Cooking Up Compliance 3.0: The Cost/Benefit

As my dad always says, “cooking is an art, baking is a science” and Compliance 3.0 is most definitely cooking ?????Compliance 3.0 is an approach, not a recipe, operationalising it requires an individual expression of your company’s risk appetite, culture, and personality.

I’ve got no interest in selling snake oil. Bespoke solutions don’t come easy and they’re not free. Similarly, change doesn’t come without a degree of natural resistance and discomfort.

Let’s just have a proper conversation about it without defensiveness and accepting that if we all agreed on things life would be dull ?? The kind of conversation I prefer to have over a beer and a burger.

The Costs of Standing Still

The cost of inertia varies of course but there are some repeating themes:

• Falling behind. The rest of the world is moving, even if you aren’t.
• Becoming and “also-ran” rather than a real competitor.
• Increasingly sub-optimal ROI from your current compliance program.
• Conflicts between compliance objectives and business objectives.
• Lost opportunities because your compliance plan isn’t fit for purpose.
• The slow but constant continental drift between operations and compliance.

Just like wages and inflation, standing still is actually making a year-on-year net loss. I thought businesses didn’t like that.

The Costs of Evolution

Before anyone brings up that crocodiles ?? haven't bothered evolving for a while (#lazy), I’m not here to debate that. If you firmly believe that you're an apex predator in a largely unchanging environment that you're perfectly aligned to, then I’ll happily raise my next glass in your honour and please don't waste any more time reading this ??

For anyone still reading let’s chat about the real costs of evolving to Compliance 3.0, including to those of us doing the job not just the business itself.

• An initial headache when you reevaluate your own previous ways of thinking. I’m not even joking, it’s called cognitive dissonance, you can look it up.
• Frustration and stress as you inspire others through that change journey.
• The personal energy you’ll need to pour into keeping everyone motivated.
• Getting Execs to listen to, and agree with, the benefits of change.
• The opportunity costs of allocating time, money, and resources to this.
• Financial investment to develop controls, systems, tools, staff, and resources.
• Time to update compliance strategy, program, policies, and procedures.
• A sub-optimal period of change and adjustment to the “new normal”.

The Benefits of Compliance 3.0

If your business pays all those costs, and you find the personal commitment to push through the challenges, and take some painkillers for the headache ??, what’s the ROI?

I’ve listed some from my personal experience below, whether these apply to you, whether you’re interested in them, and the dollar value ?? you can put on each of them will ultimately be as bespoke as the program itself. I’m a DPO after all, and our favourite answer to everything is “it depends”.

• Faster time to market by avoiding last minute clashes.
• Innovate and outpace competitors by building compliance in by default.
• Wider, deeper, bigger market reach by maximising compliance scope.
• Maximise compliance scope with minimal effort.
• Empower and allow Compliance teams to generate value and increase profit.
• Operationalise compliance as a tool, stop making your own handcuffs.
• Disrupt silos between design, product, marketing, and compliance.
• One team, one language, one conversation, one aim – take care of business.
• Generate regulatory compliance evidence as an effortless side effect.
• Reduce costs of non-compliance, such as fines and remediation efforts.
• Reduce fine amounts by easily demonstrating cooperation and accountability.
• Enhance trust. Trust is the new killer feature for competitive edge.
• Differentiate your business in something consumers care about.

It can be hard to concisely explain these in a bullet point, I could write an article on each of them. If you want to shoot the breeze about anything I’ve said reach out, I’m happy to elaborate or join in a panel or podcast ?? to turn soundbites into actionable advice.

Wrapping Up: Personal Advice When Doing A Cost/Benefit Analysis

To sign off with I thought I’d leave a couple of bullet points about cost/benefit “gotchas” to avoid if you want the Execs to listen ?? As ever, only personal observations learned in the trenches, not textbook quotes, take from them any value you think they have:

• Identify only relevant benefits, no one pays for a gain they don’t want.
• Quantify. The topic can be ephemeral but stop complaining and find a way.
• It’s your job to get their attention. The Execs owe you neither time nor budget.
• Use facts and sources, the Execs are unlikely to care about your opinion.
• If you can say it in 10 words, then say it. If it takes 50 words, say it in 10.
• Learn your audience, what approach has gotten other projects approved?
• Speak to people in the way they listen. Use charts, infographics, dance, etc.
• Restrict to topics they care about, don’t try to sell a bicycle to a fish.
• If you get 10 minutes, use 5. 10 is what they’ll tolerate not what they want.

Finally, try to remember that if someone misunderstands you, or understands the details but not the importance, then that’s on you. They don’t understand it, that’s the point, that’s why you’re explaining it to them ????

Coming Soon: Practical Guidance on Implementing Compliance 3.0

Thanks for reading, hopefully it’s been helpful as well as entertaining. Please like, share, and repost because I’d be excited for this to be a conversation starter rather than a “fire and forget” thing.

If we’re not already connected then slam that plus ? button as well, I’d love to hear from you even if you strongly disagree with what I say. There’s only one rule, I’d vastly prefer you to sell me ideas rather than products ??

Stay tuned for the final chapter, practical tips on how to implement Compliance 3.0 successfully.

?

All the best, and cheers ??

Dan

?? #theaccidentaldpo ??

See the previous article in this series here:

See the last part of the series here:

#roi #compliance #tcb #governance #returnoninvestment #culture #culturalchange #complianceframework #privacyroi ??