In Focus: 2016 Compliance Trends Survey

3y ago
56 Views
3 Downloads
3.97 MB
15 Pages
Last View : 4d ago
Last Download : 5m ago
Upload by : Jacoby Zeller
Transcription

Compliance WeekIn Focus: 2016 ComplianceTrends Survey

Compliance Week In Focus: 2016 Compliance Trends SurveyWelcomeWelcome to the 2016 Compliance Trends Survey report, a joint effort between Deloitteand Compliance Week, which gauges the scope and complexity of the modern compliancefunction. In this, we have brought together Deloitte’s deep insight and experience andCompliance Week’s broad industry experience to gauge how well compliance and ethicsofficers are addressing the ever-deepening and expanding array of challenges andexpectations that face even the most robust compliance and ethics program. How well arecompliance officers rising to these challenges?For the last six years, Compliance Week has published this annual benchmarking survey,asking compliance officers how they work with their peers, what their responsibilitiesare, what resources they have, and more. What you have before you is a distillation ofa much larger effort. We began by creating a survey to explore a wide range of issuesbefore compliance-driven organizations today. The 21 questions in the 2016 survey weregrouped into three broad categories: the resources that compliance departments have; thespecific risks within the extended organization and how they are addressed; and the use oftechnology.We then asked compliance professionals across the world to take the 2016 ComplianceTrends Survey. From the 558 qualified responses we received from across more than a dozenindustries and companies both large and small, we had enough raw data to gain insight onmany of today’s compliance departments. After careful review and analysis, we drew ourconclusions along three key questions: Do compliance officers have enough authority? Are compliance officers addressing the right risks? Are compliance officers making the best use of technology?Within these pages, you will find an executive summary that covers the broad strokes ofthis survey’s findings, and then deeper discussions of each of those three aforementionedquestions. We hope you will find this information useful as a reference point for betterunderstanding where your own compliance efforts land amid your peers, and whatcompliance strategies might be most pertinent to you and your organization.Bill CoffinEditor in ChiefCompliance Weekbill.coffin@complianceweek.comHolly TuckerPartner Deloitte Risk andFinancial AdvisoryDeloitte Financial AdvisoryServices LLPhtucker@deloitte.comMaureen MohlenkampPrincipal Deloitte Risk andFinancial AdvisoryDeloitte & Touche LLPmmohlenkamp.deloitte.comAs used in this document, “Deloitte Risk and Financial Advisory” means Deloitte & Touche LLP, which providesaudit and risk advisory services; Deloitte Risk and Financial Advisory, which provides forensic, dispute, and otherconsulting services; and its affiliate, Deloitte Transactions and Business Analytics LLP, which provides a widerange of advisory and analytics services. These entities are separate subsidiaries of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of our legal structure of Deloitte LLP and its subsidiaries. Certainservices may not be available to attest clients under the rules and regulations of public accounting.Copyright 2017 Deloitte Development LLC. All rights reserved.2Christopher J. SpothExecutive Director, Center forRegulatory Strategy, AmericasDeloitte Risk and FinancialAdvisoryDeloitte & Touche LLPcspoth@deloitte.com

Compliance Week In Focus: 2016 Compliance Trends SurveyContentsExecutive summary. 4Do compliance officers have enough authority?. 6Are compliance officers addressing the right risks?. 9Are compliance officers making the best use of technology?12Methodology. 14About us.315

