The hidden value in getting compliance right
Illustration © Lo Cole 2020
For organizations managing through a crisis, trust is paramount. Employees and customers need to know that leaders are able to guide them through uncertainty and make the best decisions possible, and leaders need to know that the people executing their decisions are doing so in earnest, to the letter of the law. Of course, organizations must also look ahead to the post-crisis world, in which trust remains critical, but they’ll also need to identify efficiencies to support recovery.
Related stories
The good news is that there is a part of the organizational structure that can help build trust and drive efficiency: compliance. The importance of compliance itself isn’t news. In a trust-based world, the brands, products, and services perceived as trustworthy are highly effective at attracting and retaining customers. Many leaders have also learned that one key breach can be very costly, to both their organization’s profits and its reputation. And they are keenly aware of the complex regulatory landscape they face. In PwC’s 23rd Annual Global CEO Survey, 36 percent of chief executives in a range of industries reported being extremely concerned about overregulation, ranking it the top threat to their organization’s growth prospects. (The survey was conducted in the fall of 2019, before the coronavirus pandemic took hold.)
Still, these same leaders may have yet to connect the dots. There is a widespread tendency to react defensively and meet the minimum legal requirements — to accept the traditional view of compliance as a cost of doing business. But elevating compliance to a position of strategic value can be a game changer in today’s world. It can increase not only the top line During uncertain times, when trust is of even higher value to customers, regulators, and staff alike, organizations that build trust into their brand, products, and services will generate loyalty. They will enhance their reputation and resilience and meet broader obligations to society at large.
Complexity and uncertainty
Taking a deeper look at PwC’s Global CEO Survey data, we see that of the CEOs in this year’s survey who were extremely concerned about overregulation, 58 percent said industry-specific regulation was top of mind, followed With respect to climate change, 30 percent of CEOs strongly agreed that their organization’s response would bring them reputational advantage. But only 17 percent strongly agreed that their organization had assessed the potential risks, such as carbon regulation. CEOs were also conflicted when it came to the Internet; 51 percent believed that it will bring people together, but 71 percent anticipated increased regulation of content.
To be sure, the demands placed on organizations Moreover, these costs are spread throughout an organization, including customer-facing departments such as sales, back-office functions, and IT. And it’s not just expenses that are widely distributed. The teams that manage the many compliance obligations don’t sit in one place within the organizational structure, and seldom is there a single “owner” with a holistic view of the organization’s compliance activities. As a result, it’s been difficult to minimize the impact of compliance on customer experience, culture, and cost.
When taken together, these factors often mean that organizations are regularly experiencing compliance failures. These may come in the form of major incidents, in which compliance failures significantly affect an organization’s reputation, or in the form of highly burdensome and often manual compliance processes that constrain the customer experience, increase the costs of compliance, and damage the internal culture, for example, As CEOs take in this complex regulatory landscape, contemplating how to prepare their organizations, the time has come for a major attitude adjustment toward compliance. Those saddled with diffuse, costly, and ineffective approaches should begin Organizations that shift compliance from a cost of doing business to a position of strategic value can generate significant competitive and cost advantage, and build trust..
Compliance is aligned with strategy, purpose, and values. Start Consider Preem, Sweden’s largest fuel company. It expanded its operations in Norway, which had recently adopted legislation offering excise duty savings to organizations with sustainable biofuel usage that met European Union targets. The challenge for energy organizations operating in Norway is that sustainability regulations and excise duty regimes are administered Compliance processes are designed with the customer in mind. Trust is key for organizations that want to compete effectively, and trust is strengthened through reliable compliance (and damaged badly Automotive OEMs and retailers have made huge investments in products, promotions, and customer care, but the effectiveness of such efforts doesn’t often meet the organizations’ expectations because so much depends on retailer performance. At Jaguar Land Rover (JLR) China, which operates in a joint venture with Chinese automaker Chery, the use of a cloud-based digital retailer evaluation system has enabled the company to quantify retail marketing performance and control potential risks that emerge in implementation. JLR has focused on validating and analyzing retailers’ behaviors and data to ensure they are complying not just with laws and regulations, but also with the parent company’s market and sales strategy. For example, a marketing management and communication platform now supports data sharing across different management levels, and intelligent and automatic tools have increased efficiency. Armed with these tools, JLR has been able to strengthen its brand, empower its network of retailers, and meet localized customer needs.
