Cookies help us to understand you better. Browse on or click to
Embedding compliance into business processes
Changing the mindset at C-suite level that compliance is not a “tick the-box, rule based” process at the end of any transaction or activity is one of the greatest challenges around embedding compliance into business solutions says Kalane Rampai, Director at PwC.
Speaking at the LexisNexis Compliance Officers’ Seminar held in Pretoria in June, Rampai introduced the concept of embedding compliance into processes, discussed the cost of non-compliance and the critical enablers to compliance. He also focussed on the role of organisational culture in the process as well that of the Compliance Officer. “Embedded compliance is having appropriate and effective controls, performance indicators and reporting mechanisms strategically positioned in the core business processes of the organisation,” says Rampai. “This assists in ensuring that all key regulatory, strategic and internal requirements are satisfied – without jeopardising the expected performance of the business.”
“Failure to implement a new approach to compliance and operational risk management comes at a high cost to entities,” says Greg Chamberlin, Business Development: Compliance, LexisNexis South Africa. “These include non-compliance penalties, escalating litigation costs, brand and reputational damage all resulting in loss of public confidence and loss of revenue.” “We have seen an increased requirement for organisations to improve disclosure, accountability and compliance to meet new and stringent requirements set by government, regulatory bodies and societal demands,” says Rampai.
The solution is not costly one-off projects performed with spreadsheets and a vast accumulation of paper-proof compliance, rather it is embedding compliance strategies into business processes.This will reduce the time and manpower cost of staying compliant. Rampai emphasised 3 key steps that businesses and government departments should follow when making strides towards embedding compliance.
Set the correct organisational tone right from the top down
To achieve a compliance-supporting culture it is essential to get C-suite buy-in and convey a unified compliance vision and strategy, recognising and rewarding the implementation of core values. Board and senior management need to commit to ethics and compliance.
Organisations require a values-based approach to ethics and compliance. Clearly defined objectives, measurements for success and project management parameters along with effective up- and downstream communication will create a consistent approach to accountability.
Integrating compliance into individual performance measurement and reward structures directs organisation wide participation.
Integrate systems and eradicate duplication
Strategically position appropriate and effective controls, performance indicators and reporting mechanisms in the core business processes of the organisation. The fragmented nature of different departments within an organisation, each working within their own isolated organisational silo, drives additional spend to meet basic business demands and creates redundant efforts to meet compliance requirements.
Use data systems and technology to full capacity
Leverage technology using tools such as Lexis® Assure and Lexis® GRC to automate data analytics and manage complexity, enabling real time compliance, monitoring, reporting and response. The volume of business activities that should be monitored within an organisation can easily overwhelm existing resources. Using technology such as key risk indicator dashboards, scenario modelling, predictive analytics and statistical analysis work hand in hand to provide management with trends and fact patterns and preventative control mechanisms.
“Compliance is not an event, nor is it an activity,” says Rampai. “Relying on ‘business as usual’ just doesn’t cut it anymore. Organisations need to incorporate fresh thinking, new systems and innovative approaches to produce the expected results.”
About the Speaker:
Kalane Rampai is a Certified Internal Auditor by profession. He is currently employed as a Director at PricewaterhouseCoopers Advisory Services (Pty) Ltd in the Consulting division. Rampai specialises in strategy, systems and design thinking, business model architecture and transformational change, and has worked extensively in both the private and public sector. His experience in the public sector includes local government level, provincial government level, as well as public sector entities. He lectured Financial Accounting at the North West University for four years.