It doesn’t exactly have a reputation for enthusing the masses, but our friends in compliance get a bad rap, considering their only crime is trying to keep our business, employees and customers safe.
Almost a decade after the global financial crisis, economies are growing, consumer confidence has bounced back and more companies than ever have moved online.
Next to that, we have technical innovation moving forward at great speed and a virtual vortex of customer data, personal information and payment details, creating ever more incentive and opportunity for fraud, not to mention risks to cyber security such as ransomware.
It’s a Catch 22: Business booms, corruption looms. The reality is, neither innovation or customer need are likely to slow down anytime soon, making strong compliance policies and more sophisticated security our best hopes for taking on the fight against online crime, and winning.
Cybercrime on the rise
Online fraud, cybercrime and cyber attacks have increased across the board, meaning businesses and organisations need to know how to safeguard against them. Emerging markets are some of the worst hit, with countries such as Nigeria and Egypt experiencing exceptionally high incident rates and western nations including the US, Germany and the UK all reporting increased attempts and successful attacks on businesses and individuals.
Ransomware attacks and cyber extortion reached an all-time high this year, with everything from hospitals to financial institutions learning exactly how much damage malicious software viruses such as WannaCry can do, bringing businesses and even airports to a standstill.
Compliance regulation increasing globally
As a result, businesses are under increased pressure from regulatory bodies to do more to protect customers and prove their efforts. Consumer and data protection is high on the list of priorities of governments across the globe and legislation such as the GDPR (General Data Protection Regulation), set to become law in the EU in May 2018, is just one more example of how committed governments are and to applying more aggressive enforcement.
Similar tactics are being employed in the US, Hong Kong and Canada and countries such as Australia are putting resources into more stringent identity proofing.
The increased number and complexity of new compliance laws means businesses need to get compliance-savvy, and quickly.
IT can help
The good news is that designers and tech companies love change and they’re ahead of the curve on this one, with buzzwords like ‘regtech’ already doing the rounds in software circles.
Compliance software covers a huge range of business purposes, regulations and industry needs and there are platforms to meet every requirement.
Remember, compliance isn’t limited to laws and regulatory standards. Some industries have other measures by which they hold themselves and each other accountable.
For example, corporate ethics policies, acceptable use policies and company-specific marketing policies could all be categorised as compliance issues. Some suppliers in the food, transport and healthcare industries will have strict policies and standards they’re expected to adhere to and software can be shaped and designed to support them all.
Which types of software help with compliance management?
There are three main types of compliance management software:
- Governance, risk and compliance software (GRC)
All-purpose compliance management platforms offer a generic solution with standard capabilities that stretch across industries.
Industry-specific tools help businesses in heavily regulated industries, such as manufacturing, financial services and healthcare, meet specific legal and commercial requirements.
GRC platforms include generic features and tailored capabilities that look at risk management, corporate governance, business continuity and legislation.
What can a compliance management system help with?
- Task management and registry, e.g. authoring, approvals, version control
- Control monitoring, e.g. workflow, cataloguing, incidents, escalations
- Reporting, e.g. KPI measurement, dashboards, analysis
- Audit management, e,g. case management, reporting on issues and resolves
- Change management, e.g. tracking of regulatory info, setting timed alerts
- Training, e.g. online courses, customised training policies and programmes
- Survey tools, e.g. business self-assessment surveys
- Conflict management, e.g. registering employee gifts, investment and trading
- Fraud management, e.g. detecting patterns of behaviour, information sharing
- Multilingual interfaces, e.g. translation functionality
What are the key considerations before buying?
- How much risk management functionality you need
It’s unlikely you’ll need risk management without general compliance management capabilities, so talk to providers about integrated solutions that help identify compliance risks and make your investment more cost-effective.
- Whether you need to consider business continuity planning
As before, it’s worth looking at software providers who deals with compliance management and business continuity as consolidating the requirements in a single platform will also increase efficiencies.
- How much IT support it will require
Depending on how much IT capacity you have and what your IT budget is, it’s worth looking at providers who offer help desk support and act as a virtual CIO to deal with any issues that do arise.
GDPR is on its way, but is your business ready for it? Find out what steps you need to take to be compliant and how we can provide the IT support you need by downloading our GDPR-readiness checklist: