Regulatory Compliance Continues as a Top Challenge

April 2019

Last year saw a flurry of global and domestic regulatory activity, and this year won’t be different. Given the volume and complexity of these laws, keeping up with regulatory changes is corporate counsel’s top personal challenge (24 percent), a figure that rises among general counsel and chief legal officers (38 percent) and large organizations (35 percent).
 
 ADV_Inside-E-Discovery-and-Beyond_20.png
 
Organizations in heavily regulated industries, such as financial services, healthcare, life sciences, and energy face a particular burden. In addition to having to actively monitor news from federal, state and local legislators and regulatory agencies, general counsel in these industries have to be attuned to trends that could produce potential regulatory changes down the road.
 
The consequences of noncompliance are serious—ranging from lawsuits and fines to business dissolution.

ADV_Inside-E-Discovery-and-Beyond_21-(1).png
 


3 C’s of a Successful Compliance Program

 
ADV_Inside-E-Discovery-and-Beyond_22.png Customize Your Program
While it may sound obvious, creating a custom compliance program that addresses your organization’s specific profile and risks—while staying within your resource constraints—is critical. When creating or revamping your program, it’s imperative that you work with, and complement, your organization’s current operations, rather than attempt to build from scratch.
 
A significant part of this customization process is figuring out which compliance technology offerings are best suited to your business needs. While it may be tempting to simply implement any solution that promises automation and efficiency gains, it’s important to remember that one size does not fit all. To select the right tools, organizations should first assess their current IT capabilities, including their IT infrastructure’s ability to integrate new systems and their staff’s technical skills. Next, they should identify which of their already-existing processes are best candidates for automation, and which additional features are needed to bridge any gaps. Finally, they should conduct due diligence while researching different vendors. It’s important that organizations find partners who can not only meet their current needs, but also future requirements.
   
ADV_Inside-E-Discovery-and-Beyond_23.png Cultivate a Culture of Compliance
While technology can greatly ease companies’ compliance burdens by predicting trends, flagging anomalies, calculating risk, aiding decision-making and more, technology without a strategy or organizational processes to back it up is still ultimately just that— technology. Organizations that wish to avoid compliance failures must ensure that, in addition to implementing the right systems and tools, they are also creating a strong corporate culture of compliance— starting with tone at the top. Senior executives must take care to address potential compliance issues on every level and hold themselves to the same high standards to which their organizations should be held. In addition, companies should maintain ongoing employee training with some frequency to ensure that all individuals are familiar with the responsibilities and expectations demanded of them, as well as tools that could be used to report anomalies. Implementing a holistic end-to-end compliance system that accounts for people, technology and processes is imperative to rendering it long-lasting and effective.
   
ADV_Inside-E-Discovery-and-Beyond_24.png Constantly Re-assess
Compliance is an ongoing endeavor, not a one-time fix. As such, it’s critical that organizations test their compliance program on a regular basis and change procedures, protocols, systems or tools that aren’t working effectively. This is where outside advice from third- party digital experts comes in handy. Due to the rapidly changing nature of technology and the regulatory landscape, organizations that wish to avoid becoming complacent should regularly seek independent expert advisors who that can flag gaps in their current compliance programs and help them plan for the future.
 
At the same time, companies must be honest and transparent about their own program capabilities to external stakeholders—reporting the actual level of compliance they are operating at on a daily basis, versus an elevated one.