"To navigate evolving regulatory demands and increased scrutiny, organizations should enhance risk & compliance through strategic positioning, integration, automation, and advanced technologies. This approach builds stakeholder trust and fosters responsible growth."
Naomi Kerremans, Manager, Advisory, at KPMG in Belgium, outlines the significance of implementing a modern, dynamic strategy for risk and (regulatory) compliance, which can yield trust, value, and a competitive advantage for businesses today.
How do robust risk and compliance frameworks establish trust as the ultimate business enabler in today's landscape?
Naomi Kerremans: Well, now who's tossing around the corporate buzzwords? Trust is indeed the key to business success. Especially in an environment where companies face heightened financial, reputational, regulatory, and operational risks. Earning and maintaining the trust of stakeholders in the organization’s ecosystem, including employees, regulators, customers, shareholders, and third parties, is crucial. When a company successfully builds this trust, it lays a solid foundation for responsible growth. This trust allows for more confident decision-making, encourages bolder innovation, and fosters sustainable advancements that improve performance and efficiency.
That sounded like a laundry list of things to do. What should companies prioritize in their risk and compliance strategies?
Naomi Kerremans: Companies should prioritize several key areas. Firstly, strengthening the role of the board and senior management is crucial for effective oversight, and increasing their buy-in regarding risk and compliance topics (i.e., tone at the top) is essential. Second, enhancing elements of the framework as policies and procedures, along with improving transparency, data gathering, and analytical capabilities, ensure that organizations can respond more effectively to risks. Finally, giving risk management and compliance the same priority as other key areas will highlight its importance in the organization.
Additionally, companies should establish regular review cycles to stay aligned with evolving standards impacting their risk & regulatory landscape. Monitoring stakeholders and the regulatory environment is essential for staying current with changing requirements. And last but not least, enhancing a strong risk and compliance culture, being part of the company values and translated in everything they do, from recruitment of personnel to strategic decision-making. By focusing on these areas, companies can build a robust risk and compliance framework that supports their strategic objectives and fosters trust with stakeholders.
You mentioned data gathering. Why is data so important in this exercise?
Naomi Kerremans: Data plays a pivotal role in driving informed decision-making and ensuring regulatory compliance. Through data analysis, organizations gain insights into various risks, allowing them to prioritize and allocate resources effectively for mitigation efforts. Additionally, accurate data records across its functions and operations facilitate compliance to regulatory requirements and enable organizations to quickly respond to regulatory inquiries or audits. Moreover, data serves as a key performance indicator, allowing organizations to measure the effectiveness of their risk and compliance initiatives. By analyzing historical data and leveraging predictive analytics, businesses can anticipate future risks and proactively implement preventive measures. Overall, data serves as the foundation for effective risk management and compliance practices, guiding organizations in navigating complex regulatory landscapes and mitigating potential threats. Data is kind of like a compass in a storm.
What are some of the common risk and compliance challenges you see companies struggling with?
Naomi Kerremans: The surge in Artificial Intelligence and automation introduces new risks such as fines and reputational damage from cyber and data incidents. This puts pressure on businesses to demonstrate compliance value through ethical cultures and advanced technology. Again, a solid risk framework, supported by better teamwork across firms, is essential for spotting new risks, keeping up with regulations, and identifying important compliance areas. This will also improve the way business stakeholders view risk and compliance, which is often seen as a showstopper today but should be considered a business enabler.
And, let me guess? You and your team can guide them to the Walhalla of risk & compliance transformations?
Naomi Kerremans: Yes, we can! How did you know? But seriously now, our unique advantage in risk & compliance transformations stems from our structured “Powered” approach and underlying assets. This approach enables swift transformation based on established industry best practices, supplemented by cutting-edge technology from leading IT providers when applicable.
Here we go again! What on earth is “Powered”?
Naomi Kerremans: It’s actually quite simple. Let me explain: the “Powered” methodology supports swift business modernization. Drawing from our extensive experience in numerous functional transformations and our expertise in the latest cloud technologies, Powered allows organizations to go through risk and compliance transformations in an efficient though safe manner, considering the industry leading practices in terms of functional processes, combined with proven technology. It addresses pressing challenges such as dynamically responding to emerging risks and intricate regulations, as well as instilling stakeholder confidence amidst data handling concerns and technological advancements.
What’s more, Powered facilitates the extraction of value from risk and compliance data to inform strategic business decisions, while also fostering a cultural shift towards embedding risk management across all operations. It enables proactive management of diverse risks and compliance obligations, all within the framework of broader organizational transformation efforts, striking the perfect balance between human expertise and automation.
This sounds complicated, again…
Naomi Kerremans: It’s not! To get started, we focus initially on three steps of our approach, as we’ve noticed this applies to most businesses starting their transformation journeys.
The first step is to define the role of risk and compliance, considering input from both first and second lines of defense. This helps to understand how second-line functions view themselves, whether as challengers, advisors, consultants, or experts. We cover a wide array of second line areas, including compliance, operational risk management, strategic risk management, crisis management, third-party risk management, and regulatory change. This broad scope aids in garnering early support and awareness. Next, we analyze the structure to assess current and desired future states across different layers, ensuring comprehensive coverage and addressing any gaps. Finally, we develop and validate a roadmap outlining priority activities, with a strong focus on effective program and change management to ensure successful implementation and adaptation.
The next phase – implementation - is tailored to the specific needs of each company.
If you could sum up the importance of your job in two sentences, what would it be?
Naomi Kerremans: Ultimately, my goal is to empower clients to operate with greater integrity and efficiency, thereby earning the trust of all their stakeholders. By reframing risk as a potential source of competitive advantage, organizations can position themselves as industry leaders, reaping rewards in innovation, consumer trust, and market share!
Powered Enterprise
KPMG Powered Enterprise is KPMG’s suite of services to transform your back-office functions. We bring future proof target operating models using KPMG best practices, processes and pre-configured SaaS (Software as a Service) platforms, along with advanced technology assets, for optimized processes, governance, KPIs (key performance indicators), people skills and data.
Building Trust in Technology: The Human Touch in a Digital World
In a world where technology is rapidly evolving, the need for robust Risk, Compliance, and Assurance frameworks has never been greater. Naomi and Ivy explore the critical role of trust in business success and how the human element remains indispensable in tech projects.
Explore
Connect with us
- Find office locations kpmg.findOfficeLocations
- kpmg.emailUs
- Social media @ KPMG kpmg.socialMedia