Risk Insight International - Global consultants in security risk management, emergency management, business continuity, fraud and corruption control, loss prevention, investigations, training and technology.

The Compliance Environment

Manage The Risk

The globe is littered with corporate scandals, jailed executives and corporate collapses with senior management either being implicated, held accountable or ignorant of what has occurred.

As a result, organisations already operating in a globalised, technology driven and volatile business environment are further driven by the increasingly interventionist activity of regulatory agencies and legislation. Some examples include – ASX Governance Principles, ASIC, APRA Stage II reforms, CLERP 9, Basle II, Sarbanes Oxley (US), Cadbury & Turnbull (UK), and Whistleblower legislation.

Despite the increased levels of compliance scrutiny, the events of workplace death and injury, security breaches, and fraud and corruption continue. This can result in police or regulatory agency investigation, coronial and criminal hearings, media scrutiny, officer and director liability, jailed executives, economic loss, increased insurance premiums and creating a tarnished business reputation and brand.

Insufficient emphasis is placed on an integrated and embedded approach to managing risks across an organisation that would realise economic and regulatory compliance benefits; particularly the human dimension to understand the attitudinal and behavioural issues of why people continue to commit errors and violations in the workplace.

A range of organisational impediments will increase business vulnerability and the need for reactive protection services:

Protecting the enterprise cannot be left to chance as risks change & targets invite attention because of a lack of protection
Low appreciation of the potential ROI of good governance, regulatory compliance, ethical behaviour and safe and secure environments
Poor implementation of risk management strategies:
- adopting a checklist approach invites short-term fixes
- non-integration across business
- limited causal analysis to define real problem
- lack of information sharing networks
Business processes:
- non-core and non-aligned create noise & poor policy compliance
- awareness variance between senior management, middle management and workers
- minimal accountability due to poor performance management
- no coercion - self-regulatory environment
Human factors – failure to understand the attitudinal-behavioural issues that lead to costly errors and violations
Minimal use of business case to demonstrate:
- financial benefits of mitigating risks
- benchmarking metrics for effective investment analysis
Minimal use of software to automate processes
Over reliance on the use of insurance to treat all risks