Value/Bene�t Statement

Application

Methodology/Enablers

People Process Technology

Full Spectrum

Compliance

• SAS• ACL• SQL• SAP• CURA• Barnowl• EasyRisk

Subject Matter Experts

Legal and Risk

RegulatoryData

AnalystsFinancial

Laying the foundation for Regulatory Compliance

Link to Compliance

Function

Risk Intelligent Map

Compliance Methodology

Internal Audit and Compliance Integrator

COSO

Responsible For: Accountable To:

How will this be achieved?

Utilising and industry leading organisation that already has people, process and technology to immediately perform compliance functions that include controls assurance and business value impact.

Leveraging your existing capability and supplementing with the necessary people, process and technology to move Regulatory Compliance to a business value contributor.

Create Regulatory Compliance capability which considers people, process and technology that is led internally.

Biggerchallenges,

higherstakes

• Corporate Accountability• Governance and Sustainability• Enterprise-wide Risk Management• Link to organisation-wide vision

• Board and Management oversight• Sufficient staffing and resources• Defined roles & responsibilities• Policies and procedures

• Documented risks and tolerance levels• Assessment methodology for risk prioritisation• Aligned risk process across programme• Ongoing cycle plan for assessments

• Regular employee communications• Metrics/Key Performance Indicators• Escalation and incident response• Board/Senior Management reporting

• Baseline training requirements• Specialised training• Ongoing updates to training materials• System to track completion status

• Ongoing assessment of requirements• Ability to leverage existing platforms• Support monitoring and reporting• Centralised data repository

BusinessValue

Compliance

De

ve

lop

“Compliance” Visi

on Sta

tem

en

t

De

velop Governance Pro

cess

es

Pe

rform

Compliance Risk A

sses

sme

nt

Monitoring and Test

ing

Re

po

rting and Com municat

ion

Compliance Trainin

g

Co

mpliance and Technol

og

y

• Independent testing of compliance controls• Inventory of laws and regulations• Defined scope and frequency • Corrective actions and discipline

Super-Charged Compliance

Outsource Co-Source In-House

Regulatory Compliance management is the management discipline of designing and implementing effective systems to ensure that an organisation actually complies with the laws’ regulations and codes of practice relevant to its operations.

• Increasing laws and regulations• Larger penalties/personal liabilities• Increasing board level oversight• New whistleblower standards• Held to higher standards by regulators/shareholders• A “higher bar” for effective compliance programmes

• Staff• Management• Executive Management • Board of Directors

• Regulators• Shareholders• Industry Analysts• Clients• State

• Advocate a compliance strategy that anticipates future trends across business products services and geographies.

• Moving... From tick boxes to accounting of the complete industry footprint and corresponding compliance risks.

• Increased coverage• Better risk identification• Covering all ambits of the COSO framework effectively• Consistency in approach• Quantification of exposure• Industry-agnostic• Projecting into the future

Business value contributorPain Points• What’s changing – and what’s our game plan for changing with it?• How do we research and prepare for what’s happening in the future?• How is compliance incorporated into our five-year business plan?• How are compliance trends incorporated into our growth decisions?• How are we identifying, monitoring, and adjusting for emerging compliance risks and requirements?

Regulatory Compliance: A Business Value Contribution

© 2013 Deloitte & Touche. All rights reserved. Member of Deloitte Touche Tohmatsu LimitedDesigned and produced by Creative Services at Deloitte, Johannesburg. (806222/sue)

ContactKriba MoodleyDirect: +27 (0) 11 806 5914Mobile: +27 (0) 83 327 4500Email: kmoodley@deloitte.co.za