Compliance Management: Repetition Rather Than Regulation

The increase in regulatory enforcement in India has catapulted the risk related to non-compliance to regulatory guidelines, and it is now on top of board, management, and audit committee agendas. With changing regulatory requirements and increasing costs of legal suits, fines and penalties, managing compliances successfully is increasingly gaining importance to enable businesses reduce risk from non-compliances, operational hinderances and reputational damage.

Earlier with changes in the Companies Act, 2013, and now with introduction of ‘NOCLAR’ (Non Compliance with Laws & Regulation) in the ICAI Code of Ethics , it’s getting increasingly important for senior management / board members to be aware of compliance obligations and manage them through a robust compliance management framework.

Only few companies with good corporate governance are able to build a comprehensive approach and overall compliance culture with a defined tone at the top. Such companies believe in ‘doing the compliance by repetition and not by regulation.’

Compliance officers are increasingly spending more time with legal teams as the changes in the legal framework are faster than ever before on account of rapid changes in the global business environment, technology, and political landscape.

Few industry voices captured through the Cost Compliance 2019 survey done by Thomson Reuters Regulatory Intelligence stated:  

Building a compliance culture

Organisations would need to believe, accept and integrate compliance as a key component of their culture. This would help in ushering many long-lasting impacts towards the success of its business.

Recent years have seen remarkable growth in the role of "Chief Risk Officers" across organisations, and today we foresee another role of "Chief Compliance Officer" to soon hit key decision-making tables. This will transform a compliance officer’s role, from being a regulatory requirement fulfilment position to a capable strategic adviser.

Following are key drivers for creating a successful compliance agenda:

1. Commitment from the senior management / tone at the top

Commitment from the Board and the leadership team drives many changes. Senior management needs to define / set the tone at the top, own the compliance management process and emphasize strict adherence on compliance during leadership meetings, while being personally involved in compliance reviews.

2. Understanding of compliances

Compliance related activities are done by junior personnel, but the impact of non-compliance is at the top. Many a time, the source of information and understanding of obligations at various levels within an organisation differs. Hence, a thorough understanding of compliances at all levels is important.

3. Review mechanism

Implementing a strong review mechanism is essential to identify gaps and take timely corrective actions. The review mechanism should consider the following:

• Clear communication on the expectations
• Ensure reviews happen as planned
• Discussions should be documented and followed up till closure

4. Recognising performers

Companies which recognise and incentivise performers for their adherence to compliances, would be better off on overall compliance management as compared to others. Compliance management should be included as part of a team’s annual KPIs.

5. Invest in strengthening the compliance management framework

Investments in processes and knowledge creation can be helpful if they are systematically stored and kept for replication and future reference. With advancement in technology, compliances can easily be managed and monitored online these days.

While many companies are monitoring compliances manually, few companies with good governance and tone-at-the-top have implemented automated solutions to proactively monitor regulatory compliances.

It has been a proved fact that prevention is better than cure and on the compliance parameter, preventive compliance is less expensive than non-compliance.