Key Trends, Issues and Best Practices in Compliance 2014

Similar documents
Key Elements for Effective Compliance Program Board Reporting

Global Trends in RPO & Talent Recruitment pam berklich

KNOW YOUR THIRD PARTY

Retail. White Paper. Driving Strategic Sourcing Effectively with Supply Market Intelligence

Tapping the benefits of business analytics and optimization

Supporting Effective Compliance Programs

Convercent Predictive Analytics

better people in a better way sales@pontoonsolutions.com

Content Marketing in 2014:

Whistleblower Hotlines & Case Management Solutions: Major Challenges and Best Practice Recommendations. Whistleblower Hotlines: Making Headlines

Accenture Sustainability Performance Management. Delivering Business Value from Sustainability Strategy

The Social Media and Communication Manager will implement the. Company s Social Media Strategy, develop brand awareness, generate

HOW WELL DO YOU KNOW YOUR PROSPECTS?

OCC 98-3 OCC BULLETIN

Compliance and Ethics at the Federal Reserve Bank of New York

Make technology your business advantage

State of Compliance 2014 Healthcare provider industry brief

2016 The global ABB integrity program.

Organization transformation in times of change

Is Your Company Ready for a Big Data Breach?

Corporate Learning Watch

Time for change in facilities management. Interserve, Sheffield Hallam and i-fm facilities management research 2013

10 WAYS TO SAVE $10,000 IN HUMAN RESOURCES

Cloud Computing Safe Harbor or Wild West?

TOOL 2.1 WHO SHOULD USE THIS TOOL EMPLOYER ENGAGEMENT TOOLKIT TOOL 2.1 IDENTIFYING EMPLOYERS IN YOUR INDUSTRY

Governance, Risk, and Compliance (GRC) White Paper

Big Data Executive Survey

COMPETITION TRIGGERS BATTLE FOR TALENT AND ACQUISITIONS

Employee Engagement Drives Client Satisfaction and Employee Success in Professional Services

Securing the Cloud Infrastructure

Global Compliance Audit

Third-Party Cybersecurity and Data Loss Prevention

Program and Project Management Practices in the Federal Civilian Agencies

WHITE PAPER Third-Party Risk Management Lifecycle Guide

2015 Investment Management Compliance Testing Survey

How to Leverage SRM for Supply Chain Resiliency. How to Leverage SRM for Supply Chain Resiliency

IT Insights. Managing Third Party Technology Risk

The data breach lifecycle: From prevention to response IAPP global privacy summit March 6, 2014 (4:30-5:30) Draft v

building and sustaining productive working relationships p u b l i c r e l a t i o n s a n d p r o c u r e m e n t

COUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide

FORGE A PERSONAL CONNECTION

IDENTIFYING VENDOR RISK THE CRITICAL FIRST STEP IN CREATING AN EFFECTIVE VENDOR RISK MANAGEMENT PROGRAM

Data Security in Development & Testing

THIRD PARTY. T i m L i e t z R e g i o n a l P r a c t i c e L e a d e r R i s k A d v i s o r y S e r v i c e s

Framework for Enterprise Risk Management

HYBRID CLOUD: A CATALYST TO DRIVING EFFICIENCIES AND MEETING THE DIGITAL ASPIRATIONS OF THE UK PUBLIC SECTOR

Introduction to Strategic Supply Chain Network Design Perspectives and Methodologies to Tackle the Most Challenging Supply Chain Network Dilemmas

Proven Best Practices for a Successful Credit Portfolio Conversion

Interview with Joseph M. Dudas

JOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc.

How To Listen To Social Media

IDC MarketScape: Worldwide Business Consulting Strategy for Digital Operations 2015 Vendor Assessment

Compliance in motion A closer look at the Corporate Sector. Deloitte Risk Services March 2015

Customer effectiveness

B2B BUYER S SURVEY REPORT

Accenture Technology Consulting. Clearing the Path for Business Growth

WHITE PAPER Mapping Organizational Roles & Responsibilities for Social Media Risk. A Hootsuite & Nexgate White Paper

Qualification in Internal Audit Leadership (QIAL ) Exam Syllabus

2015 Travelers Business Risk Index. Findings from a survey of U.S. business risk decision makers May 2015

The Role of Internal Audit in Risk Governance

Leap Ahead Procurement Goes Social

What s Trending in Analytics for the Consumer Packaged Goods Industry?

