Compliance has a cost. But non-compliance can be costlier. It could run into millions and billions as in the case that Ford Motor Co. is currently fighting. Ford Motor Co. said in June 2021 that it could face up to $1.3 billion in penalties in a long-running dispute over import duties paid on Ford Transit Connect vehicles due to a disagreement over whether some imports qualified as passenger vehicles or not. There are other examples of fines levied or fights in the court of law on the Compliance issue that included large organizations such as Google, H&M, British Airways, and Marriot International Inc. Under the new European GDPR data protections laws, organizations can face fines of up to four percent of its global annual revenue. According to an article by Forbes, The average Foreign Corrupt Practices Act (FCPA) penalty in 2017 was more than $66 million, and the average in 2018 was more than $180 million. The Compliance function forms the backbone of any organization. Compliance with federal, state and local rules and regulations is absolutely essential. It could be a matter of survival for the organization. Good governance implemented through well thought out internal systems provides the framework for ensuring timely and efficient Compliance. The survival of an organization depends on how well that organization is complying with the rules and regulations that apply to it. A non-compliant organization faces the risk of legal actions, financial loss, hefty penalties and business disruptions. Non-compliance is not only embarrassing but it can also shake the trust customers place in the organization’s reputation. British Airways accepted that the data breach occurred between Aug 21 and Sep 05, 2018. Apparently, the credit card skimming malware installed by hackers on British Airways’ website a few months ago was to blame for a data breach of over 380,000 credit cards. A vigilant Compliance Officer and strong internal control systems could have saved this data breach that exposed the financial and personal details of the customers. As you can see, a Compliance Officers’ impact cannot be over-emphasized. They help navigate an organization through the complex web of rules and regulations. This requires them not only to be aware of the compliance requirements, but also have the vision and ability to set up appropriate governance policies and systems. Their responsibilities can be divided into the following broad areas: Program Management
- Compliance Officers have to be knowledgeable about the industry to which the organization belongs. They should have strong knowledge about the rules and regulations in the industry and their applicability to the organization.
- They have to develop a Governance framework that serves to meet the Compliance requirements of the organization.
- Laws and external environment constantly keep changing. Compliance officers have to track them to evaluate their potential impact on the organization and ensure that any new requirements are incorporated in organization governance framework and policies.
- As part of the Compliance Program, their responsibility is to assess the associated risks and manage them.
- Compliance officers are responsible for implementing Frameworks and Programs to ensure Compliance and managing them throughout their life cycle. They have to build systems that will help meet the current compliance requirements; systems that enable teams manage compliance related tasks, provide timely alerts to the teams involved in order to ensure Compliance. Most importantly, these systems should provide information to effectively and efficiently manage the status of the Compliance in the organization.
- Implementing frameworks, systems and programs to ensure compliance is not enough, Compliance officers have to provide timely evidence of the same. They have to ensure that the required returns are filed along with the necessary documentation and evidence; and that any queries from the regulating agencies are answered satisfactorily.
- Communicating with employees, executives and other stakeholders to ensure that they understand and fulfil their roles from the governance and compliance perspective forms an integral part of Compliance Officers’ responsibilities.
- Compliance officers are the legal face of the organization. They coordinate with federal, state and local regulating agencies.