Dollars and Cents

With the upcoming GDPR directive on everyone’s minds, compliance is a hot issue. Many see compliance as an unnecessary additional expenditure. What they fail to realize, however, is that noncompliance costs nearly three times as much as compliance does.

Today, data is more valuable than gold, and organizations are hyperaware of how precious this commodity really is. Data provides organizations with invaluable insight into their operations, competitors and customers. As organizations continue to grow and the demand for data increases, so does the frequency of data movement. This increased movement is directly related to an increase in data vulnerability, putting companies at risk of loss, leaks and theft.

Recognizing this vulnerability, governing entities have begun to implement compliance standards aimed at preventing data from falling into the wrong hands. However, many organizations hear the word compliance and only see dollar signs. Organizations often believe that they are unable to afford the necessary steps to meet heightened compliance standards set forth. Yet, a recent study from Ponemon and Globalscape reports that it is 2.71 times more costly for an organization to not comply with mandates. The average cost of compliance is $5.47 million versus an average of $14.82 million for noncompliance, which is an average difference of $9.35 million annually.

As organizations are tasked with determining if they have the budget to implement required compliance measures, their motivation to comply is driven by the need to balance protecting their valuable data with the need to minimize costs and/or long-term perils resulting from noncompliance.

When an organization fails to meet compliance standards and regulations, increased costs come in the form of issues such as business disruption, productivity losses, revenue losses and fines, penalties and settlement costs. All is not lost! Globalscape and Ponemon identified 12 best practices that, when implemented, reduce total compliance costs for an organization. The study also identified the average savings associated with each best practice.

In today’s market, in which security fails like Equifax’s fill the headlines, it is no longer an option for organizations to be anything less than hyperaware of their compliance initiatives. From 2011 to 2017, the cost of attaining compliance has steadily grown, rising 43 percent in those six years. For any extremely compliance-heavy industry, such as health care, this number has grown by 106 percent in six years. While achieving regulatory compliance can be complicated and expensive, the alternative is likely more costly – not a viable option for an organization concerned about their bottom line.

Unfortunately, there are organizations who elect to delay compliance efforts because of the associated costs. In so doing, they risk incurring large fines and the loss of customer trust, as well as damage to their reputation, all in an effort to avoid compliance-related expenditures. This short-sighted, high-risk strategy will ultimately result in a negative outcome for the organization. The Globalscape and Ponemon study found that, on average, only 14.3 percent of total IT budgets were spent on compliance in 2017 — not much of an increase from the 11.8 percent reported in 2011. This clearly indicates that organizations are underspending on core compliance activities in the short term and aren’t prepared to allot further budget as the years go on.

Complying with data protection regulations is expensive, but when it comes to dollars and cents, it is significantly more economical for an organization to comply with all data privacy directives than to delay the inevitable. With the May 2018 launch of The General Data Protection Regulation (GDPR), these mandates will continue to grow and become more complex. It is no longer a question of if you will be asked to provide proof that your organization is complying with regulations and protecting sensitive data, but when. Can you afford the risk of noncompliance?

You can read more of the findings from The Trust Cost of Compliance with Data Projection Regulations study here.


Tags: GDPR
Previous Post

Navigating KYC in the Nordics, Part 1

Next Post

Deloitte Poll Reveals Maturity Shortfalls in Programs to Manage Third Parties

Peter Merkulov

Peter Merkulov serves as Chief Technology Officer at Globalscape. He is responsible for leading and overseeing the product strategy, product management, product marketing, technology alliances, engineering and quality assurance teams. Merkulov has more than 16 years of experience in the IT security industry, specifically in product strategy and management. Prior to joining Globalscape, Merkulov served as Executive Vice President at Kaspersky Lab North America, where he oversaw the expansion of the business within North America, and was second in command of their North American operations. He also served as their Chief Product Officer, where he drove the adoption, development and execution of long-term product strategy. Merkulov also served as the Vice President of Technology Alliances at Kaspersky Lab. Merkulov is a graduate of Moscow State Institute of International Relations and is fluent in English, Russian and Swedish.

Related Posts

woman looking at horizon from mountain top

What’s on the Horizon for Anti-Corruption Enforcement?

February 25, 2021
cannabis leaf on $100 bill

The Intersection of EDD and Banking Cannabis

February 24, 2021
gold cup award on red background with stars

Ethisphere Announces the 2021 World’s Most Ethical Companies

February 23, 2021
illustration of hand holding flashlight illuminating hidden stairs

The Corporate Transparency Act: Pulling Back the Veil

February 23, 2021
Next Post
Deloitte Poll Reveals Maturity Shortfalls in Programs to Manage Third Parties

Deloitte Poll Reveals Maturity Shortfalls in Programs to Manage Third Parties

Access realtime data
Addressing systemic racism in the workplace SAI Global
Dynamic Risk Assessments with Workiva
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk supply chain technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights