Last week we introduced the concept and importance of comprehensive compliance. This strategy of determining all of your obligations can be an effective measure against compliance risk by ensuring that companies are adequately covered and protected against potential issues.
Companies that take a comprehensive approach to compliance tend to be more resilient. The benefits of a strong compliance system are clear during changes in the business climate or economic storms. However, even when companies start to improve their compliance they soon discover significant obstacles that stand in their way.
In this post, we take a look at three of the most significant and common obstacles that threaten an organization’s efforts to improve and sustain adequate coverage. This can result in failure to protect stakeholders from preventable and unnecessary risk. One example we recently mentioned was the Barrick gold mine that shutdown due to compliance issues. The three obstacles are:
- Obligation Silos
- Unclear Status
- Uncoordinated Efforts
To eliminate these obstacles we first need to understand their nature and why they exist. We will look at each one in turn starting with the most common one, “Obligation Silos.”
Organizational silos are one of the most common complaints in business. The left arm often does not know what the right arm is doing. When it comes to compliance, silos are found in most organizations irregardless of industry. Obligation silos exist when organizations use multiple standalone, incomplete, and out-of-date lists of obligations to manage their compliance.
These silos are often created over time when companies add new systems, new regulations and new compliance aspects to their operations. Staff and team initiatives for compliance projects for a specific problem are often also a source of obligation silos within an organization. When teams consider solutions, it often seems easier to just create another program or system rather than integrate new obligations into existing processes.
The cost of every new silo is not so much the initial project, but rather the maintenance and upkeep it requires. This burden leads to more abandoned compliance programs than we dare to admit. Each silo an organization adds leads to more management work and up-keep. Ensuring that their are no vulnerabilities in the controls that safeguard stakeholder value such as reputation, safety, quality, environmental and regulatory objectives is an extra layer of effort and cost. Multiply these costs across your silos…
Unfortunately most companies have limited resources to allocate to managing each silos or making sure that obligations are not missed or duplicated across silos. This operational challenge leads to the next obstacle, “Unclear Status.”
Most companies cannot confidently determine the status of their compliance across all their obligations. Obligations are often minimally specified in registers with no clear measure to evaluate if an obligation has been met and if compliance risk has been effectively ameliorated. Unclear status is a result of uncertainty associated questions such as:
- are all applicable obligations being considered?
- are compliance controls effective to reduce risk?
- are the organization’s capabilities sufficient to sustain compliance?
Companies will partially answer these with audits that verify minimal requirements. While helpful, audits are have a few shortcomings. They are often not precise or comprehensive enough and they are usually too slow to prevent compliance risk. This is specifically true for performance and outcome-based obligations associated with safety and environmental goals. Audits are lagging indicators and they should most definitely not be your primary compliance tool.
Audits often generate findings and corrective actions. These items can become a new challenge for an organization as you now need to track the status of all of these items across your organization. Coordination of tasks is one of the greatest operational challenges for any company.
Almost all companies suffer from the “death by a million action items”. Every review, assessment, audit, or even improvement initiative ends up creating more actions than we want. The abundance of actions leads to overwhelmed teams and a challenge of prioritization. You end up playing whack a mole and this can generate:
- compliance fatigue
- “completing actions” rather than “closing gaps”
- insufficient attention on improvement
- focus on “best effort” rather than “best outcomes”
Falling into this cycle of actions and obstacles will create compliance waste and prevent value from being realized. This is evidenced when organizational compliance functions spend their time serving the waste rather than on eliminating waste. Organizations need to invest in strategies that drive proactively improve compliance and generate increased protection and resiliency.
So what can organizations do to overcome these obstacles? Stay tuned for our next article when we will answer this question.
If you can’t wait and want to get ahead we created The Comprehensive Compliance Scorecard™ to help you assess your compliance right now and identify areas to help you improve. If requested by you will be followed up by one of our compliance experts to go over your results.