A Best Practice Guide

Building the business case for continuity and resiliency

Supplier Onboarding in a SIM World

Survey of more than 1,500 Auditors Concludes that Audit Professionals are Not Maximizing Use of Available Audit Technology

Case study: Driving quotes for Aviva through frequency testing

Employment Outlook and Salary Guide 2011/12

GLOBAL PROPERTY Loss Prevention Engineering. Next

Data Empowered Utilities

Transcription:

Key Trends, Issues and Best Practices in Compliance 2014

What Makes This Survey Different Research conducted by independent third party Clients and non-clients 301 executive decision makers 35 qualitative interviews with ethics and compliance stakeholders Cross-section of industries Cross-section of mid-size and large companies 2

NAVEX Global services the largest ethics and compliance community in the world. This survey is one example of our commitment to identify and communicate key trends and issues critical to business success. This independently verified data, gathered throughout 2013, helps to inform and continuously improve our product and services offering. We hope you gain new insight into your own program as well as a better understanding of your colleagues challenges. 3

16% Title of Respondents 44% Legal, HR, Audit, and Other 8% Director / Manager, Risk 9% Risk Analyst 10% Chief Compliance / Ethics Officer 13% Compliance Analyst Director / Manager, Compliance / Ethics This broad base delivers practical and actionable information and tips relevant to all companies. Industry of Respondents 22% Financial Services 11% Healthcare Industry 7% Manufacturing & Chemicals 7% IT & Technology 6% Defense & Government Contractors 5% Insurance 5% Energy & Utilities Size of Company ~50% of respondents work at companies with annual revenues greater than $500M 4% 5% Business Services Transportation / Logistics / Supply Chain 29% Other 4

What are the company s overall ethics and compliance priorities? What impacts these priorities? Are budget and other resources sufficient to manage these priorities? 5

The compliance function isn t always considered an organizational imperative Corporate management has its head in the sand and ignores problems until they become an embarrassment to upper managers. At which time, fire control is begun and lower level staff are identified, implicated and disciplined. Project Manager, Construction and Property Management Company Some organizations continue to tie programs and budget into immediate business problems and address tactics rather than strategy. 6

Industry-Specific Issues Are Significant I think in the next few years, there will be serious ethics and compliance implementation. The Consumer Financial Protection Agency has banks very concerned because it has very broad and sweeping powers without a lot of guidance on how to be effective. FINANCIAL SERVICES Former Deputy Chief Compliance Officer, National US Bank There s the new law part of the ACA where all medical device and pharma companies have to have an effective compliance program by 2014. For companies that didn t have compliance programs before, they re mandated by law to have them. Part of having the program isn t that you have it, it s also that it s effective. You have to demonstrate that you did the training. HEALTHCARE Compliance Officer, Medical Device Company 7

Top Ethics and Compliance Budget Drivers What s really driving the increase is the threat of regulatory enforcement. 5-6 years ago it was just about anti-corruption. These days, people are worried about data security, consumer privacy, controlling data. Editor-in-Chief, Major E&C Publication The #1 item that drives budget decisions is increasing pressure from U.S. regulators and Internal Audit (45% of respondents). 8

The #2 Budget Driver Has Changed Regulations are driving ethics and compliance behavior. Companies do much more than the minimum required by regulations. If we have to do E&C, we may as well do it really well and protect our reputation/brand. Director of Ethics and Compliance, Global Defense Contractor The need to increase protection around reputation and brand going beyond legal protection and regulatory compliance is the new #2 budget driver (33% of respondents). 9

Some Budget Drivers Remain Constant #3 #4 #5 Increase in organization s overall employee population (26% of respondents) Increased pressure from the CEO or Board of Directors (20% of respondents) Increase in the number of compliance-specific employees (20% of respondents) There s still agreement about 3 of the top 5 drivers 10

Annual Ethics and Compliance Budget How much is allocated for spending for these priorities?.01%.02% Manufacturing & Chemicals.02%.03% Energy & Utilities.03%.04% Financial Services.04% FACT: Ethics and compliance budgets comprise only a small portion of annual revenue (~.01-.04%) regardless of industry differences Retail & Leisure IT & Technology Healthcare Percentage of Revenue Business Services A budget imperative is to increase the value from every program dollar 11

12% 10% 8% Anticipated Budget Growth 2014 11% Smaller companies are increasing their budgets twice as fast as larger companies 6% 4% 2% 0% 5% Why? Less mature programs require funds to build process and infrastructure. Overall, budgets in 2014 will grow ~5% compared to the ~8% growth that occurred in 2013. Over 10K Employees Under 10K Employees 12

