CREATING A CULTURE OF COMPLIANCE: REGULATING BEHAVIOUR TO MANAGE FRAUD AND CORRUPTION RISKS
In February 2016, the chairman of the Australian Prudential Regulation Authority (APRA), Wayne Byres, informed a Senate Estimates Committee hearing that APRA and the Australian Securities and Investment Commission (ASIC) had each set up teams specifically to focus on “fixing corporate culture”. He went on to say that those teams would be sharing information about organisations, but acknowledged that “you can’t just regulate [appropriate culture] into existence”. Mr Byres saw leadership from executives as the key plank to improving behaviour within organisations. The difficulty for organisations is identifying ‘appropriate culture’ and, perhaps more importantly, knowing how to fix ‘bad culture’. Striking the right culture balance will be key to ensuring that regulatory compliance is adhered to and also key to minimising fraud and corruption risks.
Understanding risk culture
Assessing the risk culture within an organisation is a useful framework within which to assess the effectiveness of existing or proposed compliance programmes. In circumstances where the deterrent principle informs civil penalties for regulatory breaches, including bribery, corruption and fraud, assessing the culture of compliance has a part to play in the assessment of those breaches as well as in determining liability.
Apr-Jun 2016 Issue