Prof. Hernan Huwyler's slideshare discusses in detail five key actions that organizations can take to reduce compliance costs. These actions are designed to help organizations increase their compliance efficiency, reduce compliance risks, and lower compliance costs.
The first action proposed by Prof. Hernan Huwyler is to designate local managers as compliance representatives in business units. This helps to amplify control while reducing the compliance function's structure. By designating local managers as compliance representatives, organizations can have a more effective compliance structure with fewer resources. Local managers can act as compliance ambassadors and help ensure that the organization's compliance policies and procedures are followed in their business units.
The second action proposed is to quantify compliance risks and price potential claims, compensations, fraud, and revenue losses due to noncompliance. By quantifying compliance risks, organizations can better understand the potential costs of non-compliance and allocate resources accordingly. This can also help organizations prioritize their compliance efforts and ensure that they are focusing on the most significant compliance risks.
The third action is to assign the testing of compliance controls to process owners and outsourcing service providers. This helps to distribute the responsibility for compliance testing and can reduce the workload of the compliance function. By assigning compliance testing to process owners, organizations can ensure that compliance controls are tested regularly, and issues are identified and addressed promptly.
The fourth action proposed is to embed efficient controls in clearly articulated procedures. By embedding controls in procedures, organizations can ensure that compliance requirements are met consistently and effectively. Efficient controls can help organizations streamline compliance processes and reduce compliance costs.
Finally, the fifth action is to add requirements for compliance skills when recruiting legal and financial managers in business units. This helps to ensure that compliance is a consideration when recruiting new managers. By ensuring that managers have the necessary compliance skills, organizations can better integrate compliance into their business operations and reduce the risk of non-compliance.
In addition to these five actions, the slideshare also suggests other recommendations, such as delegating compliance consultations, audits, and due diligence, benchmarking the scope of risk assessments, and implementing policies to simplify wording and articulation of procedures. Additionally, the slideshare recommends coordinating actions with business units to assess, implement, measure, and reward cost reduction initiatives. By following these recommendations, organizations can reduce their compliance costs while maintaining effective compliance programs.
3. Inflation, recession and
increased penalties made
necessary to amplify the
control, scope and support of
the compliance function
while reducing its structure
Compliance costs
were significantly
rising
4. Compliance ambassadors
Designate local managers as
compliance representatives in business
units
What
Amplify the control audits
and training
Reduce headcount and travel
costs at group level
Results
Add requirements for compliance
skills for recruiting legal and
financial managers in business units
Transfer in-person training
Delegate compliance consultations,
audits, due diligence and
implementations of local
regulations
Delegate the approvals and the
facilitation of risk assessments for
local contracts, laws, regulations
and fraud
Measure that the program is
actually reducing compliance costs
How
Increase insight from
business units
Decentralize
5. Quantify compliance risks
Price potential claims, compensations,
fraud and revenue losses due to
noncompliance
What
Adjust the compliance
controls to mission-critical
processes, clients and
contracts
Avoid overvaulting risks with
superficial assessments
Results
Model compliance risks when
planning for new products,
contracts, prices, third-party
agreements
Measure the cost of non-compliance
in fraud losses, disputes, penalties,
claims, compensations, liabilities,
credits and complains
Assess the coverage of insurance
policies for liabilities
Benchmark the scope of the risk
assessments against the compliance
register of obligations
How
Renegotiate liability
insurance
6. Self-control testing
Assign the testing of compliance
controls to process owners and
outsourcing service providers
What
Sell compliance-as-a-
Service in business
proposals
Results
Create a checklist to test compliance
controls with a fixed selection
criteria and detailed evidence
requests
Add the review of the supervisor of
the performer of the tests
Do a control re-performance testing
for few activities from the
compliance function
Create a link transaction accesses to
ERP & CRM with manual delegations
to automatically prevent
incompatibilities
Exclude low value transactions
How
Reduce the costs of testing
compliance controls for SOX,
ISO and other certifications
Increase the accountability of
process owners and third-
parties
7. Smart controls and procedures
Embed efficient controls in clearly
articulated procedures
What
Reduce transaction costs by
removing unneeded and
Increase accountabilities
Results
Implement a policy management
policy with a central repository for
normative documents
Shorter approval chains with a RACI
approach
Simplify the wording and
articulation of procedures
Prevent input data errors with
automatic validations
Create automatic flows for
approvals, delegations and control
tests
Increase escalation thresholds
How
Reduce fraud losses
8. Cost reduction plans as
compliance obligations
Transformations and efficiency
plans are voluntary commitments to
cover by compliance
Coordinate actions with the
business units to assess, implement,
measure and reward cost reduction
initiatives
Reduce number of entities
Replace licensed software
supporting compliance by free
open-source flow managers (e.g.
Apache Airflow for due diligence
and audits, R for risk assessments,
Camunda for APIs)
Insource consultancy and external
advisor costs
Reduce staff cost and travel by
remote audits and document
collection and reports via robotics
Depurate databases
Typical cost cutting
plans in compliance