Tactics to manage regulatory change
The ability for an organisation to deal with regulatory change effectively and efficiently is paramount to an effective compliance and risk management program. Managing this process can be a challenge depending on the size of the organisation, its geographic breadth, industry, and business. Moreover, interpreting and translating the deluge of guidance (guidelines, enforcement, proposed rule, final rule) can be overwhelming. Counsel, frequently both internal and external, must work together with compliance teams and the business to bring tactical steps to operationalise the laws and regulations.
Organisations should be pragmatic and leverage solutions to help implement new and changing regulations.
- Sourcing information: As previously mentioned, the ability to get timely and accurate information on the regulatory environment is key. A single source of information containing all notifications to track as published by each regulator, in which notifications are summarised, analysed and classified to support applicability to the organisation, is very valuable.
- Daily feed of notifications: This delivers summarised and classified data of tracked regulatory developments (proposed rules, final rules, concept releases, guidance and enforcement actions) into a single notification, containing direct links to the tracked rule and regulation.
- Interpretation of regulatory updates: The analysis, categorisation and interpretation of regulatory content in plain language provides great added value and insight for quickly determining if and how the change will impact the organisation.
- Applicability: As the relevancy of the law/regulation becomes clear, it can be brought into the ongoing compliance and risk management process. Managing notifications, performing an impact assessment, remedying deficiencies, analysis, and updating the policies are all critical steps to managing regulatory change.
- Management and Reporting: A challenge of many compliance and risk functions is the ability to articulate and demonstrate how the organisation is in ongoing conformance. Moreover, there needs to be reasonable assurance that action plans are complete and actively being managed to their closure. Tooling should provide key insights such as the current status of regulatory change management, high priority actions and risks encountered. In addition, insights in the capacity of the team and throughput they can handle enables planning and scheduling. Connecting all these dots will help to make informed decisions on regulatory updates.
The changing risk and regulatory landscape continues to shape and evolve organisations’ compliance and risk management programs. There is a migration within the lines-of-defence model towards collaboration between the first and second lines to be able to articulate how a law or regulation should be part of business processes. Moreover, technology and software are offering organisations benefits such as reporting (including portlets and dashboards), a central repository in which to mine data, evidence management, control, and remediation activities.
Managing regulatory change can be a daunting task to organisations. Automating regulatory change management and making it part of the organisation's integrated platform strategy by finding the right tools and partners to cope up with the amount of regulatory notifications is key to ensure efficient and effective compliance management. Only then will conformance become a natural part of doing business.
To learn more, watch our on-demand webcast in which a panel of industry experts discuss the key elements of a successful Regulatory Change Management program.