the compliance horizon h… · critical business function when it comes to safeguarding an...

1

THE COMPLIANCE HORIZON The Risk Advisory Group

November 2015

2

FOREWORD

Bill Waite, Group CEO

In the not-too-distant past, compliance was a profession that people with a background in law or research ‘fell’ into, given a few compliance-focussed tasks to undertake as part of another role. Today, it’s an industry in its own right and a

critical business function when it comes to safeguarding an organisation from risk.

With the pace of regulatory change increasing rapidly in recent years, compliance is arguably more important than it has ever been. We wanted to look into the drivers behind this rise in compliance and what this means for compliance professionals both today and over the next twelve months.

The Risk Advisory Group surveyed more than 200 compliance professionals from across the UK, Europe and beyond. We based our questions on discussions we had as part of our Women in Compliance group and we are very grateful to everyone who participated in this process. This report explores the results and discusses some of the key issues for compliance going forward, from the key geopolitical events set to impact compliance to the skill sets required to tackle these challenges. The results reveal an industry weighed down by growing levels of regulation, which is putting compliance professionals under increasing amounts of strain. This, combined with a shortage of the right skills coming into the industry, could see global businesses being put at risk.

What is evident is that managing risk and compliance is more complex than ever, requiring the right people, tools and processes in order to do so. We developed our new LUMA due diligence portal with this in mind.

We hope you find the report informative and welcome any feedback you have. For any information on how The Risk Advisory Group can assist your business with navigating risk and compliance, do get in touch.

Executive summary ...... 3

Key themes ................... 4

The end of an era ......... 6

About LUMA ................ 7

Appendix ...................... 8

• Data tables ................. 8

• About The Risk Advisory Group ........14

Contents

3

EXECUTIVE SUMMARY

What best describes the role of compliance

feel their business is more exposed than it was

two years ago

What would make the biggest difference to the compliance team'sability to protect the business over the next 12 months

38%More people with

the right knowledge of the business

16%More efficient

processes

13%More training in new areas

13%More support from the board

Keeping the business out of trouble

Developing policies & processes

59%

51%

69%

Protecting the company’sreputation

55% 41% 37%

Biggest external risks & challenges over the next 12 months

Geopoliticalevents

Increasedregulation

Data privacy/big data

Top Drivers of Compliance

Increased volumeof regulation

Fear of scandal and negative exposure

51% Increased scrutiny47%49%

#1#2 #3

think that compliance is more complex than it was two years ago

agree that the sheer complexity of compliance now represents a risk in itself. 15% of those strongly agree

78% 83%

59%

4

Brand guardians

A key finding from the research is that compliance professionals increasingly see themselves as brand guardians, tasked with upholding their company’s reputation. Indeed, when asked what best describes the role of compliance, the top response, alongside developing processes and policies, is protecting the reputation of the business (both 59 per cent).

In addition, 51 per cent say that the fear of negative exposure is a key driver for compliance in their organisation. Once again, this is the most popular answer - just ahead of increased regulation (50 per cent).

Compliance complexity

The results of our survey show that compliance is becoming so complex that compliance professionals are concerned about how the function will protect the business in future.

The majority (83 per cent) of compliance professionals feel that compliance has become more complex in the past two years, with a quarter agreeing that it is ‘much more complex’. It seems that many industry professionals are worried about this.

“ It’s a challenge to keep up with the huge amount of changes and to understand how every change can impact on the business.”

78 per cent tell us that the sheer complexity of compliance now represents a risk in itself, and increased regulation is cited as the biggest challenge facing compliance departments over the next twelve months (55 per cent).

As a result, 69 per cent are feeling more exposed to risk than they did two years ago and only 19 per cent feel very confident in their team’s ability to protect the business to the level required.

KEY THEMES

”

“

It’s probably already going wrong somewhere. ”

“

There’s a broader board-level understanding of compliance and how it can affect business reputation. Reputation is a key business asset – we now compete on high standards.

5

KEY THEMES

The year ahead

When it comes to what’s in store for compliance departments over the next twelve months, the survey highlights a number of challenges that lie ahead. 41 per cent cite geopolitical events as a key risk, with the EU referendum, the events in Russia/Ukraine and sanctions in the Middle East cited as the top three geopolitical events that could impact on compliance (29 per cent, 21 per cent and 19 per cent respectively).

Other external risks centre on the use of technology, with 37 per cent saying that big data and data privacy will pose a key challenge to compliance, 33 per cent concerned about cyber attacks and 22 per cent worried about the increasing use of social media. Over a third (34 per cent) cite anti-corruption legislation as being a key risk.

Politics is at the heart of everything – keeping on top of geopolitical changes and how they could affect the business is key to ensure business continuity.

Compliance people are business enablers so a solid understanding of the business and its strategy is key to bridge the knowledge gap and provide sound advice. New talent coming into the profession knows its way around compliance but they need to develop that vital understanding of the business in order to really add value.

