Anyone running a business knows that compliance is a fundamental aspect that can’t be ignored. Complying with rules and regulations is part of your right to do business. It brings you the mandate to operate and gives you credibility with customers, suppliers, partners, and investors, and ultimately helps protect your business.
It’s growing too. The list of pressing regulatory compliance requirements seems to get longer almost by the week. GDPR and data privacy, workplace regulations, health and safety rules, environmental regulations, tax compliance – there are obligations seemingly at every turn.
All of this means that for private enterprises with ambition, getting a strong grip on compliance is simply essential.
But in my view, it shouldn’t be viewed as merely a defensive play – a threat to be dealt with – but as an opportunity to get the whole basis of your business right: a platform that enables growth and which you can base bold decisions on.
The Covid-19 accelerator
There’s little doubt that the compliance pressure will continue to grow, with Covid-19 acting as a major accelerator. Through the pandemic, we have all watched the world change and seen many businesses falter. New dependencies have been revealed – in companies’ business models, in their supply chains, in the behaviours and needs of those they sell to. Cyber-attacks have become more prevalent too, as criminals have targeted remote working staff logging into company systems from home.
We are used to talking about the requirements in regulated sectors such as financial services and utilities. Regulators in these sectors have been increasing their scrutiny due to the growing range of pressures (Covid, Brexit) and priorities (ESG, treating customers fairly), wanting a detailed understanding of organisations’ dependencies on the third parties they work with with and rely on. Through the pandemic, is spreading further into the wider corporate world. Businesses have woken up to the fact that they outsource many aspects of their operations and so are asking their third parties: demonstrate to us that we can rely on you.
One sector where this has increasing resonance is technology. Many growing tech firms see the US as a key destination to expand to. In the States, investors immediately ask about compliance, regulation, and security. The same can be said for the UK and EU too. There are some searching questions to deal with.
Get your house in order
These factors show why compliance is necessary – but it also helps you put the structures in place for growth and success. A simple analogy is having solid foundations in a house. If the foundations are secure, the building will stay strong the taller it gets. But if those foundations aren’t in place, it won’t be long before the structure begins to wobble.
What does strong compliance consist of? It’s a combination of many things. Internally, it’s about strong cash management and forecasting to ensure that cash flow is sustainable. It’s important to understand your appetite for risk against the controls you have in place and to ensure robust internal audit and governance processes so that you can maintain company discipline. With these considered, your business can better understand the impact of decisions and take advantage of opportunities while being comfortable that any unexpected shocks can be managed.
Externally, it’s about meeting all those requirements around GDPR, data, customer privacy, employment rights, and other legislation. It’s also about having strong cybersecurity arrangements and, more broadly, an IT framework that is agile, resilient, and scalable as the business grows. As your IT grows with your business, strong change management processes are also essential, to ensure that change doesn’t introduce new risks or faultlines.
Across all of this, it’s key that you don’t just consider your own immediate business – but the supply chain you work with too. You are increasingly likely to be asked detailed questions by the large corporates you supply to or partner with; by the same token, you need to be asking questions of the businesses that supply to you. Can you rely on them? What have they learned from the pandemic? What changes have they made?
View to the future
Getting compliance right is one of the most empowering things you can do for your business. Post-pandemic, it has become one of the crucial aspects of doing business today.
Take a fresh look across your operations, internally and externally. Check those foundations. Probe them hard.
Once you’re satisfied they’re solid, you can look to the future and pursue your growth strategy with renewed confidence and energy.
We have launched a guide that goes into these issues in more detail and shows you how to set yourself up for success. Simply click here to download, or sign up here to our KPMG Private Enterprise newsletter for more insights straight to your inbox.