Does the Ethics and Compliance Department have Sufficient Resources? I Don t Know 7% 30% No 1/3 of respondents need more resources to manage their ethics and compliance risk Yes 64% Budget, staff, control and authority need to be sufficient to manage not only the tactics but the strategies that transform ethics and compliance into an organizational imperative. 13

How is the budget allocated? What gets the most attention today? Where will spending be focused in the future? How is the value from every dollar maximized? 14

Policy Management Awareness Programs Whistleblower Hotline Percent of Companies that Currently Utilize a Specific Compliance Solution Online Training Case / Incident Management 0% 20% 40% 60% 80% 48% 48% 56% 55% 77% Of all the elements in today s compliance programs, online training is the most mature and most frequently utilized. Third party risk management and advanced analytics are currently the least frequently utilized. Advisory Services Third Party Risk Management 31% 25% Advanced Analytics 17% 15

Case / Incident Management Breakdown of Budget Spending by Compliance Solution 17.2% Third Party Risk Management Advanced Analytics 4.7% 7.1% Advisory Services 7.6% Half of the total spend is allocated in 3 areas: hotline case management online training Whistleblower Hotline 9.3% 13.5% Awareness Programs Quality and effectiveness in these high-spend areas need to be top of mind 25.7% 14.9% Online Training Policy Management 16

The truth about training Dispelling the misconceptions about the size and type of training library needed Few courses are actually deployed 47% of companies deploy fewer than 3 courses annually to the all-employee base; 63% deploy fewer than 10 courses in total Companies may be buying more courses than they can use 10 courses were cited as needed for long term planning (2+ years) 36% of companies purchased somewhat or far too many courses than they actually utilized What s required in an effective library is changing ~45% of companies are using more or the same amount of mobile training Bursts. Traditional length courses are being replaced with shorter format courses and Bursts. The real questions should be: 1. Is the library flexible enough so I can meet the needs of my workforce over the next 2-3 years? 2. Is the library continually refreshed in core subject areas in both long and short course formats? 17

Training Is the Most Significant Part of A Compliance Program Our training budget will go up ~75%. It s very significant. We don t even have all the requirements yet but we have had to do 6-7 trainings for 2014 which is more than we currently do. Assistant Director of Corporate Compliance, Healthcare Services Company Our training was designed in house but outsourced from a software perspective. We don t have the capabilities to do the software so we had it outsourced and custom developed. Former CCO, Food Services Company 18

Expected Change in Ethics and Compliance Budget by Compliance Solution (2013-2014) Advisory Services Third Party Risk Management Online Training 0% 1% 2% 3% 4% 5% 6% 7% 8% 9% 6% 6% 9% Spending for third-party risk management, online training and advisory services is expected to grow at a faster rate than other categories Policy Management Advanced Analytics 4% 4% Case / Incident Resolution Awareness Programs 3% 3% Whistleblower Hotline 2% 19

The Need for Externally Sourced Advisory Services Is Growing If you use an outside organization for advisory services, what you may find is that they have best practices and they are more effective in designing [a compliance program]. For an outside organization, [they] offer up the expertise that they have had from other companies. Former CCO, Food and Beverage Equipment Company I m looking for the company who knows the specific services I need. I shy away from the jack of all trades. I want a specialist and someone who knows exactly what I need. CCO, Healthcare Services Company The choice of who to hire is based upon overall ability as well as experience in the needed specific area. 20

Third Party Risk Management Why it s growing and the need for outsourcing help Third-party risk assessment is very important given that our industry is of particular focus for governmental organizations. But it should be important to every organization that does work internationally. Under the Foreign Corrupt Practices Act, any company that wants to take advantage of mitigating factors has to do it. CCO, Fortune 500 Oil & Gas Services Company Third-party risk management is on our to-do list this year. It s totally manual, there s basically a questionnaire that they give. I don t even know if they re using a database in house or they re just doing a hard copy thing. We are looking to outsource these functions. CCO, Government Contracting Company Third-party risk management is more of an area of focus. We have actually had third-parties (lawyers, consultants) come in. It is important. It s not critical yet, but it is becoming more and more important. CCO, Government Contracting Company 21

Monitoring of Third Parties Needs Improvement Deficiencies in frequency and sophistication add risk Current Monitoring 38% of companies believe they monitor less of their third party partners than they should Type of Monitoring 70% believe more sufficient monitoring is necessary beyond an initial screen Sophistication of Monitoring Only 4% of companies had fully automated third party risk management solutions that could assess all third parties 3P is definitely on the radar. It is the future. The government is holding us accountable on human trafficking, conflict diamonds, etc. so 3P is definitely increasing in importance. Director of E&C Global Defense Contractor 22