Compliance Week In Focus: 2016 Compliance Trends SurveyExecutive summaryIt has been 14 years since the moderncompliance profession emerged from theshadow of the Sarbanes-Oxley Act of 2002and the various accounting frauds thatinspired that landmark legislation. And inthat time, compliance professionals havegrown considerably in both station and skillset, rising to strategic levels within their ownorganizations and gaining an increasinglyvisible place before executive managementand the board. Meanwhile, complianceprograms themselves have become evermore sophisticated and ambitious as theytranscend merely operational exercises toprevent or respond to regulatory inquiriesand become integral parts of strategic riskmanagement and business sustainabilityplanning.in an endless arms race between cyber riskand cyber security, compliance offers areleft wondering (and worrying) if their owninformation technology (IT) programs aretruly satisfactory.With that in mind, what we found in 2016 arecompliance officers seeking greater authorityand ownership of their programs, as well asthe resources to adequately empower them.Amid an increasingly troublesome specterof cyber risk, compliance is frequentlytasked to play a central role in helping tosecure an organization from the varioushazards caused by hacking, data breaches,and other electronic malfeasance. CaughtAuthority and exposure. The number oforganizations with standalone or designatedchief compliance officers continues itsslow, steady, long-term climb. At companiesboth large and small, the role of the chiefcompliance office (CCO) also continuesto be elevated, providing an opportunityto participate in high-level discussionsregarding organizational strategy, riskmanagement, and culture. But they shouldbe careful; as they seek to gain the audience4It is an interesting time for compliance, butwith all uncertainty comes opportunity—and this is no different for the compliancefunction. While the risks compliance andethics officers face increase in complexityand severity, never before have they hadmore visibility and support to prove to theirorganizations that a strong complianceprogram is not merely a convenient luxury.It is a vital part of any organization’s ongoingrecipe for success, regardless of industry,revenue, or location.of chief executives and the board, so doother management functions (such as ITsecurity), showing that compliance officerswill need to continue to press for top-levelexposure. Boards and the C-Suite only have24 hours in each day, and the competitionfor any of that time will only grow fiercer.Risks and resources. High-level supportdoesn’t mean much if the CCO does nothave the resources with which to drive aprogram. Most compliance efforts remainfairly lean, with about half of all respondentsreporting annual budgets of 5 millionor less, modest budgeted increases, andfive or fewer full-time staffers assigned toethics and compliance. The upside is thatthere is little fat to trim, but that is smallcomfort to compliance officers looking todeal with greater risks and build more robustprograms.Most of the organizations that were surveyedconduct enterprise-wide complianceprogram assessments at least annually (ifnot more frequently). Sometimes, theseassessments are folded into an enterpriserisk management program assessment oran internal audit risk assessment. But just asoften, the compliance program is the subject

Compliance Week In Focus: 2016 Compliance Trends Surveyof a standalone assessment process.As in past years, third-party risk continuesto be the most widely cited challenge tocompliance and ethics programs followedby developing and promoting employeeawareness and training and monitoringregulatory relationships. If the duties ofcompliance officers are changing, the thingskeeping them awake at night are not.Organizations are still measuring theircompliance program effectivenessby utilizing internal audit, monitoringcompliance training completion ratesand analyzing hotline calls. But feedbackfrom employee and ethical climatesurveys has made a large jump, showingthat organizations are, in fact, taking theemployees’ view of the corporate cultureseriously. This is a big improvement forcompliance in general, and bears specialconsideration as a culture of compliancecan be the hallmark of a successful andintegrated program.IT systems and strategies. Once again,technology remains a major opportunityfor compliance, although a largelyunrealized one. Companies understandwhat technology exists to support theircompliance efforts (such as artificialintelligence, or the use of data analytics),but they either don’t know exactly whatsolution is right for them, how to use thatsolution once they find it, or simply cannotget their hands on what they need. Most5compliance officers are not confident intheir own IT systems’ abilities to help fulfillthe organization’s ethics and complianceresponsibilities, and nearly half of all surveyrespondents reported either a modest ITbudget increase or even decrease.Besides not having the right tools at hand,many companies are also not making thebest use of the data they have on handto measure their compliance program’seffectiveness, identify risks, or protectagainst known risks. While this is notparticularly different from years’ past, thedata gap seen here is becoming a risk untoitself for many organizations.Conclusion. This year’s survey showsa continued upward trend for a moresupported and resourced compliancefunction, even while the traditionalchallenges face compliance programs, suchas confidence in program effectivenessmeasuring, persist. Most importantly,compliance officers generally lack the ITresources they need to take advantage ofpredictive analytics, task automation, andprotection against cyber risk. Perhaps ascompliance officers continue to gain the earof senior leadership, their efforts to gainfurther resources will bear fruit. Until then,compliance officers remain in that unusualposition of having a vital role that may not betruly realized.

