Compliance Insight: Compliance's Expanding Coverage
Enforcer and overseer to enabler and guardian
Compliance is at a turning point as it moves from enforcer and overseer to an enabler and guardian.
Compliance’s value is not only in identifying and ensuring resolution of issues, but in preventing and mitigating such issues – in helping to drive effective controls and alignment with business processes across the organization.
KPMG client CCOs share many key insights, including:
Challenges
- Rising regulatory and social discord/divergence, creating coverage strains on Compliance resources and increased ethics/reputation/brand risks
- Need to embed Compliance into business segments, operations, new products/services/channels and adoption of new technologies
Expanding Coverage
- Ethics & Culture: Collaboration with HR, Tech & Ops, senior leadership to help drive "Compliance by Design" thinking along with purpose and value-driven culture
- Reputational & Brand Risk: Collaboration with Legal, External Affairs, Business to identify emerging/evolving risks and associated strategy/plan
Coverage Practices
- Revisiting areas of coverage/non-coverage
- Adding formality to the delegation of Compliance risks in areas outside coverage (e.g., HR, Tax, finance)
- Understanding differences in "rigor" between Compliance and areas outside coverage – in some cases instituting additional process controls, as appropriate
KPMG Perspective
Compliance’s value is not only in identifying and ensuring resolution of issues, but in preventing and mitigating such issues – in helping to drive effective controls and alignment with business processes across the organization. As such, the areas of coverage for which Compliance takes direct and/or indirect responsibility are ever increasing. Five areas that Compliance should anticipate expansion in the next several years include:
Ethics & Culture
Standard Setter and Enforcer >>> Culture Enabler
Influencer and voice to prevent potential misconduct through driving empathetic and ethical decisions
Reputational & Brand Risk
Reputational Risk Overseer >>> Brand Guardian
Brand guardian through the advancement of proactive management, controls and messaging.
Enterprise Risk Management
Compliance Risk Monitor >>> Enterprise Risk Governor
Manager/governor of integrated and dynamic compliance and risk.
Data &Technology
Data Reporter >>> Data/Technology Change Agent
Change agent for data-driven analysis/insight and development/adoption of innovative technologies for compliance risk management.
Quantification & Control Auditability
Control Inspector >>> Emerging Impact Assessor
Leader in business assessment and quantification of emerging risk impacts.
Explore more insights
Insight
Compliance’s Expanding Coverage
Current and Future Roles
Insight
3 steps to enhance your compliance monitoring and testing program
Learn three steps to enhance your compliance monitoring and testing program.
Insight
Heightened Risk Standards: Focus on Risk Frameworks, Processes, and Controls
Increased regulatory scrutiny in the management of risk and controls
Insight
Noncompliance with Laws and Regulations, Including Fraud: PCAOB Proposed Amendments
Potential areas for company risk focus
Insight
AI Regulation: Cross-Agency Actions
“Whole-of-government” execution of Executive Order to establish safe, secure, and trustworthy AI
Insight
Enforcement/Supervision to “Automated Systems”
Ensuring “automated systems” development and use is consistent with federal laws
Meet our team
Subscribe to receive Investigations Insider
Helping organizations in their efforts to achieve the highest level of integrity and to manage the cost and risk of litigation, investigations, and regulatory enforcement actions.