Third Party Training Is Being Addressed Code of Conduct 52% of companies require Code of Conduct attestation less frequently than annually or not at all General Ethics and Compliance Training 73% of companies require ethics and compliance training for the third parties they worked with We always required code of conduct attestation. We d ask for it about once a year. There was a policy around it. I would say that attendant to that, any time a new contract came up, there was time for a deeper dive. Former CCO, Food Service Equipment Manager 23

Outsourcing Key Trends What You Expect From Vendors The Typical Buying Process 24

Percent of Companies that Outsource Compliance Solutions Most often outsourced: Third Party Risk Management Online Training Advisory Services Whistleblower Hotline Case / Incident Management 0% 10% 20% 30% 40% 50% 60% 50% 48% 44% 59% 57% whistleblower hotlines online training third party risk management Most often handled in-house: Advanced Analytics Policy Management Awareness Programs 31% 29% 41% policy management awareness programs 25

Outsourcing Imperatives [The hotline] absolutely has to be outsourced. You can t do that in house and be able to guarantee anonymity. Former CCO, Food Service Manufacturer We use a third party to manage our online training. We will sometimes make the content ourselves and then hand it off to them to program it and help us track completion. Sometimes we use their off the shelf solutions. CCO, Fortune 500 Oil & Gas Services Company 26

The Buying Process Number of bids evaluated The average ethics and compliance purchase involves 3 bids Number of people involved in purchase decision Companies typically have a team of 6 employees evaluate each vendor Attractiveness of multiple solutions from a single vendor ~70% of companies believe that multiple solutions from a single vendor is attractive When ½ of all spending is in training, hotline and case management, using one vendor for all three is an attractive option 27

What s Driving The Outsourcing Decision? To me, it s the solution that vendors provide. Price does play a factor but it is not the end all of a decision. Sometimes you get what you pay for and it s really based on the solution that is provided. It s the solution, price and reputation, those are the top three things. Assistant Director of Corporate Compliance, Healthcare Services Company For us, the most important offerings a vendor could provide are online training and whistleblower hotline. It s really just those two. CCO, Government Contracting Company 28

Quality of Product Offering Price Customer Service Perception of Stability Vendor Customization Capabilities Importance of Purchase Criteria in Selecting Vendor Brand Reputation 1.0 2.0 3.0 4.0 5.0 6.0 7.0 5.4 5.3 5.3 5.1 5.9 5.6 Customers identified product quality and price as the most important criteria when selecting a vendor for ethics and compliance products and services Breadth of Product Offering Depth of Product Offering Knowledge of Sales Reps Referral by Colleague External Endorsement Perception of Mobile Capabilities Perception of Global Capabilities 4.9 4.9 4.7 4.7 4.6 4.2 4.2 29

Practical Takeaways that Impact Your Program Planning, Your Budget and Your Vendor Relationships 30

Protecting brand and reputation is now the #2 driver of spend and program enhancement a program needs to go far beyond legal protection and regulatory compliance Budgets are growing but in small increments; there are opportunities to increase efficiencies and improve internal processes Half of all spending is in the holy trinity of hotline, case management and online training this is the backbone of your program so carefully evaluate quality and effectiveness Don t let the misconceptions about training force you into a huge library that might not be the best solution. You likely need a core 10 courses, short and long formats, and content that s continually refreshed An integrated solution can improve your department s day-to-day functioning and improve your overall value to the business and stretch your dollars with a single vendor Your most likely growing need is third party management make sure a solution is scaleable, manageable, centralized and affordable 31

NAVEX Global s Ethics and Compliance Ecosystem It s the key learnings from independently verified research like this report that inform NAVEX Global strategies and product development. Our solutions are delivered either as standalone elements or via an integrated ecosystem that aggregates data across solutions, applies robust analytics, and generates reports with high value and actionable information. This is the foundation of our company to help you minimize risk, increase efficiency and foster meaningful behavioral change. 32

About NAVEX Global NAVEX Global helps protect your people, reputation and bottom line through a comprehensive suite of ethics and compliance software, content and services. The trusted global expert for more than 8,000 clients in 200+ countries, our solutions are informed by the largest ethics and compliance community in the world. More information can be found at www.navexglobal.com. Contact us in the U.S. at (toll free): +1-866-297-0224 In the EU at: (UK) 0845 272 5220 or (international) +44 20 8334 7213 Learn more about NAVEX Global by following us online: @NAVEXGlobal, YouTube, LinkedIn, Facebook and Google+ 33

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information