2015 Global Corporate Compliance & Ethics Data Survey
Transcript of 2015 Global Corporate Compliance & Ethics Data Survey
Global Corporate Compliance & Ethics Data Survey
Facts & analysis
January 28, 2016© 2016 Consero Group. Reproduction Prohibited.
In Partnership With
© 2016 Consero Group. Reproduction Prohibited.2 January 28, 2016
IntroDuCtIon
Global Corporate Compliance & Ethics Data Survey
Chief Compliance Officers face a variety of complex challenges. Among these
are increasing data privacy issues, changing foreign regulatory requirements,
and the logistical hurdles of global compliance training. While compliance
officers’ influence on decision-making and strategy has grown over time, there
remains a great deal of opportunity for more efficiency and impact. By working
across the C-suite and leveraging their teams and different tools, today’s
Chief Compliance Officer can ensure that the organization navigates a tough
compliance environment effectively.
Table Of Contents
3Access And Strategy
5Operations And Program Management
7Technology And Cyber Security
9Risk Management
11Conclusion
12Consero
© 2016 Consero Group. Reproduction Prohibited.2 January 28, 2016
Survey Structure And Methodology
Consero’s Corporate Compliance and Ethics Data Survey was conducted in
connection with its invitation-only North American and European 2015 Fall
Forums for Chief Compliance Officers. Produced in collaboration with The
Red Flag Group, the survey consisted of 17 questions, covering issues such
as compliance operations, technology infrastructure, and risk management,
among others. There were 76 respondents from Fortune 1000 companies,
providing valuable insight into the current and looming opportunities and
challenges of Chief Compliance Officers.
© 2016 Consero Group. Reproduction Prohibited.3 January 28, 2016
ACCESS AnD StrAtEGY
Overall Compliance Strategy Is The Top Area Of Focus For Chief Compliance Officers In 2016
The top three positions to which Chief Compliance Officers report are General
Counsel (42%), Board of Directors (33%), and Chief Executive Officers (21%).
Despite the seniority of their managers, 58% of Chief Compliance Officers do
not believe the compliance function is integrated adequately into corporate
decision-making and strategy. In addition,16% of respondents view senior
management buy-in as an impediment to their department’s progress.
Looking ahead, two-thirds of Chief Compliance Officers are focused on overall
compliance strategy in the next 12 months. Third-party oversight follows
second at 54%, and employee compliance training at 49%. Compliance
respondents claim insufficient staffing as the main impediment to their
department’s progress, indicating that recruiting and training will be a priority
in 2016.
Figure 2: Is your compliance function integrated sufficiently into corporate decision-making and strategy?
Yes 42% No 58%
Figure 1: to whom do you report? (Select all that apply.)
General Counsel 42%
Board of Directors 33%
Chief Executive Officer 21%
Chief Financial Officer 4%
Chief Risk Officer 2%
Other 11%
42%
21%
4%2%
11%
33%
© 2016 Consero Group. Reproduction Prohibited.4 January 28, 2016
ACCESS AnD StrAtEGY
Figure 3: What are your top areas of focus for the coming 12 months? (Select all that apply.)
Figure 4: What would you describe as the greatest impediment to your department’s progress?
64% Overall compliance strategy
54% Third-party oversight and management
49% Employee compliance training
46% Bribery and corruption
33% Data privacy and cyber security
36% Regulatory matters
21% Technology integration
16% Ethics risk
9% Other
22% Insufficient staffing
16% Senior management buy-in
14% Access to budgetary resources
14% Current IT infrastructure
13% Middle management buy-in
10% Evolving regulatory landscape
10% Global compliance program management
2% Other
© 2016 Consero Group. Reproduction Prohibited.5 January 28, 2016
oPErAtIonS AnD ProGrAM MAnAGEMEnt
Seventy-Three Percent Of Compliance Officers Believe Their Compliance Programs To Be Just Somewhat Effective In Mitigating Organizational C&E Risk
Most compliance respondents view their programs as just somewhat effective
in mitigating C&E risk for their organizations. This is an alarming reality,
given that failure to adhere to C&E mandates can result in severe and costly
penalties. Compliance officers may wish to spend time in 2016 strengthening
their current operations to protect their organizations from C&E risk
adequately.
When asked how they assess the effectiveness of their compliance operation,
72% of Chief Compliance Officers use internal auditing and monitoring, 68%
monitor training completion rates, and 58% leverage hotlines. A majority of
compliance executives rely on third-party vendors to monitor whistleblower
hotlines.
With regard to compliance training within organizations, 73% of respondents
have made bribery and corruption training mandatory for all their employees,
highlighting the focus Chief Compliance Officers and their companies place on
this issue. In addition, just over two-thirds of respondents view online tools as
an effective means to train their global employees.
