USING TECHNOLOGY TO IMPROVE GOVERNANCE, RISK AND COMPLIANCE
RC: Broadly speaking, how would you characterise the regulatory pressure that companies face in today’s business world? How has this dynamic evolved in recent years?
Baccouche: Clearly firms have come under tremendous regulatory pressure since the financial crisis in 2008. In addition to addressing the causes of failures uncovered, there is obviously a marked change in public interest – for example, socio-political and media – that is increasingly driving the regulatory agenda. This dynamic has shifted in many ways. The key aspects of the new normal are threefold. First, the long reigning shareholder-centric approach to designing and building business models and strategies is being disrupted. In its simplest form, creating value can no longer be confined to just measures of growth in profit and loss or balance sheet. Customer value and market impact have to be measured in more tangible ways and form an integral part of strategy-setting and business planning. Second, compliance practices need to be transformed from the outdated ‘three lines of defence’ structure. The financial crisis coupled with seemingly never ending headline-grabbing news of misconduct has clearly demonstrated its limitations. The functional view of compliance as facing off to the regulators and dealing with their ever-increasing requirements will not suffice. Embedding strong systems of governance and culture has to go beyond committee formations and policy and procedure documentation. Core business processes will have to be re-engineered where compliance can be demonstrably evidenced across the entire organisation. Third, the reactive response to compliance ‘events’ from both regulators and regulated firms has proved insufficient. The framework is now outcome led and judgement based. The initial market perception was that most of these newly flagged and ill-defined nuances would fade away with time, but the trend has proved to be more profound. With ‘future proofing’ in vogue, the mindset is moving from ‘what went wrong’ to ‘what could go wrong’. Judgements will be based on assumptions and projections as opposed to facts. These trends are leading firms and regulators into uncharted territory. The evolving framework will not only test firms’ traditional views on governance, risk and compliance but will ultimately shake the traditional roles of internal audit, legal, compliance and the underlying silo-based organisational structures.
Jan-Mar 2014 Issue
Parker Fitzgerald Ltd