Risk and Compliance Management is more important than ever before as companies across the world become ever more active in GRC. What’s behind this movement? I see several drivers of this trend:
- Customer confidence is one of the most important assets for any company and it must be protected. Trust can be lost quickly. When companies violate regulations or generally accepted values, they are often faced with a massive loss of reputation. Media is quick to cover such stories and news spreads instantaneously to customers who, through social media, can make their own impact after being disappointed by a company’s negative behavior. In a crisis, companies have little time to react effectively. Being proactive through identifying and addressing problems early on before they negatively impact a company’s reputation is absolutely key.
- Investor confidence is just as important. Investors entrust capital to the company in the hope of adding value. They seek to minimize risks as much as possible and therefore expect appropriate precautions on the part of the company. Negative examples of companies losing investor confidence aren’t hard to find. Volkswagen’s stock fell by almost 50% in just a few days when their Diesel scandal made news. It took 755 days for their stock to recover to pre-crisis levels.
- Company employees are another key factor. A company’s success or failure hinges on its employees. Qualified staff is currently rare and competition to fill jobs at a peak. Accordingly, employees have a strong position, which leads to rising expectations in the workplace. Employees expect responsible business practices, making active Compliance Management key in the competition for qualified personnel.
- Finally, regulators and auditors are keen to prevent violations and keep markets stable. They are focusing more and more on transparency through new mechanisms to ensure it. Regulations are increasing worldwide. Sanctions for regulations violations will be tightened as a direct result. For example, in the course of implementing the new Market Abuse Regulation aimed at ensuring transparency in European financial markets, violations of insider law were threatened with penalties of up to 15% of company sales!
Whether with or without regulation: more and more companies have realized that they need to adapt and invest in this area. A Gartner study confirms this, pointing out the demand for software solutions will see strong growth.
Compliance Management Pays Off
For companies, this initially entails additional work. You have to deal extensively with regulations and take appropriate action to adhere to them. There are also a variety of national and international guidelines that must be followed. The EU does not yet have uniform standards on all issues and member states act disparately from one another. Keeping a clear overview is challenging, especially for internationally active companies. Legal and compliance departments have their work cut out for them. But it is an effort that pays off, particularly in light of strict penalties. One fact of particular interest to companies: in some countries (e.g. France and the UK), the existence of an effective Compliance Management system helps to lessen legal damages and culpability in the face of non-compliance. Germany’s Federal Court of Justice (BGH) also confirmed this penalty-reducing effect last year in a legal judgment.
GRC stands for Governance, Risk Management and Compliance.
My Tips for Effective and Efficient GRC Management:
- Actively engage with GRC. Whether with or without regulations, this topic must be on the agenda of every company.
- Exchange with like-minded people or experts. You do not have to face the challenges alone. In our blog you will find advice on Compliance issues.
- Invest your money sensibly: "software as a service" solutions are made to manage a wide variety of GRC requirements and usually lead to faster implementation. In addition, you benefit from sharing the cost of service and continued development with many other customers. Above all, SMEs quickly and cost-effectively achieve their ends.