It is very easy to talk about a culture of compliance, but far harder to define what this means in reality and even harder to embed this within an organization.” – Mark Delgado, Mitratech
With regulators cracking down on compliance breaches more than ever before, making sure your company has what it takes to comply is no longer something you can do without. In fact, the cost of non-compliance can be almost three times that of remaining compliant.
Recently, Mitratech experts Jason Cropper and Mark Delgado sat down with the editors at Risk and Compliance magazine for a roundtable discussion on how organizations can create and maintain a culture of compliance and thrive in today’s watch-dog environment.
Risk and Compliance Preview
Below is an excerpt from the interview. Click the button below to read the full, nine page Q&A and gain insight into effective compliance programs today.
R&C: To what extent are you seeing a greater focus on compliance efforts among companies in today’s business world?
Cropper: There is no question that compliance has a greater focus today than it did 10 years ago. Since the Wall Street crash in 2008, daily alerts in regulatory activity are up 600 percent, globally. However, it is not just activity that is on the rise; compliance spend, compliance hiring and regulatory fines have never been higher. The need to hold organizations and individuals accountable for compliance-related breeches is more visible and public in nature. There is significant pressure for organizations to demonstrate their compliance and, more importantly, to prove they are doing it effectively.
Delgado: It is not just the significant increase in regulation that has been at the root of the clear increase in the focus on compliance, especially in highly regulated businesses around the world, but it is also the accompanying clout that has been given to many of the regulatory authorities. Fines are now truly punitive and the shift from corporate to personal liability is a highly significant factor in driving the ever-greater importance businesses are placing on compliance.
R&C: In your experience, do companies tend to fall short when it comes to assigning responsibilities for compliance and risk within the organizational structure? If so, how can they improve their efforts in this regard?
Cropper: From my experience, it is not so much that they fall short in assigning responsibilities for risk and compliance, the issue is more that many do so purely as a tick-box exercise. There is no accountability, and this is where the rise of regulatory guidelines around what constitutes effectiveness in compliance comes in. The Department of Justice (DOJ) recently released a whitepaper on “evaluation of corporate compliance programs,” which went further than the typical guidelines by providing challenging questions that addressed the issue of whether an organization truly had a culture of compliance, or was merely doing what it had to, to remain compliant. An organization will never truly improve its efforts unless it ethically believes in compliance and promotes that throughout the organization.
Delgado: There is no doubt that businesses are more aware of the importance of responsibility assignment – not least because many regulators are now insisting on this being a formal component of being compliant. The real issues come from whether or not these assigned responsibilities are understood clearly enough by the individuals themselves and others in the wider business and, then, if those with assigned responsibilities are properly held accountable for any failings. As with so many areas of compliance, technology has a key role to play here, not necessarily in assigning responsibilities, but in ensuring communication of these assignments is clear, both within and outside of an organization….
Click the button below to download the full, nine page Q&A and gain insight into effective compliance programs today.
Risk & Compliance is an e-magazine dedicated to the latest developments in corporate risk management and regulatory compliance. Published quarterly by Financier Worldwide, Risk & Compliance draws on the experience and expertise of leading experts in the field to deliver insight on the myriad risks facing global companies, the insurance solutions available to mitigate them, and the in-house processes and controls companies must adopt to manage them.