The Future for Compliance – Best Practice and Delivering Value
Where does Compliance fit?
In the very early days the Compliance Department had little seniority and its position in the organisational hierarchy was a lowly one; somewhere around the Stationery Department and the people responsible for cutting the grass. Compliance has had a somewhat meteoric career however, and these days we normally find it at the highest level within the organisation. The Compliance Director is normally a board-level executive, or at least reports directly to someone at that level, and dotted reporting lines to the Chief Executive are common.
During their climb up the organisational ladder many Compliance Departments have found themselves on something of a collision course with two other departments: Internal Audit and Operational Risk. (Both departments are often given other names, but we will use these for the purpose of this discussion.) These two potential “competitor” (or partner) functions have also enjoyed a rapidly developing profile, driven by the industry’s adoption of corporate governance principles and the need to manage “risk” in its broadest sense. Indeed ‘risk’ has become the four-letter word of the hour, to the point where some observers wonder whether the industry – which was born of the opportunities in buying, managing and selling risk – is becoming too risk-averse for its own good.