Risk Management: 4 Ways Compliance is Holding You Back

In a recent survey, the overall cost of regulatory upkeep and its economic impact (in the United States alone) was estimated to be $1.8 trillion. On the other side of the world, Indian companies spent ~ ₹25,600 crores on compliance and legal upkeep — a 7% increase from the past year. These astronomical figures crop up because regulatory and contractual non-compliance is increasingly becoming a sore point for firms worldwide. Regulatory bodies are becoming more attentive, and are simultaneously meting out harsher penalties.

These issues sit atop an existing set of problems companies face while managing regulatory and contractual compliance. We list four of the biggest issues in risk management:

1. Regulatory mandates are complex, long and unclear.

On top of decoding legalese in contracts, multinational companies often encounter different laws in different countries and regions. An upcoming data protection law in the EU can be at odds with the law in the US. No longer can companies bank upon one standard framework to manage and mitigate risk.

2. Compliance frameworks and regulations are always in a state of flux.

Ignorance of the law or any unintentional lapses can’t serve as excuses for non-compliance. Appeals for “honest mistakes” — as in the case of Domino’s forgetting to supply its franchises with financial reports — are not accepted anymore. The company was charged $18,000 in fine.

New technology like blockchain adds to the confusion. Since blockchain technology is continually changing, companies do not have policies in place to take advantage of the technology.

3. Companies use outdated technology and a separate Governance, Risk Management and Compliance (GRC) function to handle contracts and regulatory mandates.

Software such as Document Management Systems (DMS) make indexing and retrieval simple enough for humans to find the relevant data quickly but generate no other value. Similarly, GRCs are usually at the periphery of a process with little business understanding of the goals and end-results of the process. Nevertheless, having a GRC or a DMS is not enough; they do not propagate a risk-aware culture across functions.

4. The GRC is designed to safeguard interests not create value.

A 2015 survey of 300 community banks in the US, done by the Federal Reserve System and the Conference of State Bank Supervisors (CSBS), revealed that banks spent nearly $4.5B on maintaining compliance.

This amount equals to 22% of their income. Mitigating risk by meeting a contract’s bare minimum can be a risk-laden approach in the long term.

These challenges are usually faced by big businesses. Small and medium-sized enterprises (SMEs) and startups, on the other hand, have additional concerns managing contracts due to resource constraints.

However, technological advancement, in the space of Artificial Intelligence and Automation, has brought in the next-gen contract management system that does more than search and retrieve. Cognitive Automation is set to change the regulatory landscape. Here are four ways it will address the biggest challenges in risk management:

1. Develops a technological oversight.

The solutions are domain-specific. They can understand dense legalese and self-determine when companies are straying from the rules.

2. Has machine learning capabilities.

Since the regulatory landscape is perennially changing, the technology available for assisting with compliance needs to respond similarly. Agile solutions with machine learning capabilities help you respond to changes in real-time by updating internal policies and identifying non-compliant processes immediately.

Simultaneously, invest in research about new technologies and how they could help disrupt your business model.

3. Solution can be replicated across processes.

Rather than having a separate function, a compliance and risk management framework should be integrated into each process. This assimilation can help companies achieve multiple benefits:
· It shortens the delivery time of the process.
· The scope for misinterpretation and errors is reduced.
· There is an increase in the end-to-end visibility of a process.
· The firm can anticipate new sources of risk and proactively mitigate them.

4. The value of GRC is often measured in terms of how much the company has managed to save because of being compliant.

However, to stay competitive and spur growth, firms will have to redesign their framework to align with core business competencies. Use contract management systems to identify strengths and weaknesses in the supply chain, and gain competitive advantage.

Are there other risk management challenges your firm faces? How have you solved them?

Write to us in the comments.

Ikarus is a software company that develops solutions to automate manual repetitive tasks for businesses. We have created a Cognitive Process Automation framework which leverages advanced machine learning algorithms to work on unstructured text documents like invoices, forms, contracts and emails. Using our solutions, businesses can automate their processes with high accuracy and significant savings in cost and time.
Subscribe to our newsletter here: