How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated...
Transcript of How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated...
![Page 1: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/1.jpg)
The contents of this presentation are confidential. Copyright © 2019 Workiva.
How Teams Can Resolve The Compliance Cost Conundrum
Jim Tilk
Senior Product Marketing Manager, Workiva
![Page 2: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/2.jpg)
About Me
• CPA/CMA/CTP
• 13+ years in industry
• Manufacturing, real estate, technology background
• Experience in compliance, risk, audit, ICFR
![Page 3: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/3.jpg)
Agenda
• Compliance programs overview
• Compliance costs
◦ Known costs
◦ Hidden costs
• Reducing compliance costs
◦ Best practices
◦ Technology as an enabler
◦ Cost of inaction
• Q&A
![Page 4: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/4.jpg)
Polling Question #1
1. Does your company have a chief risk or compliance officer?
A. Yes
B. No
C. Both
![Page 5: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/5.jpg)
Compliance Programs Overview
![Page 6: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/6.jpg)
Compliance Programs Overview
• Typical structure
• Three lines of defense
• Rising trends of chief compliance and chief risk officers
• Centralized businesses—compliance incorporated in BU
Source: PWC
![Page 7: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/7.jpg)
Compliance Programs Overview
• Optimization of compliance costs requires focus and judgment
• Run the program like you would any other business
• A recent PWC survey found the top five themes for a cost focused compliance program
Source: PWC
![Page 8: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/8.jpg)
Compliance Programs Overview
• A recent McKinsey study shows 25% of resources involved in testing, monitoring
• Important to define responsibilities for first and second lines of defense, reduce overlap
Source: McKinsey
![Page 9: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/9.jpg)
Compliance Programs Overview
• Centralized
◦ Formal compliance function
◦ Retains control over all program aspects
◦ I.e., financial services
• Decentralized
◦ Embedded in existing functions
◦ Carried out locally
◦ Finance, HR
• Hybrid
◦ Mix
◦ Central oversight with mixed delegation
![Page 10: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/10.jpg)
Polling Question #2
1. What compliance model does your organization follow?
A. Centralized
B. Decentralized
C. Hybrid
D. N/A
![Page 11: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/11.jpg)
Compliance Costs
![Page 12: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/12.jpg)
Costs
• Known
◦ Centralized—Budgets
• Hidden
◦ Unknown, ancillary, ad hoc
![Page 13: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/13.jpg)
Costs
• Average costs of compliance rose from $3.5 million to $5.7 million between 2011 and 2017, a 54% increase
• Costs of non-compliance rose from $9.3 million to $14.8 million—nearly three times the cost of compliance
Source: Globalscape
![Page 14: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/14.jpg)
Costs
• Known
◦ Salaries
◦ Time spent on reporting
◦ New systems
◦ External fees
• Influenced by local, national, international regulations (e.g. SOX)
• Assessments, policies, external audits
![Page 15: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/15.jpg)
Costs
• Known
◦ Data protection
◦ Incidence responses
◦ Policy
◦ Compliance
◦ Trainings
◦ Technology
![Page 16: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/16.jpg)
Costs
• 2017 SOX compliance—large accelerated filer
◦ $1.3 million average program cost
◦ 50% experienced increased external audit fees
◦ 49% increased hours spent on SOX by more than 10%
◦ 60% outsource or co-source
Source: Protiviti
![Page 17: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/17.jpg)
Costs
• MiFID II—2018
◦ EU—markets in financial instruments directive
◦ Imposes more reporting requirements on OTC trading
◦ Firms have collectively spent over $2 billion to comply
![Page 18: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/18.jpg)
Costs
“Banks need to develop a factory-like approach to processing all
the different regulatory changes rather than creating a
workbench for each new rule. The factory must be able to
define a single version of the compliance truth for its business
and keep all of its controls under change control. This can’t be
done with .pdfs, .docs, .xls and .ppt.”