”

”

“

“

All quotes are from members of The Risk Advisory Group’s Women in Compliance group

Compliance skills

Just 32 per cent of compliance professionals surveyed believe that new people coming into the industry have the skills required to succeed. This could potentially be explained by the fact that an in-depth knowledge of the business is believed to be the most important skill required for a role in compliance (72 per cent), which takes time to acquire, with knowledge of regulation coming in second (67 per cent). Compliance professionals

also say that more people with the right knowledge of the business would make the biggest difference to their team’s ability to protect the business over the next twelve months (38 per cent), followed by more efficient processes (16 per cent). It’s perhaps not surprising then that compliance professionals feel that more investment in internal training (70 per cent) would help ensure that the industry has the skills it needs for the future.

6

The headline figure that 83 per cent of compliance professionals believe compliance has become more complex in the last two years is not surprising.

Anti-money laundering, anti-bribery and most recently the Modern Slavery Act all impose obligations on organisations to understand at a fundamental level who they are doing business with - and that those entities are not breaking the law.

If corporations fail, balance sheets, boards and brands, as well as of course the silent majority of stakeholders such as employees and investors, can suffer the consequences of investigation and prosecution.

Nor is the risk simply domestic. As more and more governments seek to impose liability on corporations they can face investigations in multiple jurisdictions by multiple agencies as well as the plaintiff bar.

The recent appointment of Hui Chen by the Department of Justice as Compliance Counsel Expert demonstrates an intent by the prosecutorial authorities to understand at a granular level whether multinationals are paying

lip service to their obligations, or whether in fact they deserve credit for really trying.

As a compliance professional who has worked in challenging environments across the world in banking, pharmaceuticals and IT, she will certainly have a greater insight than most on whether corporate rhetoric is matched by corporate intent. Where the Department of Justice leads, others will follow. The era of paper compliance is therefore rapidly coming to an end.

So yes, the 83 per cent are clearly right.

But beyond pure “compliance” the fundamental challenge for business is to recognise that knowing precisely who you are doing business with is fundamental to commercial success. Viewed through this optic, value - not just cost - is added; and where boards see value, rhetoric becomes real.

THE END OF AN ERA

Bill Waite Group CEO

7

It’s clear from our research that compliance is becoming increasingly complex.

As regulation increases, companies are collecting more and more information about their business partners in order to assess risk.

Our clients asked us if we had a solution that would help them keep track of this ever-increasing amount of data and make them more efficient. This frees up time for them to focus on the difficult questions at hand and those looming on the horizon. That is why we developed LUMA.

LUMA is an online compliance portal that provides a single point of control for an organisation’s business partners, making it easier for compliance professionals to safeguard their company’s reputation.

LUMA centralises the data, provides an auditable trail of who did what and when, and is easy to interrogate, meaning that it is much easier to provide management and regulators with the information they need quickly.

It makes it easier to see that a company’s compliance process is working and evaluate risks that arise because of geopolitical events or industry issues.

The compliance landscape is evolving and will continue to do so based on these external risks and challenges. Compliance professionals need support that will do the same.

For more information on how LUMA can help your organisation, email [email protected]

LUMA

Rebecca Palser Global Product Director

8

The Risk Advisory Group surveyed 217 professionals who handle compliance as part of their current role.The survey was conducted online in October 2015.

Are you male or female?

Approximately how many people does your organisation employ?

In which region are you based for work?

Answer Choices Responses (%) Responses (no.)

Male 60.37% 131

Female 39.63% 86

Total 217

APPENDIX


0-99 27.65% 60

100-499 13.36% 29

500-999 5.07% 11

1,000 - 1,499 16.13% 35

5,000 - 9,999 5.99% 13

10,000+ 31.80% 69

Total 217


Australia / New Zealand 0.46 1

Central Asia 1.38 3

Europe 34.10 74

Latin America 0.92 2

North America 9.68 21

North East Asia 3.69 8

Middle East and North Africa 5.53 12

Russia 4.15 9

South / South East Asia 5.07 11

Sub-Saharan Africa 3.69 8

United Kingdom 31.34 68

Total 217

9

APPENDIX

Which of the following best describes the business sector you currently work in?


Advertising and marketing 0.92 2

Agriculture 1.84 4

Airlines and aerospace (including defence) 1.38 3

Automotive 0.92 2

Business support and logistics 0.00 0

Construction 1.38 3

Education 0.46 1

Entertainment and leisure 0.92 2

Finance and financial services 20.74 45

Food and beverage 0.46 1

Government 3.23 7

Healthcare and pharmaceuticals 1.84 4

Insurance 2.76 6

Manufacturing 5.53 12

Non-profit 1.38 3

Retail 0.00 0

Property 2.30 5

Professional services 23.50 51

Telecommunications, technology, internet and electronics 2.76 6

Transportation and delivery 1.84 4

Utilities, energy and extraction 13.36 29

Other 12.44 27

Total 217

10

Which of the following do you think best describes the role of compliance within your business? Choose three.

