Non-compliance: 3 issues and 1 secret
Updated: Jun 26, 2019
Managing risk and meeting compliance requirement is a key priority in most companies and a necessity in highly regulated markets. The banking and financial sectors, oil & gas and energy industries come to mind, but even not-for-profit organisations are not immune. As can be seen from famous cases in the news, non- compliance is detrimental to the success of a company and can seriously damage a brand. Banks had a rough deal in the past but – unexpectedly - even Charities have recently suffered.
There are many reasons behind non-compliance, among the most frequent these are 3 key issues. Should you worry if they apply to your company?
It is a tick-box exercise – It won’t be intentional, but nevertheless it happens when we don’t give an activity our full attention. Online training is an example. Theoretically it makes sense: it regularly tests employees, it is easy to track and it clearly demonstrates there is a compliance governance in place. In practice, the way human beings do online training is automatic, there is limited cognitive effort and we tend to easily forget what we learnt.
It’s complicated - there are too many policies, rules and conflicting requirements – This is a call for regulators, both external and internal: how do you make sure that compliance requirements makes sense and are easy to follow? Sometimes policies may be contradictory, or there are so many rules that people can feel overwhelmed.
Social norms - We tend to follow the behaviour of our colleagues, managers and leaders. Especially if we are new to a team or organisation, our subconscious social barometer is to follow those around us. The problem arises when the company has a ‘bad apples’ or a deep-set problem with compliance. Even the most rule-abiding new starter has a look around and the easiest path is to follow the ‘bad’ social norms.
The secret is to find out the root cause.
This is probably not what you want to hear: we all like a solution we can implement immediately. However, if you don’t know for sure what is causing low compliance, or the reasons behind the incorrect risk attitude, then you may be trying to solve the wrong problem.
The time taken to collect and analyse data may seem ‘wasted’ time: we all like to get started with actions. It is in fact the other way round, data collection and analysis:
saves time because it leads to implementing the appropriate solution,
saves effort because there is less hypothesising and the solution is based on actual data,
saves money because the solution hits the root cause of the problem and it is quicker
What is the compliance experience in your company?
Please comment and share with your network.
If this is a subject critical for you and want to talk about changing the approach to compliance in your organisation, please contact me