Latest Products

Regulation and Compliance Reconsidered-Part 1

Tuesday 3 July 2018

* This article was originally published in the Winter 2018 Edition of the GRC Professional, or you can downlaod a PDF version of this article here

by Dr Angus Young
The revelations of the Royal Commission and recent Inquiry by Australian Prudential Regulation Authority (APRA) raise questions about went wrong and where the failures lie. However, those might be the wrong questions to ask; instead, the more holistic approach is to reconsider regulation and compliance from the ground up in an endeavour to seek answers. Moreover, the surge of compliance obligations and emergence of compliance professionals can be accredited to mounting regulations, both domestically and internationally. However, few regulators have paused to consider the impact of all this on organisations and individuals.
At the conceptual level, the first step is to understand why regulation emerges—that is, who the actors are and what are the patterns in the interaction between those actors (Morgan and Yeung, 2007)? Broadly, we can categorise regulation theories into three clusters. First, public-interest theories tend to focus on welfare and political goals; the law from this perspective takes on a facilitative and, to some extent, an umpiring role. Thus, regulators might leap into action to enforce laws and regulations, if they see it is in the public’s interest to do so. Second, private-interest theories are said to rise from individuals or groups motivated to maximise their self-interests and promote agreed standards or benchmarks to regulate their dealings with each other. Like public-interest theory, it holds that the law is a vehicle for the collective interest and outcomes. However, the limitations are inherent, as certain parties may enforce their rights. Both public- and private-interest theories see law as a threat. Third are institutional theories, which are quite different and can be described as a ‘grab bag’, grouping a variety of theories under one heading. The underlying commonalities centre around two things: first, how stakeholders’ interests shape regulations; and second, the blurring of differences between public and private actors, and between public and private interests. The focus of this method is on how regulatory institutions’ work can often be a product of interaction between various stakeholders. Like many law-regulating professions, the professional associations are co-opted into either a self-regulatory regime or a co-regulating one. Under a self-regulatory regime, the role of the law is down-played, and the government’s role becomes that of moderator between private- and public-policy interests. This does not take away from the role of the legal framework; it still performs a coordination function. Yet, in a global marketplace, where complex financial instruments and technologies drive how markets and their participants behave and interact, the distinction between public, private and institutional theories is fuzzy. In short, laws take on both facilitative and moderation roles.
For compliance professionals, understanding the purpose or object of laws—whether they may contain elements of public, private or institutional theories—will be helpful in assessing the nature and quantum of the legal risk organisations face. This will, in turn, facilitate the mapping out of an organisation’s compliance priorities, according to the legal risks. Another element is that these theories could be helpful in the identification of key stakeholders of various regulatory organisations. This allows compliance professionals to determine the standing and involvement of different stakeholders in regulatory undertakings. These contextual considerations are helpful for organisations.
Understanding different regulatory methods are integral to meeting compliance obligations because each determines the regulatory instruments governments and stakeholders may use. Economic regulation is where financial measures are used to regulate the behaviour of individuals, groups and organisations (Frieberg, 2017). These include direct instruments to create markets, such as auctions, tenders and tradeable permits, as well as indirectly to influence markets with information provisions, price regulations, taxes and other market-influencing approaches. Ultimately, the focus of economic regulation is on both information and incentives. The assumption is that the role of regulation is to prompt markets to work efficiently; however, this hypothesis also assumes markets are self-regulatory and self-correcting mechanisms. The clear limitation is that markets do fail, and when they do, they can fail spectacularly.
Transactional regulation is where governments are said to achieve policy objectives through agreements with non-government actors and with other levels of government. This may be in the form of contracts, grants or legislative arrangements that require the consent of all parties. However, regulation through negotiated contracts is often complex and difficult to navigate.
