According to Kreisson Legal , Compliance is all about managing risk. Compliance systems, or a lack of them, reflects the culture of many organisations. Businesses are faced with operational risk, financial risk and most importantly, reputation risk.
It is the Directors, who often have a personal exposure, or shareholders, who are generally most concerned about how a company manages its risk profile. Shareholders and even consumers these days, like to know they are dealing with a good corporate citizen. A good corporate citizen usually has a compliance framework in place, with corporate values to match.
Risk management and compliance must be an integral part of management’s decision making process. It allows an informed choice to be made by organisations as to the level of risk they will carry.
One view is that compliance is reactively driven. Most companies wait until they have a serious risk issue to tackle before realising that, had there been a good compliance system in place, the risk may never have eventuated. The problem with a reactive approach is that sometimes, the outcome of a bad risk crystallises and leads to the demise of a good business, by which stage, it is too late to reverse.
Even if the company can pay the hefty penalties that are often imposed, this can still have a disastrous impact on the company’s profits, with shareholders questioning why and how it all went wrong.