Latest Products

Compliance and Strategy: the business power couple

Wednesday 27 September 2017

by Naomi Burley, Managing Director, GRCI

There is no better time to think about the current place of compliance than following on from
National Compliance Officers Day, which was founded by SAI Global in 2016. Did you receive your ‘thank you for keeping us all in business’ cards from your grateful board and management yesterday? Hopefully some of you did! The reality is that most of you probably didn’t even know you had a day of appreciation.

Unfortunately, what twenty one years as your compliance professional association tells us is that things have moved at glacial speed for compliance professionals. In terms of the business and (even regulators) understanding the actual purpose of the compliance function and value of its contribution to organisational success. In fact, at a conference (not GRCI’s!) earlier this year it was suggested that the emphasis that financial services places on compliance could be seen as a cause of unethical behaviour, because so much effort is being expended to maintain the financial licence. Yes, we know, it was obviously NOT what someone who has actually spoken to a compliance professional would say.

The fact is, no one likes to be told how to run their businesses and what they can and can’t do. Unfortunately for the compliance function, organisations relate to you often as the internal representation of the external regulator.

In a time when the regulatory landscape is changing and tightening, business disruptions contribute to the insistent flux of change and regulatory impact to compensate for all this innovation, compliance professionals still find themselves having to fight for resources to build compliance frameworks that will ultimately benefit the business – if only they could see the benefit!

The profession is not static, and the regulatory technologies that are coming to market, are helping change what the role of compliance professional really is, and giving compliance professionals time to look at the big picture of what compliance could be and how it can further benefit an organisation.

Rebranding? Or standing still?
At the recent ASIC RegTech Showcase event ASIC chairman, Greg Medcraft, suggested that compliance needed to change its name to something else, because the use of the word  ‘compliance’ itself sends the wrong message.

This is not a new idea, GRCI has debated this in our regular publications and at our conferences and events. Let’s face it, the word ‘compliance’ has legacy meaning, which has been overlaid with regulatory pressure, the threat of penalties and compulsion to ‘comply’.  

Annette Donselaar from Chubb Life, and longstanding member of the GRCI, suggested at the GRC2016 Conference suggested that compliance professionals probably needed to rebrand themselves as something else. She also suggested that they needed to change the name of the three lines of defence to the three lines of responsibility, because in the end it is the business that ultimately responsible for compliance.

However, does the rebrand really mean a name-change or does it mean challenging and correcting the narrative that exists around the word ‘compliance’? After all this time, it’s unlikely that the name will change, so we need to work with what we have got and make it mean above and beyond meeting those external regulations.

Supplementary to this, GRCI is part of the International Federation of Compliance Associations (IFCA), made up of eight compliance professional associations globally, with further bodies applying to join from Germany, Chile, Columbia and the Caribbean. Internationally ‘compliance’ professional is the accepted term for who we are and what we do. Despite the term not being the ‘sexiest’ we could possibly hope for, this means that globally there is an understanding of the function and its integral place in business.

If there are limits to compliance, it exists only in the narrow perception of what compliance is or can be. Our GRC2017 conference theme of ‘audacity’ is a challenge to create a fresh window into what you do and the value you provide to your organisations. If McDonalds (a fairly pedestrian name) can become synonymous with more than its founders
flipping burgers, and Coca-Cola can represent a ‘fun lifestyle’ and not just a caffeinated beverage, why can’t we take compliance – which provides tangible value already and isn’t an illusion of marketing genius – and communicate a new message?

In response to Medcraft’s statement Rebecca Lim, Head of Compliance and General Counsel at Westpac, suggested that compliance was about trust and empowering the business to do the right thing by its customers. Why shouldn’t this make sense to everyone? You can’t fake the behaviours that build true and ongoing trust, and compliance based on fundamental values can provide more substance to your brand than any clever marketing or social media strategy can.

Lim’s vision is the perfect marriage of compliance and strategy that even questions whether they should be considered to be separate all. Maybe the real future of compliance is adjusting the narrative to see the interrelationship between strategy and compliance.

Although, on that note, harking back to the earlier point about a name change, perhaps we should take a leaf out of popular social media and treat them like the power celebrity couple they are: comptegy or stratliance anyone?

Happy Compliance Officers Day and I hope to see you all at the GRC 2017 Conference.

About the Author 

Naomi Burley, Managiung Director, GRC Institute