Managing Compliance Risks: Why CFOs and CCOs Should Work Together

In the modern business world, companies are at the beck and call of a dizzying array of laws, regulation, codes of conduct and standards of practice.

Violating them can result in the potential for penalties including fines, prosecution and even jail time for executives. This is what we refer to as compliance risk, and it can prove bewildering to navigate for even the most careful and law-abiding companies.

At the same time, the era of big data, instant connectivity and citizen broadcasting via social media means it’s never been more important to ensure transparency and prevent questionable business practices from being committed and exposed.

So how can firms of all sizes approach this ever-changing regulatory environment and make themselves less vulnerable to compliance risk? The answer could lie in closer relationships between chief financial officers and chief compliance officers.

The importance of compliance

Failure to comply can have dire consequences. According to Hyperproof, non-compliance costs US businesses an average of $4 million a year in revenue losses, which is more than twice the amount of maintaining compliance in the first place.

The most common regulations it's now necessary to comply with include:

• The Sarbanes-Oxley Act
• General Data Protection
• Privacy Shield

With some of the most famous breaches hitting the headlines worldwide and proving devastating for the companies involved, it's easy to see why any organization would want to steer clear of repeating the same mistakes.

Essentially, compliance exists to keep businesses, their clients and their customers safe from crime, harm, poor ethics and other wrongdoing.

The changing role of the CFO

Thirty years ago, a CFO might simply have been responsible for keeping the books, issuing financial reports and other fiscal tasks. Today, they're likely to find themselves in a much more dynamic role in value creation, whatever sized company they work for.

And one of those many hats the CFO wears is sure to be risk management-related - after all, most business owners would view financial loss as being a key risk. However, risk is no longer simply about money.

Indeed, it can relate to processes, personnel, reputation and - increasingly - data. CFOs need to be able to view risk from a commercial point of view as well as just a financial one, which is why it’s vital for them to be willing to collaborate with other CCOs.

The importance of the CCO

As the name suggests, a chief compliance officer (CCO) will ensure the various departments within an organization are complying with any necessary corporate practices, as well as communicating with employees as to why this is important.

This can be viewed with a certain amount of hostility from employees, but CCOs should be seen as an asset to help firms as opposed to someone seeking to catch them out in the act of breaching compliance.

Indeed, their skills in the workplace could act to protect against significant reputational harm as well as financial losses, which is why CFOs might want to consult them when it comes to managing risk in future.

How incorporating compliance may help

Most firms will already be carrying out risk assessments, but taking compliance into account when doing so could help to identify legal and regulatory risks as well as other operational pitfalls.

This is where the skillset of a CCO could come in. They should help CFOs better understand how and why risk events may occur, as well as their potential impact.

A risk assessment involving compliance should lay out:

• A framework to demonstrate and organize existing risks
• A methodology to assess the risks legally, financially and from a reputational standpoint

For example, a risk assessment for a pharmaceutical company might flag up problems such as biohazards in the workplace or projected profits based on predicted investments. However, a compliance-themed risk assessment could point out hidden problems such as an absence of written procedures, which could have serious legal implications and result in negative press coverage in the event of an audit.

To give another example, a risk assessment for sales reps might look at ensuring their safety on the road and potential theft of electronic equipment. On the other hand, additional assessment concerning compliance might also examine the ethical implications of overly-ambitious targets and the potential resulting temptation to sell using unscrupulous practices. This may result in punishment and bad press further down the line.

In having more effective risk management in place, businesses could reduce the likelihood of non-compliance and relieve themselves of a major stressor in the process.

That's why, as corporate laws become stricter and the consequences of failing to adhere to them become increasingly severe, it makes more sense than ever for CFOs and CCOs to collaborate. Their unique perspectives are sure to combine to produce a broader outlook and make keeping an eye on business much easier, and that's surely something every executive wants in the workplace.