working in compliance vs. working on compliance
DESCRIPTION
Working in Compliance vs. Working On ComplianceTRANSCRIPT
![Page 1: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/1.jpg)
Enterprise Risk and Compliance Management
Working in Compliance vs. Working On Compliance
Ed Sattar, CEO, 360factors inc.
![Page 2: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/2.jpg)
Page 2
Outline
A. Regulatory Change and Corresponding Risk Factors
B. Why Implement a Regulatory Change Management System
C. How to Implement a Regulatory Change Management System
D. How to Facilitate Regulatory Change Management
E. How Automation and Software can Improve your Compliance Program
![Page 3: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/3.jpg)
A. Regulatory Change and Corresponding Risk Factors
![Page 4: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/4.jpg)
Page 4Source: Davis, Polk Dodd-Frank Infographics
Regulatory change is significantly impacting organizations and their policies
![Page 5: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/5.jpg)
Page 5
Regulatory Change Impacting Policies
Source: Thomson Reuters
![Page 6: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/6.jpg)
Page 6
Rising Regulations and Cost
![Page 7: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/7.jpg)
Page 7
Top Regulatory and Financial Crime Risk
• Smuggling of Products
• Misreporting IncomeTax Evasion
• Counterfeiting
• False Representation
• Abuse of Position
Fraud
• Governance
• Democracy and Fragility
• Bribery
Corrupt Practices
Money Laundering
&Financial
Crime
![Page 8: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/8.jpg)
Page 8
Operational Excellence Risks - Executive Level
1. Strategic Objectives and Goal Alignment
2. Performance and regulatory risk metrics not tied to P&L
3. Lack of visibility of risks across all functions and departments through a single platform
4. Developing & Training People
![Page 9: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/9.jpg)
Page 9
Operational Excellence Risks – Functional Manager
Model of operational excellence
Compliance Oversight and Escalation
Day to Day Compliance Tasking
Risk Monitoring
Corrective and Preventive Actions
Policy and Procedure Management
Audit Management
Training Management
Other Industry Pain Points
![Page 10: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/10.jpg)
B. Why Implement a Regulatory Change Management System
![Page 11: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/11.jpg)
1. Understanding Regulations - Over or Under complying is expensive
2. Regulatory applicability and managing regulatory changes - Organizations need to be able to proactively react to risk and business change
3. Automating and streamlining day to day compliance - Excel and paper-based compliance programs are antiquated and insufficient to implement a robust program
4. Regulatory change management needs to be defensible
Reasons to Implement Regulatory Change Management
![Page 12: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/12.jpg)
C. How to Implement a Regulatory Change Management
System
![Page 13: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/13.jpg)
1. WHY = Regulatory change management
2. WHAT = Risk and internal controls
3. HOW = Operational excellence and workflow
4. WHERE = Location / Assets
5. WHO = Mapping Roles / Key Management Functions
to Metrics & P&L
Enterprise Risk and Compliance Management Model – Five Steps
![Page 14: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/14.jpg)
Page 14
Regulatory Change
Management
Operational Excellence
and Workflow
Risks & Internal Controls
Organization – Roles and
Key Management
Functions
Location/
Assets
Enterprise Risk and Compliance Management
Methodology HOW
WHY
WHAT
WHO
WHERE
![Page 15: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/15.jpg)
D. How to Facilitate Regulatory Change Management
![Page 16: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/16.jpg)
1. Strategic objectives, goals, regulations and standards library management
2. Parse the actions from requirements: who, what, when, where, and frequency.
3. Monitor regulatory and management of change
4. Effective vs. Proposed.
5. Mapping- CAPA, policy procedures, evidence, checklists, and day-to-day compliance tasks to regulations or strategic objectives
6. Applicability
Step 1- Regulatory Change Management
COMPONENTS OF A REGULATORY CHANGE MANAGEMENT:
Regulatory
Change Manage
ment
Process & Workflow
Risk and Internal Controls
Roles and Responsibil
ities
Locations and Assets
WHY
![Page 17: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/17.jpg)
Step 1a- Regulatory Change ManagementEFFECTIVE AND MATURE REGULATORY INTELLIGENCE DELIVERS:
Regulatory IntelligenceMaturity Delivers ...
Holistic awareness of goals and changing regulatory risk
Alignment of culture and policy
Risk-intelligent decision-making
Accountability of regulotry change risk
Multidimensional regulatorion analysis and planning
Visibility of risk as it relates to performance and strategy
![Page 18: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/18.jpg)
Page 18
1. What is impacted? Environmental Risk Financial Risk Legal Risk Reputational Risk Operational Risk
2. Define internal controls Identify Assess Mitigate Monitor Recordkeeping
3. Define risk levels Which details impacting factors Is based on a systematic
process allowing the organization to prioritize more efficiently
Effectively assesses issues requiring immediate action.