Compliance Week In Focus: 2016 Compliance Trends SurveyDo compliance officers have enough authority?As the strategic importance of robustcompliance and ethics programs increases,so too does the ability for complianceofficers to have a mandate to act, andthe resources required to accomplish theorganization’s compliance goals. And whilebroad progress is being made on this front,it is also inconsistent from organization toorganization, with noticeable differencesbetween those companies with revenues ofless than 1 billion annually, and those thattop the 1 billion mark.As one would expect or anticipate, thelarger the organization, generally the moreformalized and built out the compliancefunction. We see an increase in the numberof designated chief compliance officersthat are stand-alone positions, and anincrease in those reporting directly tothe chief executive officer and board. Notsurprisingly, the smaller the company, thefewer dedicated compliance resources.The number that report to the CEO is fairlyconsistent (and that have a “seat at thetable”), but more compliance officers fromsmaller organizations appear to report orhave direct access to the board versus largerorganizations. This likely is due to increasedhierarchy in large organizations, and a moreformalized reporting line prior to getting tothe board.Who is the CCO? At a third of all companies,the designated CCO is a standalone positionseparate from any other function. Thisanswer varied considerably by size: smallorganizations were by far the most likely tonot have a designated CCO (56%), mid-sizedorganizations less so (36%),and large organizations even less so (6%),reinforcing the reality that the larger theorganization, the larger the availableresources—and perhaps, also, the need—to support a standalone chief complianceofficer.6The next most common response (21%) wasthat there was no designated CCO. Closelybehind, 20% of respondents said thatthe designated CCO was also the generalcounsel while, 11% said the designatedCCO was also the chief audit executive orthe chief risk officer. 12% of responses saidthat their designated CCO was some otherfunction within the organization.33%Reporting. A majority of responses said thatthe designated CCO (or person responsiblefor compliance if not designated) directlyreported to either the chief executive officer(32%) or the general counsel (23%). At adistant third, 14% reported to the boardor a board committee. The remaining (ofthose that were aware of the reporting lines)reported to the CRO or equivalent (6%), theCFO (6%), or some other function (7%).Atof companies surveyed,the designated CCO is astandalone positionTeam size. Despite a robust presence ofnamed chief compliance officers, and accessto senior management, compliance teamsthemselves remain relatively lean. Nearlythree quarters of responses (73%) reportedhaving fewer than 20 full-time resources (orequivalents) within the organization focusedspecifically on designing, implementing,and maintaining the compliance and ethicsprogram. Half of respondents reported acompliance and ethics team of less thanfive full-time resources. Nearly a quarter ofresponses (23%) reported teams of six to 20,while 21% manage teams of more than 20.ofcompanies do not havea designated CCOBudgets. With so many organizationshaving relatively small compliance teams,it is no surprise that at most organizations,compliance budgets are likewise modest,if not very lean. A majority of responses(59%) reported having a total annualbudget for enterprise-wide compliancefunctions—including people, processes, andtechnology—of less than 5 million.Breaking this down further, nearly a third of21%73%havefewer than 20 full-timeresources59%reportedhaving a total annualbudget for enterprisewide compliancefunctions — includingpeople, processes, andtechnology — of less than 5 million.

Compliance Week In Focus: 2016 Compliance Trends Surveyresponses (30%) got by on budgets of lessthan 500K, while 11% had budgets between 500K and 1 million, and 16% had budgetsbetween 1 million and 5 million. Therespondents with budgets larger than 5million tailed off as those budgets got larger: 5 million to 10 million (5%), 10 million to 25 million (2%), 25 million to 50 million(1%) and more than 50 million (1%).60%expected their totalcompliance budgetto increaseThat said, more than half of respondents(60%) expected their total compliancebudget to increase. Almost half (48%) expectbudgets to increase by as much as 10%,another 8% expect increases of 11%-20%,while only 4% expect increases by more than20%.Meanwhile, less than 10% of respondentsexpect budgets to decrease, and almostall of those responses expected decreasesof 10% or less. Approximately a third ofrespondents (29%) were not sure how theirbudgets would change in the near future.Seat at the table. Not quite half ofresponses (43%) reported that the CCO helda seat on the CEO’s executive managementcommittee, or its equivalent, while 37% ofresponses said their CCO held no such seat.Almost one fifth of responses (19%) did notknow. This is an area where the CCO clearlycould receive more top-level visibility.Part of the process. Ethics and complianceis considered as a criterion in the annualperformance management process in 49%of responses, while nearly 40% of responses(39%) did not include ethics and complianceas part of the management review process.7Companies under 1 billion in revenue.Throughout this survey, respondents withunder 1 billion in revenue tended to havesmaller compliance departments, were lesslikely to have standalone chief complianceofficers, and were more likely to answer thatthey did not know or were unsure of anygiven question.Of the 166 responses from organizationswith less than 1 billion in annual revenue,21% noted that the CCO (or its equivalent)was a stand-alone position at theirorganization while 33% were also thegeneral counsel or another role. Finally, 30%did not have a designated chief complianceofficer. In terms of reporting lines, 37% ofCCOs or similarly designated roles reporteddirectly to the CEO, with 19% reportingdirectly to the board of directors. 48%indicated the CCO is a part of the CEO’sexecutive management committee.43%reported that the CCOheld a seat on the CEO'sexecutive managementcommittee. This is an areawhere the CCO clearlycould receive more toplevel visibility.Although almost half (48%) of the 166respondents from companies with revenuesof less than 1 billion had an annualcompliance budget of less than 500K, 57%expect a slight increase in the next year’sbudget (0-10%). Also, the majority (87%)had no more than 20 employees in thecompliance department, and of those, 71%got by with fewer than 5 full-time employee(FTE)Respondents with under 1 billion in revenue tended tohave smaller compliance departments, were less likely tohave standalone chief compliance officers, and were morelikely to answer that they did not know or were unsure ofany given question.Companies over 1 billion in revenue. Incomparison, respondents from companieswith higher revenues had larger compliancedepartments and were more likely to havea standalone chief compliance officer. Theywere also more likely to have a CCO whoenjoyed access to the board or CEO. All

Compliance Week In Focus: 2016 Compliance Trends Surveyof this seems to point to a direct correlationbetween the size of the company and thestrength of compliance departments. Thehigher the revenue, the more resources tosupport compliance.Of the 320 responses in this range, 39% havea standalone CCO position, a significantlyhigher percentage than what was identifiedfrom smaller companies. 29% reported tothe general counsel or another role, andonly 16% did not have a designated CCO (ascompared to 30%, or double that numberfor much smaller organizations).Of the 270 respondents that described theirreporting structure, 30% reported directly toCEO, and 29% reported to general counsel.However, only 11% reported directly to theboard.A full 35% of the respondents fromcompanies with revenues of more than 1billion had annual compliance budgets of 1 million or less (compared to 48% fromsmaller companies), while 33% had budgetsof 1-10 million and 6% had budgets ofover 10 million a year. 60% anticipated abudget increase in the next fiscal year with8the majority of those respondents (77%)anticipating a modest increase of up to 10%.A bit more than half (66%) of respondentsfrom high-revenue companies indicated thatthey, too, employ 20 employees or fewerin the compliance function (compared to87% for smaller organizations), but a full16% of the larger organizations had over 50dedicated (FTEs). Only 38% (compared to71% of smaller organizations) have lessthan five FTEs.Companies with higher revenues had larger compliancedepartments and were more likely to have a standalonechief compliance officer. They were also more likely tohave a CCO who enjoyed access to the board orCEO. All of this seems to point to a direct correlationbetween the size of the company and the strength ofcompliance departments. The higher the revenue, themore resources to support compliance.

Compliance Week In Focus: 2016 Compliance Trends SurveyAre compliance officers addressing the right risks?The persistent issues of gaugingorganizational culture, managing thirdparty risk, staying on top of ever-changingregulatory risks, and more tactically,developing employee awareness andtraining, conducting annual assessmentsof the compliance and ethics program, andhaving a tangible sense of faith in thosemetrics, all continue to drive the compliancefield today. Many chief compliance officersand their departments struggle to win thebattle of convincing others that compliancematters, which is critical for the culturaltransformation to which any seriouscompliance program aspires. Managingthird-party risk, boosting internal complianceunderstanding, and maintaining

Welcome to the 2016 Compliance Trends Survey report, a joint effort between Deloitte and Compliance Week, which gauges the scope and complexity of the modern compliance function. In this, we have brought together Deloitte’s deep insight and experience and Compliance Week’s broad industry experience to gauge how well compliance and ethics

