Compliance is a business function that has never been higher up the corporate agenda than it is now. Whereas it was once low-profile, it is now something that every business is aware of and something that most businesses take with the utmost seriousness.

GDPR is the most high-profile regulation in 2018 so far, but we live and work in a world that is increasingly regulated, with each different sector and geography coming with its own regulatory and governance requirements. Financial Services (FS) is a sector that is particularly compliance heavy.

While organisations are mostly aware of the consequences of non-compliance, there is a cost associated with an effective compliance (and wider GRC) function and it is one that many businesses seek to lessen wherever possible. This is a dangerous strategy, that could come with severe consequences for any company.

Failure to comply

Depending on the specific regulation and the severity of the particular incident, the repercussions of non-compliance can vary greatly. Sometimes it could be a heavy fine, at others it could be a temporary trading ban in a certain country. Other regulation breaches will just result in a slap on the wrist, whereas others will see the regulator demand changes in operations before the company can move forward again.

There are also the long-term brand implications to consider, especially with regulation such as GDPR, which came into force on 25 May 2018. The European Union (EU) made a lot of noise about the size of any potential fine for GDPR breaches, but initially at least it is unlikely that any company would be forced to pay the full amount.

But public perceptions of being the first company to fall foul of GDPR could be hard to shift. Data security and privacy has never been so highly prized and the media attention and social media discussion about a company that failed to protect consumer data effectively could be disastrous and have long-term implications for the company in question.

The cost of compliance

But ensuring your organisation is compliant with all required regulation is a major undertaking. The recent Cost of Compliance annual survey by Thomson Reuters of leading FS firms, found that 74% expected the focus on managing regulatory risk to increase in the coming year, with 24% expecting a significant increase.

The research also focused on the interaction between the compliance function, and legal, internal audit and risk and found it was limited in many cases, with a number of compliance teams spending less than one hour a week with other control functions.

A lack of skilled compliance resources was another factor in the cost of compliance, raised by an expected increase in the cost of senior compliance staff and the use of outsourcing to make up for the internal shortfall in the required compliance skills.

The importance of supervised compliance

As organisations struggle to manage the growing complexity of modern compliance, with ever growing numbers of programs resulting in more controls, processes, reporting and more, so a new model and approach has emerged – supervised compliance. This involves a company like OXIAL to automate controls and processes around compliance, supported by consultants who know the compliance requirements inside out, and allows companies to mitigate risk in real-time and ensure compliance This is hugely transformative, particularly in FS, with the potential to change control and compliance forever.

The sheer volume of new controls that come with just one page of regulation means old approaches are now untenable. Regulations and sub-components must be mapped to each business line, meaning an enormous list of risks, and a need for the right controls for each and every one of those risks. This requires automation and is simply not realistic to manage without the right tools.

Compliance is an onerous task, one that is needed to satisfy regulators and customers alike. It is also costly, as shown by the Thomson Reuters research. So supervised compliance will one day become the de facto approach to compliance. It is a far more cost-effective approach and is also far more suited to modern compliance requirements and managing their sheer volume and complexity.

By not utilising supervised or digital compliance organisations are running a huge risk, of both non-compliance and also of compliance costs spiralling out of control. For more information on how OXIAL can help with this, feel free to get in touch with us here.

OXIAL’s New Generation GRC solutions are entirely built to address some of the greatest challenges impacting organisations that are faced with Risk Management, Internal Control and Compliance and Audit. OXIAL’s integrated GRC platform enables organisations to become more efficient and effective in mitigating risk by integrating and automating GRC processes on a global scale.

Featuring intuitive and powerful tools that make it possible to respond to fast-evolving risk environments, OXIAL makes it easy to synchronise corporate governance, enterprise risk management and corporate compliance activities and undertake real- time monitoring across all business and IT processes and company assets. OXIAL operates globally across multiple industries and meets the needs of over 40 customers who have chosen OXIAL to drive business performance and achieve success.

Share This!