Figure 5: How effective is your compliance program in mitigating C&E risk for your organization?
Very effective
15%
Somewhat effective
73%
Not effective
12%
© 2016 Consero Group. Reproduction Prohibited.6 January 28, 2016
Figure 6: What tools do you use to assess the effectiveness of your compliance operation? (Select all that apply.)
oPErAtIonS AnD ProGrAM MAnAGEMEnt
Inte
rnal
aud
itin
g an
d m
oni
tori
ng
72%
Trai
ning
co
mp
leti
on
rate
s
68%
Ho
tlin
es
58%
In-h
ous
e
emp
loye
e su
rvey
s
53% 39% 10%O
ther
Third
-par
ty
asse
ssm
ent
too
ls
Figure 7: Do you use a third-party vendor to manage your whistleblower hotline?
Yes 82% No 18%
Figure 8: Is online compliance training an effective means to train your global employees?
Yes 67% No 33%
Figure 9: Is bribery and corruption training mandatory for all managers in your organization?
Yes 73% No 27%
© 2016 Consero Group. Reproduction Prohibited.7 January 28, 2016
tECHnoLoGY AnD CYBEr SECurItY
Over 80% Of Chief Compliance Officers Report That Current Technology Infrastructure Is Insufficient For The Needs Of Their Operation
An overwhelming 84% of Chief Compliance Officers do not believe the current
technology infrastructure of their organizations meets the needs of their
compliance operation. Furthermore, 43% of respondents are not confident
in the ability of their IT departments to support the compliance needs of
the organization. This major gap between IT and compliance likely deserves
attention, as technology plays a crucial role in employee compliance training,
overall compliance program management, and data privacy management,
among other areas.
Fifty-six percent of compliance respondents are either very involved or
involved in cyber security and data privacy issues within their organization—a
figure that may rise over time as more companies are exposed to cyber
threats. Currently, 54% of Chief Compliance Officers have a formalized data
privacy compliance plan for their company, and 29% are in the process of
creating one. This validates the rising emphasis on monitoring data privacy.
Figure 10: How involved are you in cyber security and data privacy within your organization?
Very involved
31%
Involved
25% Somewhat involved
25%
Not involved
19%
© 2016 Consero Group. Reproduction Prohibited.8 January 28, 2016
tECHnoLoGY AnD CYBEr SECurItY
Figure 11: Do you have a formalized data privacy compliance plan for your company?
Yes
No
In the process of creating one 29%
17%
54%
Figure 12: Does your current technology infrastructure meet the needs of your compliance operation?
Yes
No 84%
16%
Figure 13: How confident are you in your It department’s ability to support the compliance needs of your organization?
0% Very confident
Confident 19%
Somewhat confident 39%
Not confident 42%
© 2016 Consero Group. Reproduction Prohibited.9 January 28, 2016
rISK MAnAGEMEnt
Compliance Officers Report Asia Pacific As The Region That Poses The Greatest C&E Risk To The Business
Compliance officers spend a significant amount of time identifying and
mitigating risks around the globe. Seventy percent of respondents are either
very involved or involved in enterprise risk management efforts for their
organizations. Sixty-one percent of Chief Compliance Officers conduct an
enterprise-wide risk assessment once a year, while 14% do so on a quarterly
basis.
In looking ahead, 49% of Chief Compliance Officers named Asia Pacific as the
geographic region that poses the most C&E risk to their business operations
by a wide margin. Just over two-thirds of respondents believe their compliance
teams to be educated on foreign regulatory requirements that are important
to the business. The perceived risk around the Asia Pacific region calls for
compliance and legal teams to have a greater amount of familiarity with foreign
regulations in the coming year.
Figure 14: How involved are you in enterprise risk management efforts within your organization?
Not involvedSomewhat involvedInvolvedVery involved
37% 33%
24% 6%
© 2016 Consero Group. Reproduction Prohibited.10 January 28, 2016
rISK MAnAGEMEnt
Figure 15: How often do you conduct an enterprise-wide risk assessment?
Annually 61%
Semi annually
10%
Quarterly
14%
Never
1%On occasion/
rarely
14%
Figure 17: Is your compliance/legal team sufficiently familiar with foreign regulatory requirements that impact your business?
Yes 67% No 33%
Figure 16: What geographic region do you foresee posing the greatest compliance and ethics risks to your business operations in 2016?
