3 steps compliance executives can take
Compliance professionals in global organizations face a multitude of complex regulatory, jurisdictional and marketplace challenges, but taking a Risk Intelligent approach provides three important and relatively accessible ways that they can quickly enhance their contribution to and impact on reputational risk issues:
- Take what we call an outside-in perspective, identifying key drivers of the enterprise reputation from the vantage point of outside observers—many of whom are vital constituents for regulated industries, such as government authorities, analysts, legislators and investors.
- Connect to and align with company strategy. This means understanding the broader business context in which you do business. For instance, it requires development of a fuller understanding of your organization’s fundamental business strategy, including how your compliance activities tie to and support company strategy, and how meeting regulatory requirements fit in with building public trust and stakeholder confidence.
This process definitely includes protecting what you already have but also introduces new dimensions for proactively burnishing a desired brand image by raising awareness of outside threats and improving opportunities for business units and functions to address them in a timely, if not cutting-edge, way.
A Risk Intelligent approach suggests, for example, that managing reputational risk might begin with challenging your organization’s more closely held assumptions about what makes and keeps the enterprise reputation strong. - Incorporate compliance into the overall risk management program. This also relates to understanding the broader context of compliance activities, such as exploring the essence of laws and regulations and responding to the protections they are designed to support. Making compliance part of the larger risk initiative also requires bridging silos, so that compliance isn’t just heads-down on check-the-box details.
While it is true that a comprehensive reputation risk management program employs a wide variety of sophisticated tools and processes, such as benchmarking, scorecards and new media measurement, the three steps cited above can help jump-start compliance readiness and pave the way for appropriate and effective involvement by compliance executives in supporting corporate reputational risk management programs.
About the AuthorThis article contains general information only and Deloitte is not, by means of this article, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This article is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte, its affiliates, and related entities shall not be responsible for any loss sustained by any person who relies on this article.Copyright © 2011 Deloitte Development LLC. All rights reserved. Member of Deloitte Touche Tohmatsu Limited
Henry Ristuccia has more than 25 years strategic and implementation experience in risk management and internal controls. He now serves as co-leader of Deloitte’s Governance and Risk Management practice.
As used in this document, ‘Deloitte’ means Deloitte & Touche LLP, Deloitte Consulting LLP, Deloitte Financial Advisory Services LLP, and Deloitte Tax LLP, which are separate subsidiaries of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.
x x x."