In today’s world, the fitness of compliance and risk professionals is being tested like never before. Like the surfers who founded ServiceNow, we must find ways to get ahead of each new wave of federal and global regulations and ride as gracefully as we can—or wipe out. The key is to be proactive rather than reactive.
No matter the regulation or resources at one’s disposal, the basic principles of establishing a strong compliance practice cannot be ignored.
In the summer of 2022, the European Union (EU) updated its whistleblower requirements and policies. As a result, global companies like ServiceNow must handle issues raised by EU employees differently than those raised in the U.S.
From the General Data Protection Regulation (GDPR) to the upcoming EU Data Act to the recent U.S. Department of Justice guidance on corporate compliance programs, regulations affect all global companies and their customers.
At ServiceNow, we must continually assess local, regional, and global impacts of legislation. Otherwise, we’ll be out of compliance when a new regulation rolls out.
No single team can ensure compliance and control for risk on its own. Capabilities must be tapped and harmonized across the organization.
At ServiceNow, we’re fortunate to have legal, government relations, and regulated markets teams that track rules and regulations, talk to customers, and monitor upcoming waves. These teams gather and share information so that we can make quick adjustments on the fly. We work together to ensure we have the systems and workflows in place to maintain continuous compliance.
Risk appetite must be balanced with risk tolerance. Businesses should take risks that could have positive impacts and mitigate risks that could have negative repercussions.
At ServiceNow, our policies and procedures are designed to prevent violations of regulations. Where gray areas exist, we have room to innovate, as we work to define what a 21st-century compliance culture should look like.
In today’s working world, which extends beyond office buildings, it can be difficult to pick up cues or sense red flags. We miss out on spontaneous conversations and casual exchanges of information. In lieu of this, we must rely on data.
Our teams use the ServiceNow integrated risk management (IRM) regulatory compliance framework to help us manage changing regulations, strategize compliance policies, and identify addressable gaps. IRM is critical in helping us focus our efforts. It spares us from duplicating work and brings crucial information to everyone who needs it.
We use other Now Platform capabilities and the ServiceNow C-suite dashboards to instantly get a sense of what’s happening across the company. We can see metrics in real time, sales by location, high-risk partners and their locations, complaints and their origins, and much more. ServiceNow solutions let us be in rooms we’re not physically in and provide access to pertinent information.
Technology also gives us a leg up on data governance, a practice area that all industries are prioritizing and elevating. Because all our data resides on a single platform, we know how to find it. It’s at our fingertips, on demand.
Like the sea, global regulations are ever changing. Being a good surfer is about pairing solid technique with state-of-the-art technology that supports speed and efficiency.
We can’t always know the exact character or magnitude of the next wave, or if it will throw us underwater. But we do our best to ride with grace by getting ahead of each wave—and we’re nothing but stoked about it.
Find out more about how ServiceNow helps organizations get ahead of global regulations.
© 2023 ServiceNow, Inc. All rights reserved. ServiceNow, the ServiceNow logo, Now, and other ServiceNow marks are trademarks and/or registered trademarks of ServiceNow, Inc. in the United States and/or other countries. Other company names, product names, and logos may be trademarks of the respective companies with which they are associated.