Seeing the full picture
For years, compliance strategies for organizations- if there were any- were all about complying with norms and regulations which the authorities had thrust upon them. All they had to do was make sure that the statutes were complied with! With changing times, the best of organizations moved away from this mindset and went “Beyond Compliance”.
One would ask,“Is there any point for an organization to do more than meeting basic regulatory requirements?” While only a few companies evolved to adopt this mindset, they could clearly see the difference in their profitability and long term strategies.
Nowadays, a variety of stakeholders are setting their own standards. Obviously, the definition of “compliance” is getting a lot more complex. The government will surely play an important role and its regulations will only get stringent , but other stakeholders and their demands will matter far more to your organization’s success. Verizon has set energy performance standards for suppliers of its telecom equipment. Wal-Mart has set tough restrictions on toys with respect to heavy metals, surface coating etc. This certainly gives them a competitive edge over other players in the industry. For these global brands, the logic for setting tight standards is impeccable. Non-compliance does not affect only the toy business, but the retailers as well.
Demands of the stakeholders
It is always better to go beyond what the government is asking for. Consumers might have more subtle, harder-to-measure standards. The employees (current and prospective) might have demands which the organization is not ready to meet! If your biggest customers, your end users, your employees, or other influencers set a variety of new benchmarks– specifically measurable or not, then an organization has no choice but to go ahead with the demands!
Yet, executives across the globe are not in favor of going beyond compliance due to the following reasons :
- Personal Challenge – They find it difficult to cope up with implementing and tracking constant regulatory challenges.
- Need for new systems – The constant change in regulations demands a system which keeps them updated and on their toes. Hence, automation has become a key to success and many organizations are not ready to adapt to new technologies. Building such robust GRC system is proving to be a complex process. Eg. MetricStream, VComply etc
- Lack of compliance specialists – More than half of the new hires in London last year were compliance staff! Yet, no one can guarantee the outcome of the hiring.
Today, rule books alone won’t ensure compliant behavior. The checklist method is a redundant practice which does not deal with the gray areas of Governance, Risk and Compliance. Thus, the letter of the law is not sufficient to provide robust guidance. Miscommunication and mismanaged policies may have an adverse impact on profitability of the company.
The new US White Paper classifies companies in 4 parts –
Leaders – They move ahead of the value curve by being proactive. They recognize the value of sustainability and focus beyond mere compliance.
Challengers – They limit their activity to islands of excellence.
Niche – Companies falling under this classification do not have the vision to move beyond compliance and thus, fail to see the big picture.
Laggards – They focus on the checklist method. They do not understand the impact of GRC on an organization’s ROI and thus, fall behind the value curve.
GRC – An opportunity
Evolving beyond compliance has many benefits. They are often left unquantified. Thus, companies should look at the growth prospects and the opportunities which open up after adopting this point of view. Its up to you to decide your future course of action.
Simply saying “Let’s just tick this off” equals to “Let’s not grow”!Add to favorites