Compliance today; a Nuisance or a Necessity?

Written by Anne-Teresa Patt | 4 min read
Published on: February 14th 2017 - Last modified: May 28th, 2021
Compliance meeting of two people

Breaches in compliance are meticulously tracked and prosecuted by regulatory authorities. Many organizations are aware of the fact that they must implement a Compliance Management System and, yet, often medium-sized enterprises leave this on the back burner. In our blog post series about compliance today, we’re discussing the challenges and considerations companies might have, as well as effective avenues for developing a culture of compliance. What sets this series apart is the careful examination of certain laws and requirements in the United States, the United Kingdom, and across Asia.

A look at the challenges, considerations and opportunities of compliance today

Business Transformation: Why today’s approach to Compliance Management must also be flexible

The FIFA scandal, the financial crisis, the VW scandal - breaches in compliance with far-reaching consequences appear in the media time and time again. This, despite the fact that regulatory conformity is under increasing scrutiny. Today, companies must learn from mistakes and be ready to change at all times. Regulatory authorities release new requirements and updated regulations constantly in an effort to close gaps in security and account for new circumstances. The reason for these continuous adjustments and changes is, among other things, globalization. This drastically changes the way companies work with each other and therefore requires a certain degree of adaptability when it comes to the subject of compliance.

Certain sectors are subject to an abundance of regulations. Whether it’s the German MaRisk, the UK Bribery Act,or the US Dodd-Frank Act, the fact remains: Banks and insurance agencies cannot operate without a functioning Compliance Management System.

Also, the violation of trade regulations can be significant, as Wallstreet Online highlights: "Violations of the Export Administration Regulations (EAR) can reach 20 years imprisonment and $1 million per violation. Administrative monetary penalties can reach $11,000 per violation, and $120,000 per violation in cases involving items controlled for national security reasons."

Of course, compliance isn’t constitutionally anchored like this in all sectors and organizations; so, is it still worthwhile for companies to implement these controls?

Creating a culture of compliance: The real challenge for many organizations

It’s not only with global players, but also with medium-sized organizations, that issues of corruption, bribery, and antitrust conflicts will quickly find their way into public consciousness and can massively damage the image and the profitability of a company. The responsibility in these cases lies with executive boards and corporate management to ensure that the avoidance of risk, with or without legal requirements, is in the personal and financial interests of those who have the ability to control compliance.

So what is stopping medium-sized enterprises from establishing a culture of compliance? Organizations often lack the relevant experience and tools required to successfully implement a compliance strategy. What deters many businesses is the perceived high cost and the amount of effort involved in rigorous monitoring. A big challenge can also arise when it comes time to spread the concept of compliance throughout the organization. Often, compliance initiatives originate from acute situations and are contained within individual departments and carried out until the problem is more or less solved. In the long term, organizations lack:

  • fundamental knowledge about approaches and frameworks
  • a good network of legal, risk and technical expertise
  • company-wide compliance culture and accompanying regulatory transparency
  • the readiness to react appropriately to regulatory changes

How compliance benefits everyone and how you implement it with greater ease

Compliance will give you a competitive edge, even if it hasn’t been legally stipulated as a requirement for your organization - sometimes it’s even an important prerequisite for a business transaction! A strong compliance strategy strengthens your image as a company and automatically reduces risk that could lead to financial losses or to a damaged reputation. It’s also important to remember that an active compliance culture positively affects internal collaboration. It has the potential to optimize processes and simultaneously increase transparency in communication, responsibilities, and structure.

How do organizations get started? Can you implement compliance without the guidance of an expensive consultant? Process Management is a fundamental approach that enables organizations to find the right format and adjust it with ease.

Business processes - the core of any compliance initiative

The initial driving force behind any compliance initiative is corporate management. They have the responsibility of ensuring regulatory conformity, leading the management, and monitoring risk. When top management is aware of all of the relevant regulations, they can be prioritized and built into a compliance system.

Many managers are unaware of the fact that fines for failing to meet regulatory requirements are considerably more costly over time when compared to the investment in a process-based compliance initiative. Documented business processes are the shared language of an organization. They have the benefit of documenting compliance regulations transparently, without the need for employees to consult complex regulation guidelines. Processes and their associated recurring business decisions are:

the most fundamental building blocks of your organization and simultaneously have the greatest impact on the success of your business

Think of examples from your own day to day work life. A wrong decision or a badly executed process can have a hugely negative impact. The compliance culture of a company should therefore develop from a few core principles Documented process and decisions:

  • make standardization of work possible
  • are your shared language
  • make risks visible and enable monitoring
  • enable a top down approach

According to the “2016 Insurance Ethics and Compliance Survey” of Deloitte, people and processes are two of the key areas in which companies can invest to achieve a better compliance program. To make it concrete, these investments are regarding amongst others:

  • a more synergistic relationship with compliance personnel embedded in business
  • More data/KPIs and dashboards for executive and board level consumption Proactive evaluation of risk (predictive vs reactive)

When organizations opt for process-based compliance management, they create a solid foundation for regulations to be understood and complied with throughout the organization. Processes provide information about roles, tasks, and responsibilities as well as about existing risks and checks. Because processes speak one language, they provide a unified communication platform that functions internally and externally. External stakeholders, auditors for example, can be tied in with ease. Compliance is a process in its own right and functions by daily application and continuous development.


Free compliance resources for you

We offer a variety of free resources on our website that show you what a process-based compliance management system looks like, such as this example on internal control systems for Risk Management and compliance.

If you are wondering how you might get started, our whitepaper The Blueprint for Modern Compliance Programs offers an insightful introduction. You can find further information in our Resource Center and in our upcoming blog posts.

If you would like to speak with us directly about challenges you are facing and how our Business Transformation Platform can help you overcome these, send us an email at and we’ll be in touch!

Published on: February 14th 2017 - Last modified: May 28th, 2021