Knowing the “what” is not enough anymore
As we enter the future world of work, knowing the “what” is not enough anymore, knowing “how” is now the key to ensure we manage the journey ahead.
How has our world changed?
Delegates who attended the Compliance Institute Southern Africa (CISA) Conference not only had access to thought leaders in the compliance and business landscape, but they also walked away with the ‘know-how’ to implement and activate what was shared.
In setting the scene, Graeme Codrington, Futurist: TomorrowToday Global said, “COVID-19 is a huge disrupter, but I think we will look back and realise that even more significant is what COVID catalysed and accelerated. It accelerated trends and it accelerated digital transformation.”
“The disruption we are in presents the greatest opportunity for our industry and careers. In this flux state of disruption use the opportunity to not just rebuild but reimagine. The single most important response is to become more adaptable…. more responsive to change and flexible, to get a head of change. You need to remove red tape in the compliance environment to help the business to get a head… be proactive instead or reactive. Don’t get left behind… you cannot face tomorrow’s world, with yesterday’s solutions. Compliance Officers need to think like futurists. What does a Compliance Officer look like in the future? They have the skill set to anticipate future change,” he said.
The rule of law and compliance
Videsha Proothveerajh, CEO of LexisNexis South Africa talked about how the Rule of Law and compliance can create sustainable businesses.
“The compliance function is the empowering and enabling force behind advancing the Rule of Law, which provides business and commercial activity with security, stability, good governance, consistency, accountability and helps safeguard against corruption - all of which are essential to reduce threats to investment and to promote economic activity. It is not only the right thing for a private sector entity to do, but it is also good for business, and when done well, creates trust, customer loyalty and improves the triple bottom line which equals sustainability,” she said.
“Compliance with regulations and customer requirements will continue to become increasingly difficult to manage, within the context of our volatile landscape of unexpected disruptors like the COVID-19 pandemic, combined with macro factors such as rolling blackouts, water shortages, high levels of unemployment and inequality, civil unrest, access and security issues, and new laws, such as the Protection of Personal Information Act (POPIA). I believe that over the next four to five years, we will see around half a million audits that don’t currently exist, and in the next decade, we are likely to see a steady stream of significant new lawsuits around access to data,” she added.
“Increased expectations of transparency, an ever-changing regulatory environment and social movements are all impacting the way businesses operate. Compliance professionals must continue to contribute to the solutions necessary not only to build sustainable businesses, but what the Rule of Law envisions: peaceful, equitable and prosperous societies. To realise the fruits of fairness, justice, and ethics in society, we need strong leaders with management skills, to transform the vision of justice that is written in the Law into reality. We need people who understand ethics, who recognise when adherence to the black letter law is not sufficient. And they need support and empowerment from companies that provide online solutions that secure accessibility and productivity, adding value and reducing economic risk. By harnessing the innovation, creativity and energy companies display every day in their commercial activities, we can open up new markets and opportunities through supporting the Rule of Law,” concluded Proothveerajh.
Risk and compliance matters
Ahmore Burger-Smidt, Director: Head of Data Privacy Practice and Cybercrime Practice at Werksmans Attorneys discussed the challenges in the implementation of POPIA.
“What do we know based on research? The overall perception towards the protection of information for respective units shows the human resource department has a more positive culture towards the protection of personal information as opposed to the finance and the marketing department,” she said.
“From a compliance perspective, you need to ask yourself what happens with the information? How does it get updated and who keeps each repository updated? How do you store it and secure it? When and how does it get deleted, etc,” said Burger-Smidt.
“Determining the roles of the responsible party versus the operator and third parties etc is another challenge e.g., when do you need an agreement? How do you know what to do? And how do you assign responsibilities?”
She said employer behaviour is a major risk… “Many compromises result from the loss of removable devices, improper handling of paper records etc. Privacy programmes need to consider both paper and electronic devices. Technical solutions as well as training are needed.”
The five key focus areas according to Burger-Smidt are:
- Taking stock – know what you have – files, computers, who, how, what, where etc. Who has access?
- Understand the law – what does the law require?
- Policies and procedures – protect the information that you keep e.g. physical and electronic security… firewalls, network security, remote access etc.
- Limit exposure – have disposal processes and policies in place.
- Plan ahead – have a plan to respond to security incidents, a step-by-step guide.
Getting compliance right
In terms of the compliance strategy, Rian Hancock, Chief Executive Officer of Africa Newlaw said, “You must ensure that your function strategy is aligned with your organisational strategy. The compliance function strategy must always be there to support and enable the fulfilment of the organisational strategy.”
“Your compliance strategy should be flexible, scanning the horizon and dealing with the latest trends and disruptions, including the role of compliance technology, Big Data management and operational efficiency to deliver real value to the organisation,” he added
“The key considerations when considering your compliance function strategy include your operating model, your enablers (people, process and technology), your risk management, your data management and how you are delivering services, internally or externally,” he said.
“Your strategy should leverage your origination's enablers. Consider the skills and people available, whether your processes are efficient and effective and what technology will help and support you in the delivery of compliance services that act as an enabler of the organisational strategy,” he continued.
In concluding, Hancock said, “Constantly align with the organisational strategy, use data and models to support your decision and strategy process, not replace it. Think outside the box, be flexible and agile.”
Writer’s thoughts:
Knowing the “what” is not enough anymore, knowing “how” is now the key to ensure we manage the journey ahead. Better planning makes better preparedness to ensure that you are delivering the best value for all stakeholders. Do you agree? If you have any questions please comment below, interact with us on Twitter at @fanews_online or email me - myra@fanews.co.za
Comments
@ Rian Hancock - "use data and models to support your decision and strategy process, not replace it. Think outside the box....
Models are the box. The famous 'black box'.
We rely on Machine Learning as the ability of machines to learn from experience and data and improve over time as they learn.
But if we had to rely on one of its models, how can we trust a model that can be as imprecise as its data?
Compliance Officers are (or ought to be) trained in law. Big Data, Algorithms, Machine Learning, Artificial Intelligence (as opposed to Human Intelligence), Data Mining and so on do not fall under the heading of knowledge and the understanding of law.
Report Abuse