What’s happening with risk management and compliance professionals as they manage today’s vast wave of changes – from increased regulatory pressures and a skyrocketing number of legislations to master? How are they managing what’s next in the COVID-19 era?
To understand the current state of compliance programs and processes as well as the impact of the pandemic on compliance management, MetricStream conducted a comprehensive survey of compliance professionals across industries and geographies.
We learned a lot, including:
Managing third-party risk compliance is a huge challenge. Nearly half -- 48% -- of organizations found it challenging to track third-party compliance while 44% stated that their biggest challenge was to manually conduct compliance assessments.
Staying ahead of regulatory changes remains a key issue. Regulatory authorities worldwide keep regulations at par to protect the interests of businesses, customers, and relevant stakeholders, leading businesses to cope with a tsunami of ongoing changes. As just one example, banking sector companies alone cope with an average of 220 regulatory alerts a day, compared to just 10 back in 2004.
In the survey, we found that 76% of compliance managers manually scan regulatory websites to track changes and assess their impact on the business. That’s neither efficient nor effective – how can you possibly keep up?
Engaging the front line is essential. 57% of respondents said that they engage with the frontline to respond to queries related to policies, regulations, processes, and controls. Frontline employees are the eyes and ears of the business and can often spot important trends and risks before the rest of the business. It’s encouraging that more than half are incorporating frontline feedback – a trend we hope to see continue.
The use of technology is not yet where it needs to be. Just 19% of organizations use standalone compliance management platforms. That’s shockingly low! And, only 19% of respondents said they use compliance management software as a component of a larger GRC platform – implying 80%+ are not managing compliance in a consistent, integrated way.
Combined with the manual scanning of regulatory changes, we’re seeing a key theme: automation and technology drive effectiveness and enable you to move valuable resources to strategic work, yet so few are taking advantage of it. There is work to be done. Enhancing regulatory and internal compliance assessments and improving employee awareness with more compliance training emerged as the top future priority areas. Training is key to creating a culture of compliance and coping with today’s fast-changing demands. Unless combined with more strategic technology, however, they are not enough.
In the words of the report: “As the world gears up for a post-COVID economy, organizations must also focus on fully integrated technology platforms that can automate and improve compliance with an ever-evolving regulatory framework. The post-COVID future will bring about greater uncertainties and greater changes in regulations and organizations must prepare for this now.” Only by getting ready now will we be empowered for what’s next.
To navigate today’s regulatory landscape efficiently and effectively, organizations need to embrace digitization and automation. Technology-based compliance management solutions can help streamline and automate the entire process—establishing a centralized repository of regulatory obligations and mapping them to policies, risks, controls, and processes; identifying, tracking, and analyzing regulatory changes; identifying and prioritizing high-risk areas; creating, updating, and aligning policies; managing various regulatory engagement activities, and more.
[Read more: 3 Best Practices for a Proactive Approach to Compliance (eBook)]
MetricStream can help you power what’s next. We offer a comprehensive suite of products and solutions to help organizations streamline and simplify both regulatory and corporate compliance. The products help structure and streamline various aspects of the compliance function, enhancing overall efficiency. With automated workflows, analytics, and dynamic dashboards, MetricStream products and solutions deliver real-time visibility into the compliance posture of the organization.
Here’s a case in point: A leading health insurer was seeking to integrate all regulatory compliance processes so that the insights that ultimately rolled up to the senior management and board would provide a complete, accurate, and real-time view of enterprise-wide compliance. It embarked on a GRC journey with MetricStream and implemented an integrated GRC solution beginning with compliance issue management, followed by compliance risk management, policy management, case management, and audits. Today, an efficient and standardized compliance program is in place with timelier visibility into risks and other areas of concern.
[Read more: Leading Health Insurer Integrates Regulatory Compliance Efforts, Saves Time and Costs (Case Study)]
What’s next is never sure – but what’s certain is that what got us here won’t move us forward. The compliance function must adapt, automate, streamline, and collaborate with technology to power the future and turn risk into a strategic advantage.
Read more of what the compliance professionals had to say. To download the State of Compliance report, click here.
Want to see MetricStream in action? Request a demo by clicking here.