Corporate Finance, DeFi, Blockchain, Web3 News
Corporate Finance, Fintech, DeFi, Blockchain, Web 3 News

Questions to ask about GRC – #10: Compliance

10. Does compliance ‘chase the bus’, or is it part of strategy-setting and initiative decisions?

Norman Marks
Norman Marks
In many organizations, managing compliance is an afterthought. The decision is made to expand into a new country, deliver a new product or service, without serious consideration of the potential implications of ensuring the organization is at all times compliant with applicable laws and regulations. Compliance personnel may, at best, be informed of the decision so they can initiate efforts to ensure compliance. At worst, they find out late and have to “chase the bus” to try and catch up and get on board.

Ideally, compliance requirements, risks, and related costs and opportunities are considered when strategies are established and related projects and initiatives planned and executed.

This questions should be considered in conjunction with #4, which talks to the potential fragmentation of compliance – which can lead to duplication of effort as well as gaps in coverage.

Norman Marks, CPA, is vice president, governance, risk, and compliance for SAP's BusinessObjects division, and has been a chief audit executive of major global corporations for more than 15 years. He is the contributing editor to Internal Auditor’s “Governance Perspectives” column.

Vendredi 5 Octobre 2012