For many, the new year is a time for new beginnings, new habits, and new ways of thinking. When the calendar flipped to 2018, I sifted through many posts encouraging readers to finally kick-start that fitness program, aim to become more productive, or mindful, or assertive.
However, there was one particular article that caught my eye. The writer, quoting a famous motivational guru, posited that asking yourself this one question could turn a bad situation around. Ask negative questions and you’ll get negative responses. Ask empowering questions and you’ll get positive responses that will empower you. That question is:
What’s great about this situation you’re not seeing right now?
Organizations everywhere wrestle with an ongoing challenge called regulatory compliance, every day. The very word compliance elicits immediate negative reactions; it represents obligations and effort. Politicians run on platforms promising to decrease regulatory requirements. Often seen as a firm’s internal police force and auditor, the compliance department doesn’t win many popularity contests.
So, in the spirit of asking empowering questions,
How can we turn regulatory compliance into competitive advantage?
First let’s look at the compliance pressures facing organizations in 2018.
We all know the value of having a strong compliance program in place to reduce the risk of prosecution, avoid financial penalties, and mitigate sentencing should there be a major compliance failure. However, we’ve also seen how effective compliance processes can have significant, positive, secondary benefits on business operations, and even drive competitive advantage.
Improved information management means better decisions
Regulation can be a catalyst for improved information governance, data analysis, and reporting, offering some valuable insights. Information management best practices that are often driven by compliance needs include:
- Conducting a big clean-up of obsolete content, including personal data that should have been disposed of when the purpose for collecting it was completed
- The standardization of naming, tagging, and classification of unstructured content, ensuring clarity around what things are, what they are called, and how they are described
- The harmonization of systems and creation of unified repositories, encouraging the retirement of outdated legacy applications
- Establishing good record-keeping and compliant records management practices
Organizations that practice good data management can uncover better information to make better decisions.
Increase customer confidence by demonstrating compliance leadership
Many customers seek out and want to do business with vendors and suppliers who share their values and compliance culture. We are learning for example, that environmental and social responsibility continue to play a greater role in companies’ success.
Surveying more than 53,000 consumers, the Natural Marketing Institute discovered that 58 percent of consumers consider a company’s impact on the environment in considering where to purchase goods and services and are more likely to purchase from companies that practice sustainable habits.
It works the other way too. Failure to demonstrate strong compliance practices can lead to loss in consumer trust and brand reputation. Sixty-four percent of consumers say they are unlikely to do business with a company where their financial or sensitive data was stolen.
Compliant companies win
In some cases, regulatory compliance can mean the difference between winning or losing the business. Protecting sensitive data for example is important from a compliance perspective, but when evaluating a cloud services vendor or managed services provider, non-compliance with the relevant security and data privacy standards and regulations is likely a show-stopper.
According to, Forrester, “DPOs and CISOs are going to require that every vendor that comes in contact with any customer data — from device IDs to social security numbers — is compliant with GDPR and ePrivacy. The requirements will be written into every RFI and RFP.”
Supply chain due diligence boosts the bottom line
A well-considered compliance program goes beyond the organization’s practices and extends to its third parties. Suppliers are causing more disruption and there are more incidents related to vendors including with information security, privacy and quality control. Regulators are also turning their attention more and more on supplier risk, challenging organizations to better manage their supply chain risk. For these reasons, third-party risk management continues to be one of the biggest challenges chief compliance officers face.
Assessing behavior of your third parties requires a deep dive into your supply chain, and it requires patience to follow the trail to the source. Companies that do this well come away with not only greater transparency in their own supply chain, but in their suppliers’ supply chains, as well. And this visibility and tracking promotes smarter working terms, improved efficiencies, and cost savings – which all affect the bottom line.
And now you know
A comprehensive compliance program, enabled by technology, can drive revenue, increase performance capabilities and organizational resilience.
Of course, there will be costs associated with starting or enhancing a compliance program. However, it is the experience of many companies that from a cost/benefit stand point, investing in compliance drives both competitive advantage and shareholder value, and just makes good business sense. Happy 2018!