Whether it's people or tech, a hard number is hardly the only way to think about compliance spending
In movies, television, and novels, the detective on the case and the cop on the beat are lionized and romanticized. Their deeds tracking down criminals and preventing tragedy are cast in the most heroic light, their work and worth unassailable. Alas for compliance teams and the high-tech tools they use to do their jobs, this immediate and intrinsic recognition of value is less common.
All companies exist at the mercy of the bottom line. Without profit, there's no company. Even the most high-minded and do-gooding of corporations must acknowledge this. As such, profit is jealously guarded at any corporation, and anything that eats into it is subject to the strictest justification. Companies typically judge a cost with Return On Investment, or ROI. The idea is to get to a clear-cut number that will quickly tell upper management whether or not something is worth spending money on.
The problem with compliance efforts is, it's much harder to get to that clear-cut number. Like the cop on the beat, a compliance officer's alertness, experience, and mere presence on the job may stop potential problems before they ever completely manifest. But how do you insert something that didn't happen into an ROI equation?
The good, the bad, and the fuzzy
Getting to an ROI number to calculate the worth of automating your compliance program simply can't be done as tidily as it can for more traditional business opportunities. A number can be gotten to but only in a fairly roundabout manner. That said, it's worth the effort.
ROI is a ratio, one that compares the benefit to the cost: in other words, a company's return on its investment. There are clear costs and benefits you can assign to a compliance program. Salaries for the chief compliance officer and the team, and investments in vendor services and technology are straightforward costs. Straightforward benefits include increased earnings, say, if a strong compliance program gives your firm the confidence to do business in a high-risk market. These kinds of costs and benefits are ripe to be inserted into an equation. It's at the level of qualitative costs and benefits where things get fuzzy.
A qualitative cost could be considered the cost savings associated with not paying fines or employees not facing criminal charges. Company reputation, individual professional reputation, and brand value could be considered qualitative returns. Not to mention eliminating, or at least greatly reducing, the risk for human error, which a robust compliance platform will go a long way towards. But how exactly to convert these soft considerations into hard numbers?
The answer is that companies regularly assign hard values to soft costs and benefits. Intellectual property—like copyrights, trademarks, and patents—is highly valued and regularly factored into overall company worth. A compliance program needs to be thought of similarly, and the case can be made. The trick is making the case to the right people and letting them come up with the numbers.
Find those in upper management who already understand the value of compliance, who don't need to be convinced of its intrinsic worth or the returns the best people and best software can generate. Ideally, company leaders are the most tuned into the value of the corporate brand, the company's professional reputation, and their own personal reputations. Ask them to quantify what these tangible intangibles mean to them. They should mean the world. A company that's not operating with integrity might not be operating for very long, period. A company that's operating more ethically might also be recognized as such in the marketplace. It's not unreasonable to think this could be a differentiator, and therefore drive earnings and growth.
And for companies that operate globally, or at the very least across borders, a well-staffed and fully automated compliance program will also help drive earnings and growth. We already mentioned the benefit of having the confidence to enter high-risk markets, but low-risk markets require the services and expertise of a top-notch compliance program, too. Operating in new markets with even the lowest levels of corruption still mean volumes of regulations to be digested and applied to your firm's compliance program.
Another way to look investing in compliance software, and another way to make a case for it, is how you make a case for insurance. Individuals and businesses pay a lot of money to protect against things that may never happen. The same for compliance. Your firm may never have employees that cross the line from proper conduct into misconduct, or find itself on the wrong side of a foreign market's regulatory agencies, but do you want to chance risking the firm's reputation, its bottom line, or its very existence?
Of course, the argument would never be that black or white. No firm would likely ever completely shun a compliance program. Even if it's a check-the-box program, most firms will have something in place. It's more a matter of how robust the program is, i.e., how good the people are running it, how modern the software being used is, and how to limit the potential for human error. Again, it's like insurance. An investment in compliance software is really an insurance policy.
The unsung heroes of compliance
Anti-corruption laws are dropping onto the books around the globe. Sapin 2 in France. Law No. 179/2017 in Italy. In South Africa, new president Cyril Ramaphosa was elected on promises to clean up a corrupt system left him by President Zuma.
In 2010 the United Kingdom passed the UK Bribery Act, said to be stricter than America's own Foreign Corrupt Practices Act, also a force of late. There were more than 250 FCPA enforcement actions between 2005 and 2013, with $635 million in fines collected. In 2015, an American tire maker paid more than $16 million to settle charges it paid bribes to acquire new business in Africa. The SEC cited lax compliance controls as a contributing factor.
You can't insert something that didn't happen, or something you don't want to happen, into an ROI equation. But you can make the soft case for all the potential benefits of a well-funded compliance program and all the potential costs of a poorly funded one. And if you make this soft case to the right people—the people who understand how critical assets like brand value and reputation are to a firm's success—they'll get the message and come up with the hard numbers needed to justify adequate compliance spending on both good people and good tech.
Every department in every corporation has to fight for its share of the budget. Some have to fight harder than others. Compliance is one of those departments. Good people and good software cost money. Maybe the field of compliance needs a big-budget movie where the CCO saves the day from the forces of financial misconduct and regulatory compliance laxity. Until that happens, keep persistently making the case for the people and the platform you know you need. You'll be a hero in the end.