Step 2- Risk & Internal Controls
Regulatory
Change Manage
ment
Operational Excellence
and Workflow
Risk and Internal Controls
Reporting – Roles and
Key manageme
nt Functions
Location/ Assets
WHAT
![Page 19: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/19.jpg)
Page 19
Step 2a- Risk & Internal Controls
Regulatory
Change
Management
Operational
Excellence and
Workflow
Risk and
Internal Controls
Organization – Roles
and Key Managem
ent Functions
Location / Assets
Small Workforce Large Workforce
Hig
h R
isk
Low
Ris
k
Simple
to
complex
WHAT
![Page 20: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/20.jpg)
Step 2b- Risk & Internal Controls
What is management’s responsibility with regard to internal controls and reporting?
What is audit’s responsibility with regards to internal controls and reporting?
What is the board’s responsibility with regards to internal controls and reporting?
Regulatory
Change
Management
Operational
Excellence and
Workflow
Risk and
Internal Controls
Organization – Roles
and Key Managem
ent Functions
Location / Assets
WHAT
![Page 21: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/21.jpg)
Page 21
Weak Technology• Documents& spreadsheets• Email for workflow & tasks• No audit trail or accountability
Moderate Technology• Basic workflow & task management• No regulatory content feeds• Audit trail for accountability
Strong Technology• Enterprise workflow• Integrated and actionable regulatory content with
policy management• Closed loop process – everything integrated into
one platform• Indexing of regulations to other policies
Small Workforce Large Workforce
Hig
h R
isk
Low
Ris
k
Step 2c - Risk & Internal Controls
![Page 22: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/22.jpg)
1. Business Process Impact, compliance process around sites, assets, events , timely decisions
2. Process automation and cost
3. Manual vs automation
Step 3- Operational Excellence and Workflow
Regulatory
Change Manage
ment
Operational
Excellence and
Workflow
Risk and Internal Controls
Organization – Roles and
Key Management
Functions
Location/ Assets
HOW
![Page 23: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/23.jpg)
Automate corrective action to increase speed, eliminate waste and cut costs
Automate scheduling, tasking and tracking
Embed transparency and accountability
Automate management of change
PROCESSESS THAT CAN BE AUTOMATED
PROCESSESS THAT CANNOT BE AUTOMATED
Determining Applicability
Subject matter expertise
Step 3- Operational Excellence and Workflow
Regulatory
Change Manage
ment
Operational
Excellence and
Workflow
Risk and Internal Controls
Organization – Roles and
Key Management
Functions
Location/ Assets
HOW
![Page 24: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/24.jpg)
1. Where is compliance being done?
2.Are risks and specific driving factors mitigated by location, asset, activity, product or service?
Step 4. Location & Assets
Regulatory
Change Managem
ent
Operational Excellence
and Workflow
Risk and Internal Controls
Organization – Roles and key Management
Functions
Location / Assets
WHERE
![Page 25: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/25.jpg)
1. Why is it important to define the roles and responsibilities before you create a Regulatory Change Management Framework?
2. What are the barriers to creating a Regulatory Change Management Framework?
3. Is there a specific role and responsibility structure or can it vary from organization and industries?
Step 5. Roles & Key Management Functions
Regulatory
Change Managem
ent
Operational Excellence
and Workflow
Risk and Internal Controls
Organization – Roles and Key
Management Functions
Location / Assets
WHO
![Page 26: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/26.jpg)
1. What are key roles and structure?
2. What are the key functions?
3. What are the key actions?
4. Outcome / Results
COMPONENTS OF ROLES AND RESPONSIBILITES
Step 5. Roles & Responsibility
Regulatory
Change Managem
ent
Operational Excellence
and Workflow
Risk and Internal Controls
Organization – Roles and Key
Management Functions
Location / Assets
WHO
![Page 27: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/27.jpg)
E. How Automation and Software can Improve your Compliance
Program
![Page 28: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/28.jpg)
1. Is technology perceived as a catalyst for growth and performance?
2. Are people or technology barriers to regulatory compliance automation?
Automate Regulatory Compliance Through Software
Regulatory Change
Management
Operational Excellence and
Workflow
Risks & Internal Controls
Organization – Roles and Key Management
Functions
Location/Assets
![Page 29: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/29.jpg)
Page 29
Source: Global survey by KPMG, Inc
BENEFITS OF AN INTEGRATED MANAGEMENT SYSTEM
Automate Regulatory Compliance Through Software
![Page 30: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/30.jpg)
Page 30Source: Global survey by KPMG, Inc
Automate Regulatory Compliance Through Software
Predict Risk
Productivity
Agility
Quality
Efficiency
Excellence
Compliance
Operational Excellence
Sustainability
Increased Margins
BENEFITS OF AN INTEGRATED MANAGEMENT SYSTEM
![Page 31: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/31.jpg)
Page 31
Technology provides automation and tracking to be successful
![Page 32: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/32.jpg)
Page 32
Measuring the value of Risk & Regulatory change management
![Page 33: Working in Compliance vs. Working On Compliance](https://reader035.vdocuments.site/reader035/viewer/2022062514/5586379dd8b42a4a348b469f/html5/thumbnails/33.jpg)