A managed serviced approach provides a company flexibility in complying to regulatory obligations.
Changes and uncertainties in the market are adding further pressure on the compliance efforts of organizations, making it more and more challenging to simply maintain the status quo. The following market dynamics are creating an increased level of focus on an organization’s compliance and investigative functions.
The regulatory environment continues to be unpredictable, with swings in compliance and regulatory demands across different areas of the organization that force organizations to keep up. The focus on compliance has grown dramatically over the past several years, and ethical behavior has received more attention than ever before.
In April 2019, the Criminal Division of the Department of Justice released a new guidance document for white-collar prosecutors on the evaluation of an effective corporate compliance program for corporations. The document describes specific factors to consider when determining if a corporation’s compliance program was effective during the time of the offense. In the 2017 report, The True Cost of Compliance with Data Protection Regulations, conducted by Globalscape and Ponemon Institute LLC, the average cost of compliance for multinational organizations in the US was $5.47m, an increase of 43% from $3.53m in 2011.
For more highly regulated industries, such as financial services and industrial, the cost of compliance was much higher at $30.9m and $29.4m, respectively. Specifically, the penalties incurred by multinational companies for comparable investigations that EY Forensic & Integrity Services conducted ranged from $675m to $1b, exemplifying the high cost of noncompliance.
Additionally, organizations are conducting more investigations and expanding their compliance functions. Compared to the 2015 benchmarking report conducted by the Association of Certified Fraud Examiners (ACFE), Benchmarking Your In-House Fraud Investigation Teams, the 2017 report saw that 16%2 of fraud investigators within organizations investigate 20 to 99 cases at a given time, an increase from 11.9%3 in 2015, and 37% of fraud investigators spend 76% to 100% of their time on fraud investigations compared to 33.1% in 2015. Furthermore, organizations with more than 10,000 employees had on average 59 fraud investigators internally in 2017, a growth from 41.9 in 2015.
While housing a large compliance function can help an organization be responsive to its regulatory and compliance matters, it may not be the most cost-effective method. The model is not flexible to the peaks and valleys that often are associated with the regulatory environment. When regulatory demands slow down, organizations are left with high expenses associated with underutilized staff in nonrevenue-generating areas of the organization. Salaries and benefits are the most obvious costs incurred to maintain an in-house compliance function, but additional costs, such as technology and training and development, also figure prominently.