Organizing the function: best practice model
4 key success factors :
- Defining and delineating residual risks: communicating the assessment through the entire organization
After reducing risk by defining process in order to comply with the targeted regulation, it is important to communicate with other departments to increase awareness of the remaining risk. This risk margin will then be taken into account by the operational, but also by the risk department.
- Interaction with the risk management, the legal functions and public affairs
Due to the transversal aspect of the compliance function, it is mandatory to collaborate with the risk department (in order to produce an overall risk assessment), the legal functions (e.g: in order to capitalize on the legal resources for the interpretation of new regulations), and the public affairs (in order to enhance communication regarding the best practice to adopt, within the structure and on the market).
- Becoming the owner of the compliance risk and control framework and measuring progress
Risk control is traditionally the main activity of risk department. Regarding risk control related to compliance, the recent evolutions of the function has to lead to an emancipation of the department in order to acquire full ownership of the compliance risk-and-control framework. This change has to be managed with processes, and development of Key performance indicators in order to measure the progress of the function.
- Monitoring new solutions: developing a trend forecasting department and industrializing new techs
In order to cope with the mutation of the function, disruptors provide solution to facilitate the activity. Moreover, regulators and supervisors are adopting these solutions (e.g Suptechs, Regtechs, labs). It seems important to develop an ecosystem of solutions, interoperable, in order to increase effectiveness, gain in time, enhance a coherence within regulation interpretation and control.