As our world undergoes rapid and dynamic transformation, the momentum behind the regulation of businesses shows no signs of waning. Suffice it to say, due to the fast-paced and interconnected nature of modern-day business terrain, the fundamental place of compliance cannot be downplayed. Consequently, a robust and comprehensive compliance model is not a choice but a fundamental imperative for any company, entity, or organisation.

While compliance is very costly, the only thing that is costlier is non-compliance. There is just so much at stake for organisations that compliance is a pressing need, more so in this fast-paced and interconnected business world today, more than ever. Entities have greatly put in the financial acumen to stay compliant, and by extension competitive. Despite the high stakes and a great allocation of resources, many firms are still grappling with compliance. This is largely due to companies not entirely appreciating the full width and breadth of what compliance entails. To do so, and retain the competitive edge, the 2023 Global Compliance Risk Bench-marking survey highlights fundamentals of compliance.

To begin with, compliance is not entirely an issue of adhering to laws and regulations. While adhering to rules and regulations is one aspect, there is more to compliance. Compliance embodies schemes to address anti-corruption and bribery compliance (ABC), handling of third-party engagements, response to risks brought about by employee-related risks, environmental, social and governance (ESG) practices as well as cyber and information security. An entity that has a holistic understanding coupled with a plan around the aforementioned aspects, maintains a competitive edge, regardless of how competitive and dynamic its area of operation or functionality is.

Key insights from White & Case LLP and KPMG LLP’s “2023 Global compliance risk benchmarking survey” include:

1. Regarding anti-corruption and bribery compliance, it remains one aspect that not all entities have given the needed attention. That notwithstanding, it remains a fundamental component of compliance. Regular and targeted risk assessments remain essential for this ambit, as they allow compliance officers to appreciate emerging forms that will potentially come up due to the dynamic nature of the business world today. There is a need to continually test anti-corruption and bribery structures put in place by an entity as this is a key indicator of hotline awareness and effectiveness and also allows the company to address possible employee concerns.
2. Third-party engagements are one of the most high-risk level areas. To stay afloat here, robust and clear outlines to govern such engagements are key. Fundamentally, third-party engagements should be designed in a manner that insulates a company from the potential risks that come with them.
3. Organisations need to take a proactive approach towards compliance. In doing so, it is fundamental to not only create and inculcate a culture of compliance but also take steps to entrench and sustain it. Periodic training for departments on various aspects of compliance is key in building and sustaining the culture.
4. Technology, disruptive as it is, could prove fundamental in the compliance task for companies. The use of data analytics, while still at the developmental stage, is gaining momentum in compliance programs. For companies that have put up such structures, real-time data to inform changes and new approaches is proving to be timely and meritorious.
5. ESG has become a key area of focus for companies. Nonetheless, there is still a lack of consistency on how entities approach ESG risks, which could potentially result in ineffective implementation of ESG programmes within an organization and cause uncertainty among employees. Additionally, there is a need to unpack ESG further and make it easily understandable to employees. One major highlight is that there is too much concentration on the environmental and social pillars, with little or no concentration on the governance aspect, making it necessary for entities to take a holistic approach towards ESG. Fundamentally, clearer guidance and communication are essential in navigating the complexities of ESG and ensuring successful integration into business practices.
6. With technology permeating every space, cybersecurity alongside information security takes centre stage for compliance strategies. Safeguarding data held by organisations and navigating the murky digital terrain and the threats that come with it has become more important than ever. Structures need to be put in place to respond to, recover, and manage such threats when they arise.

Fundamentally, organisations need to proactively address these compliance issues as a way of ensuring ethical business practices, mitigate risks, and to safeguard their reputation in an increasingly complex regulatory environment.

Compliance remains a core concern for firms in today’s dynamic and rapidly evolving business world. The amounts of financial resources firms have dedicated to compliance, coupled with the attention and personnel notwithstanding, compliance failures still proliferate.  This is largely because most companies still hold a binary view of compliance hindering adherence. The 2023 Global Compliance Risk Benchmarking Survey reiterates the reality that compliance is both dynamic and driven by efficiency, and if viewed so, firms are empowered to evolve past mere conformance and into wealth maximizing innovation and maintaining their competitive edge.