Compliance still matters — whether you do business solely with clients in the US, or have clients overseas. At home and abroad, the regulatory climate is evolving. International regulation, in particular, can be complex and enforcement inconsistent.

Moreover, according to the 2017 Report on International Business Attitudes to Compliance published by London-based Control Risk Group Limited, the compliance playing field is extremely uneven. Being a bad apple does not always translate to bad business. According to the company’s 2015/2016 Report, “30% of respondents said they failed to win contracts (even) when there was strong circumstantial evidence of bribery by the successful competitor.”

The company’s 2017 report surveyed 1,000 legal and compliance professionals, nearly 40% of whom were in financial services. Key takeaways:

• The resources allocated to compliance will never be enough. Compliance teams will always be understaffed, budgets will always be embarrassingly tiny.
• Compliance needs a seat at the big table. Only 27% of the study’s respondents say their CCOs attend all board meetings.
• Technology matters — the report urges “better use of technology to maximize” the compliance team’s impact. It notes that the “greatest opportunities lie in risk-based, third-party management and fraud prevention.”
• Be proactive, don’t lock the barn door after the horse is gone. Whistle-blowing, the study notes, is still the most popular misconduct detection strategy (64% of respondents), while compliance audits (41%) and surprise fraud audits (18%) are distance runners up (suprise!).
• Consistency matters and few companies are globally consistent. According to the Control Risk study, while 55% say their global compliance policies are, in fact, applied globally without exception, 40% noted they have “local policy exceptions for gift-giving, 30% “permitted interactions with government employees,” and 20% permitted “facilitation payments.”

 Technology translates into low-cost compliance

With compliance budgets historically measly, and staffs small (even the largest companies may allocate $25/person or less to a compliance budget and have no more than a handful of professionals on their team), Control Risk recommends making “the best possible use of technology to maximize (the compliance function’s) impact.

The study reports that in the US, slightly more than half (58%) of compliance teams use technology for proactive monitoring compared to the global average of 53%. The study notes that “even small companies can make good use of technology, drawing on external service providers to focus on the external relationships that pose the greatest risks.”

 How do you measure compliance success?

Most CCOs evaluate the health of their compliance initiatives by the numbers — the number of non-compliance findings they detect during testing. This begs the question, the report posits, of whether a finding a large number of issues is a good thing or a bad thing. Finding exposures is a good thing. It can mean your compliance program is working. Conversely, lots of non-compliance could also mean that your companies compliance training programs…your written policies and procedures are not (working!).

The price of compliance failure

We write all the time about the cost of non-compliance, most often about financial penalties, legal costs, and reputational damage. The will to deregulate notwithstanding, many countries are watching. There is, of course, the US Foreign Corrupt Practices Act, the Serious Fraud Office in the UK, and France’s Sapin II law tightening anti-foreign-bribery regulation. The US Department of Justice’s Evaluation of Corporate Compliance Programs just issued in February its interest in an organization’s responsiveness to the warning signs of misconduct.

Are you compliant?

Procrastination is not a compliance strategy? Pay attention! Be prepared! Why risk even the smallest fines when compliance is so much cheaper! Especially when companies like Patrina are offering comprehensive compliance solutions and compliant data capture, file storage, and records archiving specifically designed for the financial services community.

It’s so inexpensive to do the right thing so that when the regulators call, you are ready. Let’s talk (212-233-1155). Don’t be pennywise and pound foolish. Be safe, secure, and compliant instead.