Regulatory bodies, such as the Financial Services Authority, have explicitly clear expectations of an organisation’s compliance monitoring activities.
Unequivocally, compliance monitoring activities must be comprehensive, planned, adapted to changes in the internal and external environments as they arise. Activities must be based on realistic and documented assessments of the compliance risks faced by the organisation.
Sounds relatively simple. In reality, every organisation has different challenges they must overcome to enable compliance monitoring, especially if they intend to compare risks on a consistent basis and select the most effective way to mitigate them.
Often the biggest challenge organisations face is the availability of effective systems and qualified resources to achieve their risk reduction objectives. A constant problem for most organisations in a constantly volatile market.
More organisations will fail to identify and mitigate against such risks. Failings will be published across social media and news feeds globally. When this happens, there will be increased appetite to invest in resources. Personally, I can’t wait.