What are the main challenges organisations are facing when it comes to compliance? How has Covid-19 made compliance teams' already difficult jobs harder? And what can firms do to get on top of the workload and adapt successfully in an ever more uncertain climate?
In our latest webinar The future of compliance is digital, connected, and automated, our head of partnerships Anastasia Dokuchaeva sat down with governance, risk, and compliance expert Michael Rasmussen to discuss these and other burning questions about the future of compliance.
Here are the highlights.
Centralising policy management has never been more critical
"I think the big thing that's coming up," says Rasmussen when asked about the challenges he's seeing in compliance, "is that policy management is no longer just a back office function…
"Legal, HR, and other back office departments can devote a tonne of resources towards becoming knowledgeable about applicable laws and regulations, but that doesn't necessarily make an organisation compliant. The front office must be aware of those policies. And they have to be properly trained."
Compliance teams are under growing pressure to make sure employees understand what's expected of them and that the front-facing side of the business follows the rules, to the point where regulators now want hard evidence that this is happening.
The US Department of Justice, for instance, has issued guidance that requires firms to be able to show that their compliance programme was effective. Which means having a robust audit trail and system of record in place is key.
That's a huge challenge at the best of times. But with most organisations now having at least part of their staff working remotely — and a whopping 98% of respondents to a World Economic Forum survey saying they'd like to have the option for the rest of their careers — compliance teams need to find new ways to communicate effectively and document compliance.
"I think it's becoming clear that throwing policies haphazardly on file sharing software doesn't give you that audit trail and system of record that regulators need," continues Rasmussen.
"Many firms are finding out that they need a singular portal and view… in order to make sure all corporate policies and procedures are organised and consistent. In a work-from-home environment it's incredibly important to do everything you can to create a consistent company culture, and that starts with consistent policies."
RegTech awareness is growing, but...
With an ever growing workload, regulators' rising expectations, and the practical realities of remote working to contend with, it's no surprise that organisations are looking to technology to help streamline compliance.
But if investment in RegTech is rising — according to Juniper Research it'll make up 40% of compliance spending by 2023 — there's still limited awareness of what's available.
"From my point of view," says Rasmussen, "a lot of organisations don't understand there's a new generation of technology that can make policy management or regulatory change more efficient…
"Technologies like artificial intelligence and natural language processing read regulations a lot faster than people, for instance… but, unfortunately, particularly outside IT departments, firms are yet to fully realise the extent of the benefits tech can provide in this area."
As compliance becomes costlier and more labour-intensive, awareness will continue to increase. A recent report estimated the RegTech industry's compound annual growth rate at 19.5%, meaning it'll generate almost $22 billion in revenue by 2027.
But even with more awareness, Rasmussen rightly notes that technology isn't a silver bullet or a substitute for good judgement.
"There's a lot that can be automated, but there are elements that can't… artificial intelligence is still pretty young in some areas, and it needs human governance, review, and oversight. Machines can help speed up decision-making and increase its accuracy, but they can't make the decisions for us."
Risk and compliance are increasingly interconnected
One of main drivers behind the heightened interest in technology is that risk is having wide-ranging impacts.
Rasmussen explains:
"COVID-19 health and safety risk has created IT security risks as a result of people working from home. And working from home has created harassment and discrimination risks, because people might be saying things on Zoom which they wouldn't say in a boardroom.
"There might even be increased risk of bribery and corruption, because of import and export restrictions and the constraints we're seeing on supply chains right now... "
In such a dynamic environment, it's harder to keep everything in sync. This, argues Rasmussen, is why organisations need to start leveraging technology.
"If employees can find policies and information quickly instead of combing through 20 different websites, that makes their jobs easier.
"Technology also helps manage change more effectively. If an organisation has had to lay off staff because of Covid, for instance, and there are now 10 people instead of 20, they're going to have to wear multiple hats and take on more responsibility... As things evolve, we need to be able to make sure that people can understand how to do their job, particularly if that job's parameters have changed."
The bottom line is simple. We can no longer handle things manually. There's too much work to do, and manual processes don't provide the systems of record and strong evidence organisations need. We need systems and processes that reflect the increasing interconnectedness and dynamism of compliance.
Times may be tough, but the future looks bright
If 2020 has taught us a lesson, it's that having clear processes in place has never been more important.
"We're moving to a future of greater accountability for compliance," says Rasmussen, "so we need a structured approach...
"It has become very apparent that, with business being so dynamic … we need to be able to work together in a collaborative environment. We can't work in a linear format anymore."
The good news is that harnessing technology can help make compliance more manageable, so we can approach it strategically instead of being reactive.
Technology will still require human oversight, but it'll make things more efficient, save money and time, and make it easier for us to monitor and predict what could happen down the line.
And having more agile, adaptable, and resilient organisations is good for everyone — investors, employees, and consumers.
Want to learn more about how technology will make it easier for organisations to be more agile, efficient, and adaptable?
Watch our FREE webinar: The Future of Compliance is Digital, Connected, and Automated