Compliance management: Perceptions Vs Reality

It is hard to have the right perspective about something you are not directly involved in. All of us are guilty of this at times. We ask for something to be done by a specialist and wonder ‘’why is it taking so long? What could that specialist possibly be doing?”, even though we do not understand what needs to be done.  

Almost every profession has some myths about them. Lawyers are a great example. If your exposure to lawyers is mostly from movies and television, it seems like their main job is to make dramatic proclamations in court and win cases with a hail Mary just when the case was about to be decided. In reality, lawyers spend most of their time with paperwork, and showing up to court only makes up for a fraction of their responsibilities.  

Similarly, there are stereotypes and myths within different industries as well. Many people in the financial sector regularly interact with compliance managers but they don’t really understand the job of the compliance manager. One of the core responsibilities of compliance managers is to correct non-compliance, which can even develop an adversarial relationship between the compliance department and other employees. 

Compliance management isn’t just about catching mistakes  

A lot of people only interact with the compliance department when they have done something wrong, which has resulted in people thinking that compliance managers mainly look for mistakes being made. Catching a mistake is just a part of the responsibility of the compliance department – it directly pertains to audits much more than it does to compliance. The hint for compliance management’s true purpose exists right in its name – it is all about managing compliance, not just enforcing it. 

What that means is that compliance managers don’t catch mistakes and don’t want to catch mistakes. What they really want to do is create a system in which mistakes are eliminated. Compliance managers are involved in the policies being created for every department within the organization. Their job is to make sure that the policies and business processes being used in the organization do not run afoul of any regulations or laws. They focus on the compliance framework.  

What is a compliance framework? 

The compliance framework is the totality of systems, processes, controls, policies, and tasks which the compliance department uses to ensure that the organization is being as compliant as possible, and any non-compliance is quickly detected and fixed. There is no fixed formula for making a framework – organizations add and remove parts according to their compliance requirements. The most essential parts of the framework are: 

The Compliance Team 

As expected, the compliance team is the most crucial element for managing compliance in any organization. Smaller organizations may be able to get by with just a single compliance manager, but any business that grows large in a heavily regulated industry will need a compliance team. Larger organizations have whole departments dedicated to compliance. This team consists of highly skilled employees who have niche expertise and know how to ensure compliance throughout the organization. The compliance team collaborates with different departments to make sure that everyone understands compliance requirements and performs their duties in a compliant manner.  

The compliance team is essential but is also a limited resource; due to the niche training and education required for the job, the pool of qualified potential employees is rather small, which means that these personnel have a significant effect on the compliance budget. Businesses cannot simply increase the team size every time there are compliance concerns, because the payroll expenses quickly add up and become unsustainable for a profitable organization.  

Compliance technology  

Every organization uses some sort of technology to manage compliance. Smaller businesses may use general purpose software solutions, while larger organizations tend to use specialized compliance management systems. These compliance management solutions automate many compliance processes. In the processes which cannot be fully automated, the systems help streamline the workflow and make everything easier to manage. 

These solutions were, until a decade ago, prohibitively expensive and were only used at large enterprises. However, the scenario has now changed, as many compliance solutions are now available on the SaaS cloud model and are very easy to acquire and implement. 

Any business that wants to succeed at compliance management will need to make sure that it has the right synergy between its team and its technology. There should be enough compliance experts to manage compliance across the organization and work with different departments of the organization. They should also have the tools that they need in order to work efficiently.  

This is the reality of compliance management – their job doesn’t exist to simply find faults. Their job is to use the right people and the right compliance technology to monitor and manage compliance activities across the organization.