The Dollars & Sense of Compliance

Published on November 9, 2018 |

In the age of technology, IT and data safety are key components of compliance. Look no further than the healthcare industry, tasked with safeguarding data on various levels, especially in the wake of massive security breaches. Compliance remains one of the most significant challenges for senior executives, and it may fall on a team or department that has limited resources to comply with demanding regulations.

• Understand what meeting regulatory requirements and standards means for your business from a financial and operational standpoint and decide how to measure and analyze the effectiveness of your compliance efforts.
• Determine the chain of command and appropriate tasks and resources needed for optimal compliance, whether through a chief compliance officer, chief of information security, compliance team, general counsel, or advisory boards.
• Communicate the significance of standards and regulations beyond the team responsible for quality. Sharing the consequences for failing these measures throughout every level
  of the organization can boost commitment to quality.
• Explore lean solutions or leverage existing resources to improve IT and data security.

On the Ground

A report from Deloitte and Compliance Week surveying compliance officers shows organizations are gaining more authority and support for effective compliance programs. However, concerns remain about IT systems’ capabilities to meet compliance program requirements. Many surveyed say technology solutions, including big data and internal tools, fall short for compliance.

Financial services firms in particular, including banks, insurers, and asset managers, face increased costs and deal with continued regulatory change, according to a study from Thomson Reuters. In fact, survey results from financial firms show that accurately benchmarking the total spend on compliance is nearly impossible, given the broad scope of what compliance involves in those sectors, from new technology to heightened regulatory risk for cybersecurity, data privacy, and IT infrastructure.