Even organizations not juggling with international compliance regulations can benefit from a gatekeeper of corporate conscience and reputation.
Traditionally, the Chief Compliance Officer (CCO) has viewed as someone who is more of a gatekeeper—with the negative undertones of someone sniffing out infractions, looking for wrongdoings, and pouncing on offenders.
However, in recent times, a more positive connotation is emerging: the CCO is someone who champions corporate integrity, accountability and ethics.
The role provides a wider perspective and a high level view of the company and compliance issues, seeing broad trends and proactively identifying new risks before they become issues.
An expanding C-level role
According to Bhavya Baxi, Vice-President, Partner Strategy & Onboarding of Indian food-tech firm Lokal Kitchen, the need for a CCO is growing more than ever, and the CCO should be the one managing risks and mandating internal controls that adequately measure and manage the risk it faces.
“At first, the CCO understands the requirements and necessity of the industry compliance framework. Subsequently, the officer communicates these developments to train the employees in order to meet regulatory expectations. The CCO usually directly reports to the CEO and is typically tasked with reporting to the board on everything: i.e., policy development, monitoring, enforcement and implementation. As CCOs continuously review the work of others, it requires someone who is ethically sound, understands market insights very well and most importantly, works well with people.”
With a CCO in place, organizations can improve management of compliance risk and, according to Gartner study succeed on two fronts: free up space for strategic work which supports business growth and drive employee ownership of compliance risk, ultimately leading to better risk prevention and mitigation.
Managing risks and keeping conscience
In a digital world that is becoming more globalized, risk management is becoming ever more important, said Prashanth GJ, CEO of TechnoBind. “With evolving compliance regulations across different geographies, the challenges become even more complex. No company prefers being restricted to a specific region or a country. Every company is one way or the other exposed to a myriad of regulations—cyber or otherwise.”
According to Ajay Trehan, Chief Executive Officer, AuthBridge Research Services: “With rising awareness about data security and the tightening noose by regulators, protecting data privacy has emerged as a top priority. A CCO not only helps in building and implementing enterprise-wide security strategy, but also leads a business through many stages of disruption within the purview of regulation.”
Trehan said that, in his organization, a CCO is an organization’s conscience keeper, advising on a solid security framework to work within and keeping a strong eye on the evolving compliance standards, “simply because we deal in humongous volumes of data and understand the absolute need to protect it in the world where data frauds are commonplace. In fact, we have a whole compliance team that has guided and nudged us towards the best standards of compliance even while scaling up and going through many phases of digital transformation.”
Yet another C-level executive, CEO and co-founder Jaydeep Ruparelia of Infopercept Consulting in Ahmedabad said: “Considering the pandemic challenges and rapidly evolving technology, cybersecurity has become an integral part of enterprises. A CCO can act as a bridge between the Board and the security teams to ensure all compliances are in place.”
Whether it is anti-money laundering laws or GDPR compliance, every organization needs to be aware of the importance of being compliant—the risks of even minor non-compliance can be potentially disastrous to the company, their senior executives or even to the board, according to Prashanth.
Reputational risks
More than the financial aspect, it is the associated reputational risk that board members of reputed privately-held or publicly-listed companies have deep concern on, said Tejas Fadia, Assistant Vice-President, Infomatics Services Pvt. Ltd. “Compliance teams are now expected to plan and avoid risks that can lead to both financial and/or the reputational loss on any breaches that may/may not occur. Who then is placed best to appraise, guide and strategize with the board than the chief of the company’s compliance?”
Fadia continued: “Besides gauging the health of the organization beyond numbers and growth, one of the agendas during a board meeting should be to assess how well the company is positioned to manage and mitigate any risks that involve regulatory, security (online breaches) and financial compliance. Another important aspect for publicly-listed companies on corporate governance is the prevention of insider-trading regulations. To do this, organizations need to have compliance and governance policies in place and regularly monitor them. The CCO will have a complete bird’s eye view on all aspects of the needed governance standards.”
Furthermore, compliance channels ensure that the business or organization is fully enabled and prepared to function and compete. According to Shrijay Sheth, founder of Legalwiz.in: “A host of factors govern and directly impact the markets: and therefore, the business environment. These factors are primarily related to regulatory norms, security and financial compliances. There are various benefits that accrue to the organizations for staying compliant, though they may not be immediately obvious. So, in order to ensure that compliance is perceived and managed as a separate function, a CCO should be part of the top management in enterprises.”
An increasingly important C-suite role
Gartner’s study has stated that, as demands on the compliance function grow more intense, CCOs must proactively embrace new leadership responsibilities for their role and reposition how their function is thought of among stakeholders.
Besides enforcing internal regimens, drills and documentation, CCOs will need to raise awareness across both the top and middle managements about the need to either stay compliant or face serious consequences. Reinforcing these tenets will help build a ‘compliance calendar’, especially for the government-related norms, and also for security and financial compliance.
Since a functioning, secure business gives and receives payments, and is involved in transactions every day, staying financially compliant also assumes great importance. Hence, having a CCO in top management is not only essential, but imperative, according to Sheth.