Perspectives on Risk & Compliance management - important but difficult to implement paradigm - for organisations today.
Why developing Risk & Compliance(R&C) Management Governance?
Compliance and Risk Management is often misunderstood and sometimes misapplied, but is vital to any organisation.
- It is central, if applied properly, to any organisation’s viability, direction, effectiveness- and is very important for managing an organisation’s growth and scalability.
- Every organisation should strive to build a compliant organisation not only for traditional reasons like avoiding any criminal prosecutions by regulators resulting in defamation of the company, but also for attracting & retaining clients.
Having an independent Risk & Compliance Management function is critical from many aspects, particularly when dealing with industry sectors like banking, insurance, telecom, where the regulatory implications/penalties in the event of any errors are significant. Also consumer activation is growing and consumer protection in countries like US/International markets is enforced far more vigorously than in some of the developing countries - but is changing fast – and so a stronger compliance and risk mitigation framework is important for an organisation's growth. Over time, the investment pays back, by lower operating losses, penalties and possibility of obtaining higher pricing in the market.
Having a strong R&C process will also make it easier for an organisation to get certifications from external auditors.
Easier said than done !
SO WHAT NEEDS TO BE TYPICALLY DONE?
-One key step will be for TBSS Risk and compliance unit to develop and generate a comprehensive risk mitigation and compliance checklist at an organisation as for each operating unit/division within the organisation, for all units to check themselves on the same.
The organisation should develop a comprehensive and exhaustive checklist of risk & compliance management in sync with the industry, sector geography, regulatory environment and the strategic + operational objectives of the organisation. Once developed the organisation to strive to use the SAME Risk & Compliance assessment checklist across all its operating units – to ensure all units are being measured on the same/similar parameters on all aspects of risk mitigation and compliance adherence the checklist however can evolve based on root cause analysis on specific incidents and feedback from all stakeholders, including employees, customers, shareholders and regulators - and should be viewed as a living and evolving checklist. A typical risk and compliance management cycle is elucidated above.
Hexagon Consulting’s Strengths as your consulting & professional services partner
Our consultants based at Delhi in India as, have deep understanding of risk & compliance management having worked both in India and most markets around the world including Philippines, Mexico, US, Europe, etc. We have considerable experience of working with clients both in India and overseas and developing risk & compliance managemen frameworks like Risk & Compliance self-assessment, organisational structure & SOPs to enable implementation and institutionalising a culture of compliance and risk mitigation in the organisation.
Also we have the capability to do risk & compliance management audits & due-diligence to identify organisational gaps in this important area. Specifically in the Banking & financial services space we are currently working in the KYC & AML space - in partnership with an affiliate firm of KYC-AML SMEs Bryant & Associates, based at Hayville, US.