—PJ Di Giammarino
CEO, JWG
![Page 19: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/19.jpg)
Polling Question #3
1. Do you know the approximate annual cost of your compliance program?
A. No idea
B. Rough estimate
C. Fairly close
D. To the penny!
![Page 20: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/20.jpg)
Costs
• Hidden
◦ Internal or external costs
◦ Difficult to measure
◦ Can be influenced by things beyond your control
![Page 21: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/21.jpg)
Costs
• Unknown
◦ Internal
▪ Time spent responding to requests
▪ Issue resolutions
▪ In-house system updated and maintenance
▪ Reporting/analysis time
▪ Fines/penalties
▪ Inefficiency
▪ Poor customer experience
![Page 22: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/22.jpg)
Costs
• Reporting/data analysis
◦ Recent study by Alteryx
▪ 60% of time generating insights, and one-third
of that spent on analysis
▪ Average of 14 hours per week wasted
on locating data
▪ 10 hours per week spent rebuilding
existing information
▪ Inefficiencies cost companies on average
$1.7 million per 100 employees
▪ 80% of respondents said data is paramount
in compliance, policy, and risk management
![Page 23: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/23.jpg)
Costs
• Fines/penalties
◦ Example—HIPPA
▪ Fines for violations averaged $2.5 million in 2018
▪ Total fines for HIPPA have increased annually since 2008
▪ Top Reasons
• Risk analysis failure
• Lack of policies
• Insufficient controls
Source: HIPAA Journal 2019
![Page 24: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/24.jpg)
Costs
• Unknown
◦ External costs
▪ BYOD
▪ Sustainability
▪ Transparent communications
▪ Restatements
▪ Employee turnover
▪ Ethical share price performance
![Page 25: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/25.jpg)
Costs
Source: CPA Journal
• Restatements
◦ 50% of the financial mistatement cases involve companies with smaller than a $250 million market cap
◦ Top 4 reasons for restatements
▪ Securities
▪ Revenue
▪ Taxes
▪ Liability
![Page 26: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/26.jpg)
Costs
Source: Ipo Hub
• Restatements
◦ Hertz—accounting errors
▪ Restatement period 2011–2014, announced 2017
▪ Stock price declined 10% day of announcement
▪ Stock price fell by 40% in the following year
![Page 27: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/27.jpg)
Costs
Source: Ipo Hub
• Restatements
◦ Reissue vs. revision
▪ Reissue: material error over many periods
• Update and reissue financials
▪ Revision: single period not material, but material when aggregated
• Disclosed in footnotes
▪ SOX influenced the number of reissues, but revisions continue to persist.
![Page 28: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/28.jpg)
Polling Question #4
1. Has your company ever filed a restatement or revision?
A. Yes
B. No
C. Prefer not to answer
D. Not sure
![Page 29: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/29.jpg)
Reducing Compliance Costs
![Page 30: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/30.jpg)
Best Practices
• A program based on ethics
◦ Strong policies, top-down approach
◦ Tone at the top
• Risk-based approach
◦ Zero tolerance
◦ Identify risks with use of technology
![Page 31: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/31.jpg)
Best Practices
• High-performing organizations
◦ Clear roles
◦ Supporting policies and procedures
◦ Cross functional teams
◦ Technology enabled
![Page 32: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/32.jpg)
Technology as an Enabler
• Manages compliance risk
• 46% of companies do not have any type of GRC*
• Benefits — harness data and monitor/prioritize threats
• Applications across the organization
*Source: 2018 State of the SOX Market Survey
![Page 33: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/33.jpg)
Technology as an Enabler
• Technology can enable a compliance team to turn from check the box into value creation
• As technology is applied, time and resource allocations are better managed
• As compliance and business strategy align, ROI can be measured
![Page 34: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/34.jpg)
Technology as an Enabler
• Move from detective to preventative
• Analyze more data, make better business decisions
• Coordinate all three lines of defense
![Page 35: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/35.jpg)
Cost of Inaction
• Cost reduction
◦ Efficiency gains
◦ Asset reduction
◦ Cost overruns
• Cost avoidance
◦ Data entry errors
◦ Visibility
◦ Siloed work
![Page 36: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/36.jpg)
Cost of Inaction
• Quality cost
◦ Reporting
◦ Data
◦ Third party
• Opportunity cost
◦ Lost productivity
• Frustration cost
◦ Morale
◦ Turnover
![Page 37: How Teams Can Resolve The Compliance Cost Conundrum · •2017 SOX compliance—large accelerated filer $1.3 million average program cost 50% experienced increased external audit](https://reader033.fdocuments.us/reader033/viewer/2022042406/5f20a154530ccf7d5c35a254/html5/thumbnails/37.jpg)
The contents of this presentation are confidential. Copyright © 2019 Workiva.
Questions?