APPENDIX


It is much more complex 24.74 47

It is more complex 57.89 110

It has not changed 11.05 21

It is more straightforward 6.32 12

It is much more straightforward 0.00 0

Total 190


Developing policies and processes 58.95 112

Implementing new regulations 28.95 55

Advising management on regulatory matters 47.89 91

Protecting the company’s reputation 58.95 112

Helping the business make the right strategic decisions 49.47 94

Keeping the business out of trouble 51.05 97

Protecting the board from personal investigations 4.74 9

Total respondents 190


Increased volume of regulation 49.47 94

Increased scrutiny 47.43 90

Fear of scandal and negative exposure 50.53 96

Geopolitical activity and globalisation 40.53 77

Supply chain pressure 14.21 27

Rise in personal liability 20.53 39

Focus on compliance at board level 45.26 86

Fear of financial penalties 32.11 61


What are the key drivers for compliance within your organisation? Choose three.

Do you think that compliance is more or less complex than it was two years ago?

11

APPENDIX

Do you feel that your business is more or less exposed to risk now than it was 2 years ago?

What do you see as the biggest external risks and challenges facing your department over the next 12 months? Choose three.

A participant in our recent focus group said that the “sheer complexity of compliance now represents a risk in itself”. To what extent do you agree with this?


Strongly agree 15.26 29

Agree 63.16 120

Neither agree nor disagree 13.16 25

Disagree 8.42 16

Strongly disagree 0.00 0

Total 190


A lot more exposed 21.05 40

Slightly more exposed 47.89 91

No Change 19.47 37

Slightly less exposed 10.00 19

Fare less exposed 1.58 3

Total 190


Anti-corruption legislation 33.91 59

Cyber attacks 32.76 57

Big data / data privacy 36.78 64

Increased regulation 54.60 95

Increasing use of social media, leading to a blurring of lines between the personal and the professional 22.41 39

Geopolitical events 41.38 72

Skills shortages 25.86 45

Threat of another economic crisis 23.56 41

Personal liability 14.37 25

Other (please specify) 10.92 19


12

APPENDIX

How confident are you in the ability of your compliance team to protect your business to the level required?


Very confident 18.97 33

Confident 65.52 114

Not very confident 15.52 27

Not at all confident 0.00 0

Total 174


More staff 10.34 18

More people with the right knowledge of the business 37.93 66

More appropriate technology 10.34 18

More training in new areas 12.64 22

More support from the board 12.64 22

More efficient processes 16.09 28

Total 172

Which of the following do you think would make the biggest difference to your team’s ability to protect the business over the next 12 months? Choose one.

Which of the following geopolitical events do you think could have the biggest impact on compliance over the next 12 months?


US Presidential election 15.52 27

New Labour leadership 2.87 5

EU referendum 28.74 50

Middle East sanctions 18.97 33

Russia / Ukraine 20.69 36

Syria conflict 13.22 23

Total 174

13

APPENDIX

To what extent do you agree that the new talent coming into the industry has the skills required to succeed?


Strongly agree 1.15 2

Agree 31.03 54

Neither agree nor disagree 56.90 99

Disagree 9.20 16

Strongly disagree 1.72 3



More specialist degrees and qualifications 29.31 51

More qualifications developed in collaboration with the industry 54.60 95

More qualifications offering industry placements 17.24 30

More investment in internal training 69.54 121

A stronger pipeline of people coming into the industry 34.48 60

More industry-run initiatives such as mentoring schemes 41.38 72

More compliance role models 53.45 93


Which of the following do you think would help ensure that the industry has the skills it needs? Choose three.


Project management 9.77 17

In-depth understanding of the business 72.41 126

Communication skills 44.25 77

Credibility within the business 47.70 83

Leadership 29.31 51

Knowledge of regulation 67.24 117

Financial expertise / audit 7.47 13

Language skills 2.87 5

Legal training 16.09 28

IT knowledge 2.87 5


What do you think are the most important skills required for compliance? Choose three.

About The Risk Advisory Group

The Risk Advisory Group is a leading independent global risk consultancy that helps businesses grow whilst protecting their people, their assets and their brands.

By providing facts, intelligence and analysis, The Risk Advisory Group helps its clients negotiate complex and uncertain environments to choose the right opportunities, in the right markets, with the right partners. The company was founded in 1997, employs 140 people and has offices in Washington DC, London, Moscow, Al Khobar, Dubai and Hong Kong.

Contact usThe Risk Advisory Group 3 More London Riverside London, SE1 2AQ, UK

T: +44 20 7578 0000 F: +44 20 7578 7855 E: [email protected]

www.riskadvisory.net

the compliance horizon h… · critical business function when it comes to safeguarding an...

Documents