Asia Pacific 49%
Latin America 13%
Middle East & Africa 9%
North America 6%
Eastern Europe 5%
Western Europe 4%
Central America 1%
My company does not have a global presence 13%
6%
49%
9%
5%4%
1%
13%
© 2016 Consero Group. Reproduction Prohibited.11 January 28, 2016
ConCLuSIon
Lessons For The Industry
The compliance function maintains responsibility over a variety of activities
that are essential to risk mitigation and ensuring a successful and smooth
business operation. Chief Compliance Officer involvement in enterprise risk
management, data privacy, and strategy, among other priorities, signifies a
busy 2016. It will be necessary for the compliance department to prioritize
improving IT infrastructure, as well as hiring and retaining a strong team.
In doing so, compliance officers will give themselves their best shot at
strengthening their compliance operation and mitigating operational risks
effectively.
© 2016 Consero Group. Reproduction Prohibited.12 January 28, 2016
The Red Flag Group is The Compliance Firm® that helps companies turn compliance into a competitive advantage. Founded in 2006, the firm has offices and research centers in the United States, Europe, Asia, Africa, and Latin America. Our professionals include former in-house counsels and compliance officers supplemented by a diverse team of forensic accountants and regulatory officials, all tasked with building innovative and cost-effective solutions for our clients.
As one of the world’s leading independent corporate governance and compliance firms, we provide thought leadership to major corporations worldwide and assist them in creating and maintaining customized and integrated compliance solutions that add value to their business.
We co-develop our solutions with our clients, focusing on implementing best-in-class risk mitigation practices that align with their strategic goals. Our suite of services comprise tailored project advisory, due diligence covering more than 190 countries and technology solutions, including our proprietary ComplianceDesktop® Technology Platform, which allows compliance professionals to easily track, manage, and monitor their global compliance programs amid the ever-changing regulatory landscape.
For more information, please visit www.redflaggroup.com.
© 2016 Consero Group. Reproduction Prohibited.13 January 28, 2016
How Is Consero Different From Other Conference Companies?
Branded as the anti-conference company, Consero’s model is a vast improvement over
the traditional model for conferences and trade shows in several important ways.
Exclusivity, Intimacy, and Commonality. Consero puts its executives first. Unlike
other conferences, a Consero Forum brings together executives with common levels
of experience and seniority, as well as similar business challenges. This format ensures
optimal networking and collaborative development of best business practices.
Original Content and Thought Leadership. Consero views its events as a means to an
end—solving business problems. Consero prides itself on generating, original content
that contributes to practical discourse, yielding useful takeaways that help participants
to improve their own performance, as well as that of their organizations. By permitting
its programs to evolve until the Forum takes place, Consero can integrate the most
current significant developments into the solutions that emerge from the Forum.
What Problems Does Consero Solve?
Today’s senior executives are busier than ever and inundated with information—too
little of which addresses their specific current needs. Consero brings together these
senior executives to learn from one another in an efficient, exclusive format and build
relationships that facilitate ongoing collaboration. Through interactive discussions,
each moderated by an industry expert, executives share ideas and address particularly
difficult problems with their counterparts in the room.
In addition to superior educational opportunities, Consero Forums expose senior
executives to participant-requested and Consero-vetted industry solution providers
that offer innovative enterprise solutions to challenges identified by the executives
themselves. Consero’s selective criteria for solution providers and insistence that those
companies send senior executives provides a different kind of sponsoring partner
experience.
Building upon its unique learning and networking events, Consero also offers senior
executives access to a membership platform called Consero Connect. Connect delivers
a customized platform that provides the support you need when you need it, along with
a wide array of event-generated content. This exclusive membership allows executives
to leverage Consero’s network of C-suite leaders to benchmark, recruit top talent, and
solve specific departmental challenges efficiently. Visit conseroconnect.com to learn
more.
1 Gonsalves, Antone. “Consero Takes Aim at Bored C-Suiters with Its ‘Anti-Conferences.’” Bloomberg. Jan. 28, 2011. <www.bloomberg.com/news/2011-01-28/consero-takes-aim-at-bored-c-suiters-with-its-anti-conferences-.html> Jan. 28, 2011.
Opportunities To Participate at Future Consero Forums may be available on a limited basis. Please contact our team for additional information.
Consero Group
consero.com
4915 St. Elmo Ave., Ste. 100
Bethesda, MD 20814
tel (202) 595-9300
2016 Consero Compliance Forums
corporate compliance & Ethics Forum
March 6–8, 2016 Ponte Vedra inn & club, Ponte Vedra Beach, Fl
corporate compliance & Ethics Forum
september 18–20, 2016 island Hotel newport Beach
newport Beach, ca
corporate counsel & compliance
Forum
november 28–30, 2016 Millennium Gloucester Hotel
london, England