Discuss, debate and exchange ideas on latest trends and opportunities in the Business Process Management (BPM) landscape. Deliberate on adding “business value” to clients, vendors, employees and various other stakeholders to enhance customer satisfaction and sustain long term partnerships.

« Elevating business through client satisfaction | Main | Shaping Finance ERP and other F&A systems in the new digital world order »

Seven steps to effective enterprise-wide compliance

Outsourcing a few compliance processes is not the solution; it is only part of the solution.

For the folks at BP in the Gulf of Mexico, the day April 20, 2010, remains deeply evocative. Touted to be the largest marine oil spill in the petroleum industry, the Deepwater Horizon oil spill (also referred to as the BP oil spill) claimed several lives and caused extensive and irreparable damage to marine and wildlife habitats. In yet another incident of negligence, 117 garment workers met their unpleasant fates in the infamous Tazreen Fashions factory fire in Dhaka, Bangladesh; in November 2012. Better fire safety and wiring standards could have averted the disaster, said the report.

Business landscape today is dotted with many such cautionary tales of non-compliance and the common refrain that follows is often, it could have been prevented. Holistic compliance is one of the foundation stones of a successful enterprise and a partner who can speed up the journey to effective enterprise-wide compliance is always very sought-after.

Before undertaking compliance initiatives

When commissioning a global compliance program, enterprises are most often clueless about how much it is going to cost them or how complex it could get. To begin with, enterprises should create an action plan that answers the following questions before undertaking compliance initiatives:  

  • What is the cost of setting up an in-house compliance program?
  • Is the all-encompassing expertise for the compliance initiative available?
  • Is data security a cause for concern?
  • Who will monitor risk and compliance in a comprehensive manner?
  • How soon can the desired state of compliance monitoring be achieved?

Many enterprises also prefer outsourcing compliance initiatives to a capable service partner to save cost, time, and effort, while also gaining valuable expertise. A service partner can provide enterprises with a comprehensive framework that will catalyze their journey towards holistic compliance.

A seven-step approach for a holistic compliance framework

With the right people, processes, and tools in place, a holistic compliance program is only seven steps away:  

  1. Step 1 - Understand compliance requirements: An enterprise with a global presence needs to understand different regulations across countries. Remember, compliance is not just about regulations, it also includes organizational policies, contracts, and standards.
  2. Step 2 - Classify requirements into focus areas: Once compliance requirements are established, classify them into focus areas such as ethics, fair labor, medical, workplace harassment, security, environmental, incident response, and so on. 
  3. Step 3 - Identify owners for implementation: Implementing any new initiative is usually met with resistance. To overcome this and ensure that processes are followed, identifying compliance process owners is essential. These owners would have specific responsibilities assigned to them and they would span across business functions and geographies.
  4. Step 4 - Evaluate risk levels: Business impact analysis, root cause analysis, probability or frequency of occurrence, risk mitigation options - these are some of the ways through which risk levels are computed. Once the risk evaluation is complete, the risks can be categorized as very high, high, medium, low, and very low.
  5. Step 5 - Create a compliance program: The compliance program can be industry-specific, geography-specific, country-specific, state-specific, or can even be a combination. While designing the program, ensure that you have factored in elements such as current and aspired compliance statuses, risk scores, timelines, risk management owners, and residual risks.
  6. Step 6 - Monitor / track the compliance program: Use a technology tool that can track and compare multiple compliance entities, generate dashboards and reports, and enable multiple user accounts. A good compliance program should be continuously measured for effectiveness and impact.
  7. Step 7 - Scale the compliance program: As priorities change, the compliance program should also have the flexibility to reconfigure without disrupting day-to-day operations. It should also be easily repeatable across geographies and value chains.

Infosys BPO Compliance Management tool

The best-practices outlined in the seven steps are embedded in the Infosys BPO Compliance Management tool. It is built on a strong risk methodology framework and comes with a pre-configured, workflow-based, and automated technology platform. The compliance management tool follows a four-step approach to address requirements:

  • Identify regulations and process owners
  • Evaluate risks and develop mitigation plans
  • Implement and review compliance programs
  • Increase maturity levels and scale them to match global standards

For more about the Infosys BPO Compliance Management tool, read the white paper http://www.infosysbpo.com/insights/Documents/effective-enterprise-wide-compliance.pdf


Outsourcing a few compliance processes is not the solution; it is only part of the solution. An effective enterprise-wide compliance will become a reality only with a comprehensive framework. A framework that provides the right people, processes, and tools to catalyze the journey towards holistic compliance.

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Please key in the two words you see in the box to validate your identity as an authentic user and reduce spam.

Subscribe to this blog's feed

Follow us on

Blogger Profiles

Tweets by @InfosysBPM