4 minute read 28 Jan 2020

Three challenges the C-suite face on the journey to regulatory trust


Matthew Polak

Americas Trust-by-Design Solution Leader

Focused on delivering and maximizing trusted offerings. A proponent of inclusive thinking. Proud father of two and husband and avid adventure outdoorsman.

4 minute read 28 Jan 2020

Companies face three key challenges around compliance management.

Companies are struggling to build and maintain compliance regimes that keep up with new regulations and laws enacted in the markets where they operate. Compliance is a moving target, but does it have to be a barrier to doing business?

Here are three key challenges to understand around compliance management: 

1. Compliance fatigue

The scope of the compliance function has grown oppressive. Tracking and documenting relentless regulatory changes is only the start. Policies and procedures must be amended, boards must be informed, and a “culture of compliance” must somehow be encouraged.

The combined burdens of regulatory compliance are so heavy that, for many companies, they’re sapping time and resources better used for innovating and staying competitive. Spending on compliance now comprises more and more of a typical IT budget that companies are stretching thin while trying to stay nimble in a market continually disrupted by new technology and nontraditional competitors. Rather than developing creative responses to business challenges, risk and technology groups are slogging through tedious — and often manual — compliance protocols.

2. Unaware of risks

Early-stage technology just a few years old can no longer be called “emerging” — it’s established. Cloud computing, data lakes, AI and robotics present unique challenges for risk and compliance functions, especially around privacy regulations such as General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Fair Information Practice Principles (FIPPs) and the state of Nevada’s recently enacted privacy law.

If these challenges aren’t addressed, thus creating compliance gaps, then the promise of new technology — efficiencies, flexibility and a competitive edge — is outweighed by the risks it can create. When day-to-day operations and backup systems are not compliant, companies face potentially devastating consequences including fines and reputational damage.

3.  Disruptive impact to revenue and reputation

The costs of noncompliance are growing. Beyond the financial and reputational risks to firms, executives face specific risks, namely personal liability and accountability. Given these consequences, it’s a painful irony that executives often have little visibility into the overall state of compliance. They would never accept the lack of “digital thread” around operations or financials, but compliance is a noncore capability ruled by complex, manual processes.

It’s hard for executives to pin down obligations and whether or not they’ve been met. Compliance is also typically siloed across the organization, with low process integration and standardization. And a company’s growth, though welcome, compounds the compliance problem.

Respondents to the 2018 Gartner CEO Survey say that regulations and laws are the most significant external constraints to their company’s growth, outranking even their competition and overall market conditions.
Matthew J. Polak
Americas Trust-by-Design Solution Leader

Current methods are falling short. Manage compliance effectively, or pay the price.

The costs of noncompliance only start with the financial. Fines and penalties from regulators undoubtedly hit the bottom line. But via social media and other platforms, customers punish companies faster and more heavily than regulators do for privacy and other data breaches. These reputational and brand risks can be orders of magnitude costlier than regulatory action. When consumers don’t trust you, they won’t do business with you — rewarding companies with better reputations instead.

The stakes have also risen for directors and other executives personally, as many jurisdictions now hold them directly responsible for maintaining an effective compliance management system. This degree of accountability means that firms must develop and embed the right cultural mindset around compliance from the top down. Inadequate compliance can also strangle growth, as a company chases fixes in a vicious cycle of remediation that steals resources from strategic needs.

Beyond piecemeal compliance, toward holistic trust

A successful compliance function has many facets but a single driving principle — embedding regulatory trust in all layers and corners of your organization. It’s crucial to orchestrate a transparent operating model to a company’s structure, business units and day-to-day processes. This approach boosts efficiency, unlike haphazard, scattershot efforts that attempt to bolt compliance onto the existing business.

Holistic compliance management offers a real-time view of risks and a thorough, efficient way to inventory any compliance gaps, increasing a company’s institutional intelligence. When done right, compliance becomes a partner with the business, influencing strategy instead of getting in the way. A smart compliance program embedded with strong technology prevents issues instead of just reacting to them. It’s the difference between comprehensive risk management and siloed risk avoidance.

The journey to regulatory trust

When you team with a trusted compliance management partner, you can focus on what you know best — your markets, customers and strategy. Compliance becomes a business enabler, not a barrier.

Effective compliance management encompasses every phase of the journey to regulatory trust, built around your unique compliance profile. Sectors such as life sciences, health, power and utilities, government, technology, manufacturing, consumer products and retail and others have specific regulations, standards and governing agencies — and a trusted partner must understand the implications of each.

A trusted partner protects you from the three critical risks of keeping compliance management in-house. Your compliance burden lightens so you can focus on core strengths. You can leverage new technology without worrying about its impact on compliance. And you embed regulatory trust throughout the organization, aligning the details of compliance with your corporate mission.


To start your journey to regulatory trust, visit Trust by Design.

About this article


Matthew Polak

Americas Trust-by-Design Solution Leader

Focused on delivering and maximizing trusted offerings. A proponent of inclusive thinking. Proud father of two and husband and avid adventure outdoorsman.