Compliance is now a reality within every organization, requiring complex efforts to pull together, organize, and report vast amounts of their critical information to the government, regulators, or other entities. Conventional thinking says these requirements are an administrative burden; but in reality they are a catalyst for any organization to discover new insights and realize business results.
Defining Compliance
Compliance refers to a requirement for an organization to obey the laws, regulations, standards, and policies with regard to how it manages the business, their staff, and customers.
Compliance requires the capture and reporting of data, as organizations must collect and submit vast quantities of data on a regular basis to regulators, with serious consequences for any errors or misleading conclusions. Compliance also frequently requires the detailed review and validation of internal business processes, as well as IT systems used to process data on financial transactions, customers, and other business functions.
Compliance requirements are most onerous in heavily regulated industries such as financial service and healthcare, but all organizations in any sector are now subject to some sort of compliance reporting. These requirements create many challenges (and costs), such as:
- Data aggregation (pulling information on financials, customer, suppliers, and other entities from disparate systems and a range of formats). Data needs to be scrubbed, organized, and produced in reports, and this work is often conducted manually.
- Duplication. Compliance reporting covers data from risk, finance, customer transactions, and human resources systems, and there is a significant overlap between different sets of regulatory requirements. As a result, there is potential confusion and wasted effort from preparing submissions.
- Conflict with privacy laws. Newer laws and regulations ask data owners to retain extensive records with personal data beyond the time necessary for normal business operations.
Meeting these demands can be incredibly costly for organizations, often require hiring dedicated staff or consultants, and consume significant management attention. But are these costs just a useless administrative burden? Are there other business benefits?
The Opportunity to Unlock Value
There is a huge opportunity to harness the power of compliance-related data to improve the quality of decisions and business outcomes. Regulation can be a catalyst for improved data management, analysis, and reporting, offering some remarkable insights. Organizations with a strong data culture and a systematic approach to data management, reporting, and analysis will better understand customer behavior, identify market trends earlier, and compare the performance of business units and teams.
For example, healthcare providers collect and store vast amounts of patient and clinical data for compliance purposes, including socioeconomic, environmental, biomedical, and genetic factors; individual health status and health behaviors; as well as resource use, outcomes, financing, and expenditures. Pulling together these data (in an anonymized way), which are typically stored across electronic health records (EHRs), personal medical records, disease registries, and other databases, generates new insights on clinical guidelines, patient outcomes, and new areas for research. Healthcare providers who can apply these insights better than others have the potential to stand apart from their peers.
Another compliance-heavy industry is banking, where consumer-lending businesses are subject to compliance requirements such as Truth in Lending, Fair Lending and the Community Reinvestment Act (CRA). Banks are required to collect and report on all details of their lending activities to ensure compliance with these regulations. Many banks are now integrating this information with data on loan performance, market demographics and competitive intelligence, residing in different systems, to generate new insights on their business. Banks can use these insights to optimize their marketing, promotions and pricing activities, accelerating growth and profitability within the requirements of the law.
These and other stories don’t simply happen on their own. Organizations should take the opportunity to think systematically about how they can best apply and use the new insights which come from their compliance efforts.
Making It Happen
Best practice organizations generally apply several common lessons in harnessing lasting value from the Compliance process.
- Integrate data management across the enterprise
Given the high degree of commonality between different regulations, now is an ideal moment to establish standardized ways of managing data for every type of compliance requirement. By investing in middle- and back-office systems, and building an enterprise-wide data infrastructure, organizations can “do it once and do it right” with a single data warehouse rather than creating separate processes to satisfy each regulatory body. An integrated view of data across the business should lead to more consistent, accurate reporting, with clear sources that can be traced instantly.
- Align it with the business
Making this work requires senior business involvement and engagement. One way to do this is by creating a chief data officer (CDO), who would oversee how data is gathered, managed, protected, and monetized. He or she is a champion for global data management, governance, quality, and vendor relationships across the enterprise, working closely with the CIO and the head of compliance. As a senior business executive the CDO is ultimately charged with doing these to enhance business outcomes.
Another approach is to embed compliance-related insight into the accountabilities of business leaders by building this into regular management reporting to demonstrate how they are utilizing these new insights to improve their business.
- Focus on insights tied to business challenges
The biggest challenge for organizations is how to operationalize this vast compliance-related data into insight and value.
A common pitfall is to make data and reports the overriding priority, which results in lost momentum long before the first insight is delivered, frequently because a data-first approach can be perceived as taking too long before generating a financial return.
On the contrary, a key role of the business managers, supported by the CDO, is first to define the insights and questions needed to meet business objectives, and then identify those pieces of data needed for answers. By narrowing the scope of these tasks to the specific subject areas needed to answer key questions, value can be realized more quickly, while the insights are still relevant.
The insights delivered through this initial work will illuminate gaps in the data infrastructure and business processes. Most importantly, this approach can lead to organizations embedding this expanded data into standard business reporting and metrics, and using it to drive better decisions.
* * *
It is time for organizations to fully embrace their compliance requirements. Every cloud has a “silver lining,” and this is an opportunity for business leaders to shift their mindset to one of opportunity.