I think that organizational compliance efforts represent one of the biggest untapped opportunities to increase organizational performance and/or leverage these required activities in the service of organizational transformation. In both the public and private sector, compliance is often spoken of derisively as something to be done only to the degree that is required to check the box and as an impediment to achieving the performance goals of the organization. Things like Sarbanes–Oxley in the private sector and Clinger-Cohen in the public sector are viewed as an organizational tax with limited benefits, most of them are for external stakeholders and few pertain to (OUR) organization. This small minded view is wrong minded for three reasons. First and foremost it sets a poor tone for the compliance effort as a whole. Whether you agree or disagree with the objectives, implementation, or impact of the legislation, the fact is that not complying will have negative consequences for your organization that run far beyond the costs associated with compliance. Secondly, most of these mandates were developed by smart people with good intentions who may have a broader view of performance than simply your organization. Finally, a well run organization should be able to handle most of these initiatives on the basis of being well architected. If you aren’t able to easily identify and prove controls within your financial system as required by law, then perhaps deeper problems exist within your organization than the costs associated with compliance. Compliance initiatives simply should not present enormous difficulties to the well run organization. Here are three keys to getting your response to compliance initiatives right:
- Take a step back and look at the big picture. One of the biggest drivers of cost with regard to compliance initiatives is that they are often handled separately from the execution of normal planning and reporting activities, even where the information required is significantly similar to other information requirements. Part of reducing the cost of compliance is in ensuring that the requirement is put into the proper organizational context and making sure, to the best of your ability, that the requirement is fitted into a appropriate organizational context.
- Find the right organizational owner. Once you have an understanding of where the compliance activity fits in the big picture of the organization, it is time to find a home for the requirement within the organization. This is a critical success factor because choosing the right organizational home will have an enormous impact on the overall cost profile of meeting the requirement, as well as determine how much re-use of any informational requirements occurs. Drivers for organizational ownership include ability to meet the requirement, familiarity with the data required, ability to provide appropriate executive buy-in, and capabilities required for execution.
- Figure out if any of the data can help drive performance. This is critical to lowering the actual cost of compliance to the organization. If the organization is able to lower the cost to be compliant and therefore increase its relative performance to the competition, it will drive performance. If the organization is able to leverage the compliance requirement to better understand their organization or facilitate transformation objectives, it will drive performance. The same business process models that show how an organization ensures internal controls can be used as a mechanism to drive organizational performance.
|Avoid the Compliance Silo|
|Get the Req to the Right Person|
Thanks as always for reading my blog, I hope you will join the conversation by commenting on this post.
If you liked this post, please consider subscribing to this blog and following me on twitter @jmillsapps. I regularly give talks via webinar and speak at events and other engagements. If you are interested in finding out where to see me next please look at the my events page on this blog. If you would interested in having me speak at your event please contact me at firstname.lastname@example.org.
If you are interested in consulting services please go to MB&A Online to learn more.