Compliance – Not Just a Necessary Evil, It’s Good for Business

Compliance gets a bad rap because it is immediately associated with laws, constraints, inspections, audits and penalties for those who don’t follow the rules.

Most organizations understand the importance of regulatory compliance in preventing unethical conduct and violations of the law. It’s the necessary evil that is mandatory, but it also sucks up valuable time, effort and resources from folks who would much rather be working on projects that innovate, inspire, and motivate. The word compliance in itself often conjures up thoughts of what organizations must do rather than what they want to do.  And let’s be honest – doing the right thing isn’t always fun.

Compliance, in truth, is about as much fun as going on a diet. Although eating healthy is an important part of a long and vigorous life, sometimes you just want to have that one cupcake and stray from the intended plan…even though the long-term consequences of repeated bad behaviour can result in an abandoned diet altogether.

Well, it’s not all bad news and there are ways to resist temptation. Regulatory compliance means much more than just eating your greens. It can allow your organization to become a lean, mean, high-performance machine. In other words, having an effective Compliance Program is not only the right thing to do, it also makes good business sense.

Establish Customer Trust and Brand Loyalty

Reputation matters. Gaining a reputation as an organization that fails to meet its compliance obligations can jeopardize customer trust and loyalty. In fact, reputational risk was cited as the #1 main driver for regulatory compliance in a recent AIIM survey, and twice as big a driver as avoiding fines and penalties. Reputational risk is so important that being transparent—even about your faults—will improve customer perception and can lead to increased stakeholder engagement.

Having a clear, effective compliance program makes it apparent to stakeholders that compliance is a top priority for your company. It shows your commitment to doing business the right way and to the highest ethical standards. According to Deloitte, top performing CSR (corporate social responsibility) organizations do not view ethical, social, and environmental initiatives as something that can be layered on to the organization. Instead, they make sustainability an integral part of their organization by integrating it into their brand.

Many consumers seek out and want to do business with vendors and suppliers who share their values and compliance principles. For example, when a company can demonstrate a conflict-free supply chain, stakeholders are reassured that the company is compliant and will impart confidence among suppliers, customers and partners, which c an help establish lasting and trusted business relationships.

Further, in addition to building a reputation as a good corporate citizen, having a well-documented and effective compliance program demonstrates your company’s expertise related to all relevant laws and regulations.

Improve Operational Processes

Regulatory compliance should not be viewed as simply a checkbox exercise but, rather, as something that can have significant, positive, secondary benefits on business operations:

Foster Best Practice Compliance can be used as a means of encouraging businesses to adopt rigour and best practice in areas where the inclination may be to cut costs and corners, such as privacy protection, good recordkeeping, and IT processes. There’s nothing like an upcoming audit or the possibility of a hefty fine to motivate an organization to review and improve its practices.

Increase Supply Chain Awareness Third-party compliance risk management is the most challenging aspect of an organization’s program for managing compliance risk, according to the 2015 Compliance Week Trends Survey . Regulations that mandate compliant supply chains force firms to take a hard look at their third-party community, which is a good thing. For example, KPMG points out that the Dodd-Frank Conflict Minerals rule could yield significant business benefits for companies that use it as an opportunity to better manage their supply chain ecosystem.

Establish Better Information Governance Good record-keeping is central to a strong compliance program. Business records provide the evidence to demonstrate compliance to regulators, auditors and the public. Having an effective Information Governance program means a company’s information assets are consolidated, categorized, and analyzed, leading to better strategic decision-making.

Attract and Keep the Right Talent An effective compliance program can improve a business’ ability to attract and retain highly principled and higher quality employees, improving employee morale, job satisfaction and retention rates. Job seekers are not keen on working for companies that do not take ethics and compliance seriously.

Boosts the Bottom Line

A number of studies have found that companies with strong governance and compliance cultures perform better than their counterparts. That’s a bold statement, and if you are skeptical check out these compelling studies:

  • Businesses with above average IT governance—that is, processes, procedures, and controls associated with how their IT systems and personnel comply with privacy and security regulations—realized 25 percent more profits than those with poor governance.
  • On the day Apple announced it was 100% tantalum-conflict-free, the media was quick to jump on the story, featuring Apple on popular tech blogs, the New York Times and many other media outlets. What did this mean for its bottom line? At the opening bell, Apple’s stock price was $535 and come market close, it was $544. At the time, Apple had 892 million shares outstanding. Thus, the resultant increase in market cap was (892 million x $9 =)~ $8 billion!
  • Companies that are able to link business risks with their strategic imperatives are more likely to achieve an annual profit margin of greater than 10 percent over three years, and better profit margin growth.
  • Ten companies with the highest five-year returns were juxtaposed with the S&P 500 (chosen as the benchmark). In an analysis of the five year period, the top ten companies using compliance software had an average total return of 247%, equating to a 28% compound annual growth rate (CAGR). Over the same five year period, the S&P 500 had a total return of 85%, which equated to a CAGR of only 13%.

Presumably, an organization that spends less time dealing with regulatory infractions has more time to focus on initiatives that improve competitive positioning and help gain market share. Another and perhaps more obvious conclusion to be drawn is that avoiding compliance penalties simply leads to a healthier bottom line.

In the area of data privacy and protection, for example, it’s estimated that non-compliance costs 2.65 times what compliance costs. One study found that the average cost of data privacy compliance is $3.5 million per organization, whereas the average cost of non-compliance-related issues was $9.4 million which included penalties, business disruption, lost productivity, and legal and non-legal fees.

Conclusion 

It is all too evident to most organizations that, like it or not, ensuring regulatory compliance is not only a mandated requirement but getting more and more challenging. The regulatory landscape is constantly changing and compliance requirements are becoming more stringent.

Like a strict diet, maintaining and following a compliance program can sometimes leave one yearning for more carefree (and tasty) days of past. However, there are many reasons why compliance is not only necessary but can also help ensure the longevity of the business. Because much like the adoption of a new diet regime, it seems that investing in a compliance program can be the start of an entirely new outlook on success.

Janet de Guzman

Janet is Director, Compliance Group in Product Marketing and is responsible for the go-to-market strategies for OpenText governance, risk and compliance solutions.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *