HR compliance functions set to modernize
Close to half of risk and compliance, internal audit, C-suite executive and board professional respondents plan to change core compliance execution practices.
Compliance functions are set to be modernized over the next 12 months, with resource levels also set to rise or hold steady, according to a Deloitte poll, Close to half of risk and compliance, internal audit, C-suite executive and board professional respondents—48.3 percent—said they plan to change core compliance execution practices.
In addition, most organizations say they plan to either increase (27.5 percent) or hold firm on (37.6 percent) resource levels for their compliance teams.
Related: Compliance hurts, but ERISA & IRS penalties will hurt even worse
According to Deloitte, compliance modernization is a “functional transformation that pulls on productivity levers across the organization, including emerging technologies, such as cognitive compliance, automation and robotics, to drive integration of risk and compliance with business strategy and drive value across the enterprise.”
Rebecca Chasen, Deloitte Risk and Financial Advisory partner, Deloitte Financial Advisory Services LLP, says in the report that “… compliance modernizing technologies are evolving quickly and becoming more available, enabling compliance teams of various resourcing levels to streamline processes, increase capacity and continue to do more with less.”
But tech alone won’t drive the knowledge needed by leadership. And just 11.5 percent of those surveyed see their compliance functions as creating value, or offering strategic advice, including predictive insights and greater efficiency through the use of regulatory technology. That’s up just a hair from 2017’s responses, when 10.9 percent of respondents said their organization is value-creating.
It can be tough to choose between possible new solutions and existing ones that have already been proved to be of value, according to Tom Nicolosi, Deloitte Risk and Financial Advisory principal.
Nicolosi adds, “To me, the question to ask of a solution is ‘will this robotic process automation, artificial intelligence and/or cognitive computing solution have the power to increase productivity, drive down costs and create value across the organization via a solution all three lines of defense—business units themselves; risk management and compliance functions; and, internal auditors—can leverage?’”
Among respondents asked which group in their organizations is most responsible for executing compliance, 24.9 percent point to the “first line of defense”—business units, their professionals and centers of excellence. More, however—26 percent— choose the “second line of defense”—risk management and compliance. But 34.4 percent say both of those groups are equally responsible.
Nicolosi adds, “While there is a trend to over rely on the second line of defense— risk management and compliance teams—to execute compliance, it’s encouraging to see one-quarter of respondents indicate the first line of defense is taking primary responsibility for compliance in their organizations. I suspect we’ll see further acceleration adopting that approach to compliance management.”
Respondents also say that compliance and IT teams are working more closely together (37.4 percent) or as closely together (34.5 percent) as last year. Only 6.8 percent say those groups are working less closely together.