Framed another way, compliance is now the byproduct of good risk management practices enabled by grouped data management technologies that were previously cost prohibitive to the risk function. When we say the costs of compliance are increasing, we mean three distinct types of costs.
The first is the investment you make in ensuring compliance — the cost of identification, documentation, analysis, remediation and monitoring. The sheer increase in the amount of available data is exponentially increasing the demands on the compliance function. More and more transactions are digitized and recorded; cloud storage allows vast data repositories that were barely imaginable 10 years ago.
The second cost is the financial consequences of failing to achieve compliance. These take the form of financial losses, damage to reputation, regulatory interventions, and potential legal actions. They can result in profound financial and personal consequences that are virtually impossible to quantify.
The third cost of non-compliance is the opportunity cost created by inefficient and outmoded processes. In traditional compliance, companies needlessly divert human resources to rote, tedious and manual processes and remove those people from more creative and valuable work. Once finance professionals are freed to devote their time to root cause analysis as opposed to redundant process execution, they can add significant value and move into the role of providing sophisticated insights aligned with the vision of the modern finance organization.
Traditional approach versus the automated approach
The traditional model is ill-suited to the current compliance function. That model relies on episodic data sampling and manual data review. In addition to being time consuming and costly, this approach demands high levels of attention while delivering low levels of assurance by using non-statistical sampling. With a traditional approach, continuous monitoring is impossible, and turnaround can take days, weeks or even months. By contrast, approaches using a cloud platform and data analysis and management software promise enhanced efficiency, greater assurance, richer insights, continuous monitoring, and faster turnaround at a lower cost.
You can increase efficiency by up to 80% by automating the process and eliminating human error, which is a greater risk in rote processes. The benefits that automation can deliver in this approach are powerful, and they are compounded by the benefits that trained people can deliver. By freeing your people to concentrate on root cause analysis and gathering insights, you put them in a position to creatively solve problems and proactively add value. This could mean faster or more profound insights that can lead to quick action. It could also lead to evolving the control environment itself — adjusting controls to increase their precision, relevance, responsiveness, efficiency, and reliability.
Automation is a digital process that works best when the underlying process is also digital. Without a digitized process, it is hard for the team to automate testing activities consistently.
Control automation can help you achieve measurable efficiencies and generate actionable insights. While its implementation requires a commitment in rethinking your approach as well as training and technology, the costs of control automation decisively outweigh the costs of compliance as usual. While each compliance challenge requires its own array of software, there is fortunately plenty available. Regardless of the size of your company’s footprint, the right professionals can help you assess and automate your compliance controls, working with you to drive significant efficiencies and greater transparency across the compliance function.
Grant Thornton library articles: