By Ted Howard
A recent survey from the Ethics & Compliance Initiative reveals that most corporations around the world are in middle of their journeys toward better ethics and compliance programs. This means that most are either adapting or just managing a program. Adapting and managing are just two of what the ECI identifies as the five levels of program maturity. These levels are underdeveloped, defining, adapting, managing and optimizing.
This means “the E&C program maturity level, on average [globally], fell into the ‘Adapting’ or ‘Managing’ level for each of the five HQP [high-quality program] principles,” the ECI said in its report. So at this point, more companies are in the early stages of their journeys, with programs that are underdeveloped, still being defined and adapting, with only a few managing, and even fewer optimizing, what they feel is a decent program. The overall results confirm other research, including ECI’s own, that finds that few organizations “have the program elements in place that constitute the optimizing level.”
A company with those optimizing program elements is one that (1) has a business strategy with ethics and compliance as a central focus, (2) has a risk management program where risks are “identified, owned, managed and mitigated,” (3) has leaders “at all levels across the organization” creating and sustaining “a culture of integrity,” (4) is an organization that “encourages, protects, and values the reporting of concerns and suspected wrongdoing,” and finally, (5) is an organization that is proactive and “holds itself accountable when wrongdoing occurs.”
But it’s still a work in progress for many companies. Why might this be the case? A story in the October issue may hold part of the answer. The story, reporting the results of another compliance survey from Strategic Treasurer, says that a “surprising percentage of companies have no [compliance] plan in place for monitoring and/or managing regulations.” What’s more, the compliance function is still seeking an owner and in the meantime, and perhaps forever more, the responsibility is shifting to the treasury function.
And that’s a good thing because despite the lukewarm numbers, more companies are at least trying to get a better program up and running. And assigning to the treasurer’s desk seems to be the trick—whether they like it or not. “More companies’ treasury groups are getting involved in regulations and compliance, and that shows healthy progress by some firms,” said Craig Jeffery, managing partner at Strategic Treasurer. When monitoring is in place, only 31% of large companies assign it to an individual in treasury, and only 16% of companies have a dedicated regulatory team or person at the corporate level, writes the story’s author, John Hintze.
Another reason treasury is good place to slot compliance is because the function is now used to deploying technology to help get things done. This is the result of a now long history of “doing more with less” and running a lean shop.
So the fact that many companies aren’t taking advantage of available technology to automate aspects of compliance—the Strategic Treasury survey reports that 76% of the 150 respondents say they use a technology solution that provides compliance-related functionality or modules—will surely change over time, mainly because many TMSs already have such modules.