These days, business is not only increasingly global, it is exceedingly complex and rife with risky regulatory compliance challenges. For example, as a consequence of the global financial industry crisis, banks are scrambling to keep pace with a flurry of new regulatory mandates, from increased capital requirements through more stringent information security measures on credit card processing. In fact, since 2008, 120 regulatory changes have been announced by 15 federal agencies for credit unions, and 921 compliance changes for U.S. banks. Add to this the 848-page “Dodd Frank Wall Street Reform and Consumer Protection Act” with its 400 rules and you have a regulatory compliance nightmare. It all adds up to compliance costs for U.S banks that are estimated to be $50 billion, or roughly 12% of annual operating expenses by Maine Banker.
It’s no different in healthcare amid ongoing reforms aimed at streamlining cost. Moreover, new IDC-10 healthcare codes for classifying medical conditions and treatments has the entire industry in a flux, assessing various and sundry compliance options. For example, the U.S. Department of Health and Human Services (HHS) puts the conversion from ICD-9 to ICD-10 at a price tag of $1.64 billion, including $357 million for staff training, $572 million for losses in productivity and $713 million for system changes.
Whatever the drivers, meeting compliance challenges requires a cost-effective, disciplined, and auditable response from the business. Organizations need clear governance frameworks for everything from preparation to gap analysis and execution. As a result:
- High-performing risk management organizations are embedding analytics into management processes. For example, they are developing actionable dashboards for management to better inform compliance decision making.
- Leading organizations are also cultivating risk technology’s “human element” through training and other measures to help make findings from risk analytics actionable and insightful.
- Most organizations are investing in staff and skills to elevate the risk management function. In fact, risk is one of the few functions where most reporting organizations steadfastly have refused to cut staffing.
AN ONGOING PROCESS
As business needs and regulatory priorities change, compliance becomes not a one-time event, but an ongoing process requiring constant reexamination and reinvention. The upside is that the improved reporting and governance for compliance can also deliver business benefits such as lower costs, faster time to market and improved customer service.