Authorisation is perhaps the oldest and most pervasive form of government regulation. However, this traditional regulatory tool is being increasingly challenged by the growth of digital technologies and other forms of information-generating platforms that weaken the control and command the government can leverage over REs. Nevertheless, this regulatory method can still ‘pack a punch’, especially when REs are sanctioned or disqualified by regulators.
Next, informational regulation works on the assumption that information asymmetries are a key cause of market failure, and thus government intervention is justified. It operates by empowering market participants like investors and consumers by enhancing information availability. With social media and digital technologies, the issue of information asymmetries might no longer be relevant, and as such, regulatory emphasis will shift towards the production and dissemination of information to ensure the public is not harmed, misled or disadvantaged.
Structural regulation is innovative and relatively new. This regulatory method requires the structuring of the physical, the technological, or the choice of environment in which the RE operates, elevating the designer of the environment as the primary regulatee. Thus, it is less visible, often embedded in everyday life, and focuses on the designers of systems rather than the people who use them. One concern is that the relative invisibility of structural regulation might make it difficult for REs to challenge or contest its application.
Legal regulation is perhaps the most visible and prominent regulatory method with which compliance personnel are most familiar. This regulatory method consists of legislation, delegated legislation, ‘soft-law’ and quasi-legislation. The justification for authorities requiring legislation to regulate certain activities usually falls into the category of problems that are deemed to be high-risk and high-impact, on matters that communities demand legal sanctions for, issues with systematic compliance problems, universal application requirements, and issues with which existing industry bodies struggle to achieve compliance. However, achieving these regulatory outcomes can be vexing. The complexities and technicalities begin with the use of legal rules to regulate. Rules, by nature, can be over-inclusive or under-inclusive. Further, the indeterminate nature of rules creates problems in interpretation, as the subjective nature surrounding factual context exacerbates the difficulties associated with how rules are understood, as well as applied. Even for soft laws and non-legal standards, guides, or codes, there is still the question of legitimacy because these might be seen as serving industry’s self-interest. Whilst guidelines may gain the force of law or provide assistance to REs as how to conduct regulated activities, there are also those that are deemed as voluntary best-practices, and yet non-compliance might require further explanations to key stakeholders or quasi-regulators. With regards to codes of ethics, they are not without their own issues, as they might be regarded as behavioural management tools and treated by many with cynicism as instruments to shift blame if things go wrong. However, with regulators conscious of the fact that formal rules alone cannot prevent non-compliance, some regulators shift their focus towards regulate underlying organisational cultures.
Discussions about the various regulatory methods have revealed that there are no perfect regulatory methods. Compliance professionals have to be mindful of these various approaches and their own responsibilities to ensure organisations comply with regulations. More importantly, compliance professionals need to tailor, adjust and adapt an organisation’s compliance to attend the many regulatory methods used and regulatory subject matters regulators are addressing. To achieve this goal, organisations must understand that compliance is more than a series of complex processes, it is a means to an ends.
If regulations create the need for compliance, regulatory theories contextualise the regulatory environment, and regulatory methods illuminate how regulatory concerns are being regulated – ‘the how, the what, the why and the goals’. The trade of compliance or the ‘know-how’ is very much left up to compliance specialists. Apart from interpreting rules, compliance is fluid and negotiable—seen more as a process than a condition. Critics have stated that compliance is more an ‘ideal state’ and enforcement of regulation is a continuing process—this means that compliance can be attained by increments. This is why risk management is key to ensuring compliance meets an organisation’s or individual’s risk appetite and tolerance levels. It is beyond the scope of this one article to fully discuss reconsiderations of regulation and compliance. This will be addressed in further detail in the next instalment of ‘rethinking compliance from the ground up’.
Bronwen Morgan and Karen Yeung, An Introduction to Law and Regulation: Text and Materials (Cambridge University Press, 2007)
Arie Frieberg, Regulation in Australia (Federation Press, 2017)
About the Author
Dr Angus Young, Senior Lecturer, Department of Accountancy and Law, Hong Kong Baptist University; Distinguished Research Fellow, German-Sino Institute of Legal Studies, Nanjing University; Adjunct Fellow, Western Sydney University Law School