Related Documents:

environmental information of the product in the Ecophon family Focus. The values presented in this EPD are represented for the following products: Focus A, Focus B, Focus C, Focus Ds, Focus Dg, Focus D/A, Focus E, Focus Ez, Focus F, Focus Lp, Focus SQ, Focus Flexiform Supplemental product inf

Ecophon Focus Fixiform E A T24 1200x600x20 Focus E Ecophon Focus Flexiform A A T24 1200x600x30 1600x600x30, 2000x600x30, 2400x600x30 Focus A Ecophon Focus Frieze A T24 2400x600x20 Focus A, Focus Ds, Focus Dg, Focus E Ecophon Focus Wing A T24 1200x200x5

Page 1 of 9 Rapid Regulatory Courses in HealthStream Getting Started Tip Sheet Please note: Everyone is required to take two compliance trainings titled: Rapid Regulatory Compliance: Non-clinical I Rapid Regulatory Compliance: Non-clinical II Depending on your position at CHA, you may have more courses on your list. One must complete them all.File Size: 1MBPage Count: 9Explore furtherRapid Regulatory Compliance: Clinical II - KnowledgeQ .quizlet.comRapid Regulatory Compliance: Clinical I - An HCCS .quizlet.comRapid Regulatory Compliance: Non-clinical II-KnowledgeQ .quizlet.comThe Provider Compliance Tip fact sheets are now available .www.cms.govRapid Regulatory Compliance - Non-Clinical - Part Istudyres.comRecommended to you b

F FOCUS ON PHOTOGRAPHY: A CURRICULUM GUIDE Focus Lesson Plans and Actvities INDEX TO FOCUS LINKS Focus Links Lesson Plans Focus Link 1 LESSON 1: Introductory Polaroid Exercises Focus Link 2 LESSON 2: Camera as a Tool Focus Link 3 LESSON 3: Photographic Field Trip Focus Link 4 LESSON 4: Discussing Images/Developing a Project Theme Focus Link 5 LESSON 5: Creating Images/Point-of-View Activity

Trends in Care Delivery and Community Health State Public Health Leadership Webinar Deloitte Consulting LLP June 20, 2013. . Current state of Accountable Care Organizations (ACOs) and trends. Current state of Patient-Centered Medical Homes (PCMHs) and trends. Introduction.File Size: 2MBPage Count: 38Explore further2020 Healthcare Trends and How to Preparewww.healthcatalyst.comFive Health Care Trends For 2020 Health Affairswww.healthaffairs.orgTop 10 Emerging Trends in Health Care for 2021: The New .trustees.aha.orgRecommended to you b

Data Center Trends And Design. Data Center Trends & Design Agenda IT Trends Cooling Design Trends Power Design Trends. IT Trends Virtualization . increasing overall electrical efficiency by 2%. Reduces HVAC requirements by 6 tons/MW. Reduces the amount of equipment needed to support the load,

Health Care Compliance Association (HCCA) Audit & Compliance Committee Conference Communicating with The Audit & Compliance Committee of the Board . Compliance Contract Compliance Board Structure & Leadership Competition Alliances Debt Management Planning/ Budgeting Payer Contracting Diagnostic and Treatment

Piano Man written by Billy Joel transcribed by GERMANICVS www.germanicvs.de.vu & &? 14 ˇ j ˇ ˇ ˇ ˇ o' clock on a 14 ˇ ˇˇˇ ˇˇˇ ˇ ˇˇ ˇ ˇˇ ˇ. . ˇ ˇ ˇ ˇ . sa-tur-day ˇ ˇˇ ˇˇ ˇ ˇˇ ˇˇ. . ä ˇ ˇ ˇ ˇ ˇ ˇ ˇ A re-gu-lar crowd shuff-les ˇ ˇˇ ˇ ˇˇ ˇ ˇ ˇˇ ˇ ˇˇ ˇ. . ˇ . ˇ ˇ in There's an ä ˇˇ ˇˇ ˇˇ ˇ ˇ ˇ ˇ . ˇ ˇ ˇ ˇ ˇ ˇ .