Wisdom from Asia Pac’s Risk & Compliance Thought Leaders (Part 1)

“A good head and a good heart are always a formidable combination”,

Nelson Mandela

A recent gathering of senior legal, risk and compliance leaders in Singapore shared insights on “risk prioritization”, operational obstacles (i.e. investigations, increased regulation, cyber security) and what it takes to be an “effective Compliance Officer” for an MNC in the international markets today.

Some take away points from 3 themes explored in Part 1 of this posting are summarised below:-

1. Views of the C-Suite

The business world is complex and increasing regulation is difficult to get abreast of in most industries. All C-Suite Leaders need to constantly have an eye on Shareholder expectations as well as “fluid” external demands. To this end, Business Leaders need to have skilled and reliable risk and compliance personnel by their side to help provide timely, pragmatic and common sense solutions which help the organisation achieve their goals in an ethical manner. C-Suite Leaders have little time to waste and need compliance and risk professionals who are “business partners and knowledgeable industry experts” in order to provide optimal and well considered advice.

1. What Types of Risk Should be Assessed & Why

Essentially, “risk exposure” for any organisation falls into several categories, namely:

• Legal – the law of the land, regulatory requirements, political guidance.
• Strategic – technology, market entry, competitor pool, etc.
• Operational – how to secure licenses, permits, and visas; legal entity and JV set up; security of the supply chain.
• Transactional – managing inventory, accounts receivable and “expenditure”.
• Business Relationship – managing multiple vendors, third parties and agents in a safe, effective and efficient manner.
• Reputational – protecting your brand, corporate reputation and name.

Each industry and large corporation has traditionally engaged in a “high level” assessment of these risks from a HQ (remote) perspective. However, this is clearly an outdated model. Today, a meaningful risk assessment for a “forward thinking” Leadership Team at either HQ, Regional and / or the Affiliate level demands the following:

• Identification of the top 3 risks in each major market (as “risk” exposure should be calibrated to the immediate operating environment);
• An assessment of which high priority assets are most vulnerable in strategic markets –people, products, inventory, technology, infrastructure, business licences, etc;
• A well thought out plan for each strategic market to protect key assets and to prepare for any “crisis” situation;
• A credible assessment - which is documented - that there are adequately skilled resources in place within the organisation to address the above.

Fortune 500 companies typically appreciate that an investment into this type of regular risk analysis to help protect the “crown jewels” of the business and to provide a “safe passage” forward will reap intangible rewards for years to come. Quite simply, it amounts to astute business management and sustainable planning.    

1. The Highly Sought After Compliance “Unicorn”

Given the immense demands and expectations of leading organisations and Business Leaders today, the much sought after characteristics of a “Compliance Officer” are said to resemble that of a fabled unicorn. Indeed, the typical “aspiring Compliance Officer’s” job spec requires someone with industry experience, technical competence, emotional intelligence, good judgment and reasoning, empathy, and refined persuasive aptitude at all levels within an organisation.  This is a rare “youthful” breed indeed and actually describes a Compliance Professional with maturity and wisdom.

Does skill set actually exist given the relative “youth” of this standalone discipline in the international markets?

Well – the cold, hard truth is that there are many highly educated graduates and aspiring professionals in all markets who could be groomed to do the job of a new Compliance Officer in any specific industry. However, it does take some time, nurturing, and “experience in the hot seat” for an aspiring Compliance Officer to be of immeasurable value to an organisation and to make a meaningful impact. We are assuming, of course, that the organisation truly wishes to acquire a CO of substance rather than to merely appoint a “symbolic” compliance figurehead who will actually accede to every business request and then spend endless hours shuffling paper. [In which case, anyone can be a self-appointed “compliance advisor” and be in charge of “policies”].

Essentially, an effective CO – who is instrumental in protecting the company’s assets and helping “solve complex problems” - is one who has an ability to influence a positive culture, to build trust amongst business leaders and colleagues alike, to understand the business intimately, to demonstrate “integrity” and courage in their actions and words, and to help inculcate the right behaviours and mind-set in others. This “skill set” is not innate and cannot simply be learnt from an “online course” or in complete isolation. Some “real life” operational experience or oversight is required to guide, educate and train an aspiring CO to focus on the issues which really resonate with Senior Management.

As Albert Einstein once said, “The only source of knowledge is experience”.

 *         *         *