Compliance processes are enabled
Consider, for example, an organization that has long struggled with the effort needed to comply with various tax obligations and compliance filings. Many of its tax processes, in particular its data gathering and reconciliations, were traditionally manual efforts using spreadsheets. But a tech-enabled transformation could make its tax data fit for purpose. In this new system, data would be extracted from an ERP system, stored in a centralized location, tax sensitized, and then fed into compliance applications to help comply with corporate income tax, withholding tax, and value-added and indirect tax filings. Along the way, the organization could also standardize and automate processes, resulting in time and cost savings, reliable data, accurate filings, and an overall reduction in risk. Moreover, the effort would provide data that leaders could use to develop insights and analytics to further reduce risk and exposure.
Compliance processes are built using human-centered design principles. Compliance design, like many other aspects of business, can be positively influenced The supermarket chain Coles, for example, which has about 30 percent of Australia’s grocery market, focuses on human behavior when it conducts compliance audits in the area of food safety. The audit team observes employees’ behavior rather than simply checking the outcome; for example, the auditor assesses team members’ behavior during food preparation to confirm that they follow food temperature and safety monitoring processes throughout. If the auditor simply checked the food’s temperature before sale, this would give only a point-in-time view of the outcome. The data from these and other observations regarding customer and staff safety is captured in Coles’s auditing app. Each month, the audit team meets to discuss the dashboard analytics and determine which stores and locations tend to have more problems. The goal is to look for trends in the data, identifying which areas the teams most struggle with; these areas might indicate an underlying breakdown in process or an opportunity for improvement. The depth of data collected allows the audit team to draw insights and recognize connections among trending issues. The team can then provide these insights to Coles’s internal assurance team in a way that can be communicated to operational stakeholders in order to drive change in behaviors and outcomes.
Compliance activities are predictive, preventive, and proactive. Trust takes years to earn but can be lost quickly, so preventing compliance failures is vital. One of the more common ways compliance failures occur is through a lack of readiness for emerging regulatory developments. In complex multinationals, achieving system-wide preparedness can be particularly challenging, but a number of organizations are starting to use regulatory horizon-scanning tools, leveraging third-party databases that track regulations and proposed changes to them, to provide advance notice of new compliance requirements.
Overall, the availability of data and use of technology across all aspects of an organization are making the prevention, or real-time detection and correction, of compliance breaches a more realistic proposition. Organizations that have access to rich data sets can leverage the predictive capabilities that data provides to understand where compliance pressures and risks may be increasing. Process animation tools and advanced analytics are also creating opportunities to observe patterns of behavior and potential emerging challenges in processes and detect where the organization is approaching compliance thresholds.
The availability of data and use of technology across all aspects of an organization are making the real-time detection and correction of compliance breaches a more realistic proposition.
Large organizations that operate in multiple territories and businesses, in particular, face a constant challenge in meeting complex regulatory requirements — which can lead to a more reactive approach. Their legal teams spend a considerable amount of time deciphering these requirements and helping the business teams understand and comply with them. Emerging economies’ constantly changing compliance regimes are an additional challenge. One organization confronting these issues implemented a technology-enabled solution to enhance its compliance monitoring capabilities in India. The company is now able to clearly list compliance obligations, track updates, define the roles and responsibilities of the stakeholders involved in ensuring compliance, and identify challenges in a timely manner. The program has proved to be so successful that company leaders are now expanding it to other businesses within the Asia-Pacific region.
When defined by the five design attributes above, compliance is no longer something abstract, burdensome, or stifling. Just the contrary: By approaching compliance in a more risk-focused and tech- and data-enabled way, supported by human-centered design, organizations can grow and become more innovative, confident in their ability to provide the protection that their people, customers, stakeholders, and society need. This transformation is perhaps more critical than ever. Because today, the only truly solid currency is trust.