This may sound counter-intuitive to many of us.
Are the compliance tasks not additional work?
Is the compliance expense not an overhead cost?
The fact is top management spends lot of their own valuable time with the accountants, legal team and compliance officers to meet deadlines and fulfil compliance requirements.
There are instances companies miss the deadlines and as a result pay interest, fines and penalties, or face legal hassles.
In many organizations, compliance activities are carried out through manual process or inadequately designed process. Tasks are not delegated considering the confidentiality and complexity involved in the process.
This raises many important questions. How to overcome these challenges? What are the risks associated with non-compliance? How to build compliance culture within an organization? How to leverage technology to save cost and reap long term benefits? Can compliance culture bring competitive advantage?
Let me start with the risk factors.
In every stage starting from inception, running operations, capital infusion, business expansion, amalgamation, diversification or in extreme case bankruptcy and closure of business units, firms have to follow certain norms and guidelines set by government and regulators. For example, as per According to CII – Deloitte Report on Cost of Compliance in Manufacturing 2013, on an average, a manufacturing unit needs to comply with nearly 70 laws and regulations. Apart from facing multiple inspections, these units have to also file as many as 100 returns in a year.
This becomes sometimes complex and gruelling to follow through all compliance requirements related to corporate law, statutory audit and reporting requirements, labour law, Environment, health & safety laws, Direct tax and Indirect tax laws, and many others.
There is always a debate over necessity and intensity of those compliance requirements. I would write another blog on this. My focus here is on the consequences of any violation of those norms.
Non-compliance may attract severe fines and penalties
Global financial institutions have paid out over USD$36 billion in fines between 2008-2019 for non-compliance with Anti-Money Laundering (AML), Know your Customer (KYC) and sanctions regulations – as per a research report published by Fenergo.
The report says, 12 of the world’s top 50 banks were fined fornon-compliance in 2019. European regulators issued the majority of fines (46), US regulators issued 31 fines, with India (14), Taiwan (10) and Pakistan (8) being the most active regulators in the Asia Pacific region.
Corporate world has seen business disruptions due to compliance failure
India has come across its biggest corporate governance failure back in 2009 with a leading IT services company collapsed as a consequence of fraud, incorrect financial statement and wrong audit reports.
The Food Safety and Standards Authority of India (FSSAI) banned the sale of a popular noodles brand in 2015 across the country for non-compliance with FSSAI. The company later got permission after long drawn legal battle. Can you imagine the economic loss incurred by the company from the ban?
As per, CII – Deloitte Report on Cost of Compliance in Manufacturing 2013 – according to Indian Central Pollution Control Board (CPCB), only 71% of 2,526 large and medium industrial units in India’s highly polluting industries category were in compliance with the environmental norms. In 2010, about 476 such polluting companies were temporarily/permanently shut down due to environmental compliance constraints and the associated costs.
There are many such examples how a company may suffer from disruption and in extreme case shutdowns of operations due to non-compliance.
Loss of productivity
Sometimes non-compliance to internal policies may cause system downtime resulting into productivity loss. As per EY Global Information Security Survey (GISS) 2019-20: 53% of organizations experienced a significant or material breach in the last 12 months.6
Data breach may cause customer churn
Data privacy is a very complex issue, and the related laws are going to become more stringent in coming days. Companies may risk losing credibility and customer’s trust for any event of data breach. This may result into churn of customers and eventually loss of revenue.
Personal liability of senior executives
As per section 164 of the Companies Act, 2013, a director of a company which has not filed its returns for 3 consecutive years is disqualified to become a director in any other company for a period of 5 years. 7 As per Thomson Reuters report on Cost of Compliance 2019, senior management and board may come under increased regulatory scrutiny in several countries.
Non-compliance means roadblock of funding
For start-ups, non-compliance may create roadblock in funding, availability of bank loan and availability of government tenders.
How to mitigate these challenges? How to build strong compliance culture within the organization?
Firms have to align people, process and technology in this journey.
As a first step, companies should take employees along, as they are the people who will uphold internal and external compliance objectives. Employees are to be educated with knowledge and latest developments related to compliance and how it impacts on their role. This will sensitise and enable them to decide right tools and technologies to be adopted to build robust compliance culture.
Automate processes and workflows
Manual processes are error-prone, person-dependent and not scalable. Lot of compliance activities can be very well manged by introducing automation. For example, effective and transparent automated contract management framework can protect a firm from potential legal and financial risks associated with high stake contracts.
Data analytics for compliance
Increasingly, advanced machine learning and statistical algorithm will be used to detect policy violation, fraud or suspicious behaviours. This will also open up many other business growth and cost optimization opportunities for companies.
Cut down of legal charges
The obvious direct benefit of complying with laws is mitigating risk of fines, penalties, legal hassles or cancellation of license.
Firms that follow proper processes, strictly adhere to compliance and discourage any kind of improper and unethical behaviour can attract government authorities, investors, shareholders, partners, employees and customers more, and gain in long run.
Adding positive image towards employees, market, customers or public at large, and, thereby, building intangible asset is a certain by-product of following internal and external compliance.
Employee retention tool
Effective internal compliance of a company can be a motivating factor for employees to stick to the organization, because it acts as basic building block for safety, transparency and fairness.
Strengthening DNA of the organisation – can pave the way for paradigm shift
Proactive measures such as employee training, internal control, benchmarking and adoption of best practices will set foundation of robust framework for a future ready organization. Companies with strong access control, SOPs, processes and policies for remote operation have smoothly adopted work from home (WFH) situation imposed by COVID-19. Some of the Indian companies such as BPO and analytics firm EXL Service, insurance aggregator PolicyBazaar.com are now seriously considering WFH for long run as it gives them the opportunity of cost savings, convenience and productivity gains. Is it not a good idea?
Saving bandwidth of top management
With systems and processes in place, top management can make themselves free of anxiety related to compliance deadlines, verification of data, documentation and reports. Instead they may focus more on core operations and business growth.
All these add up to immense advantage for compliant companies…
A December 2017 study by Ponemon Institute and Globalscape (“Ponemon Study”) revealed that non-compliance costs 2.71 times the cost of maintaining or meeting compliance requirements.
The non-compliance costs come from the expenses associated with business disruption, productivity losses, fines, penalties, and settlement costs, among others.
As governments and regulatory bodies across globe are showing more interest towards latest technologies such as artificial intelligence and real-time big data analytics to enforce compliance, non-compliance is not an option any more.
Following sources have been referred to write this blog:
Research inputs by Manas Bairagi