Company

Polivec Study Shows Growing Acceptance of Regulatory Compliance but Disagreement on Who's Responsible and Who Pays

Wednesday, September 26, 2007

Executives Cite Need for Enterprise-Wide View of Compliance, Reduced Costs, Better Communication of Policies and Required Practices

Los Angeles, Calif. – September 26, 2007 – Regulatory compliance is extremely important and still too costly, but companies that do it well are the most credible business partners, according to a recent survey conducted by Mainstay Partners and Polivec Inc., developer of industry’s first policy-driven Governance, Risk and Compliance (GRC) platform.

Polivec released the survey results here today at the opening of the Ethics and Compliance Officer Association’s Annual Business Ethics and Compliance Conference at the Hyatt Regency Hotel. The complete report is available at www.polivec.com/policy.

The survey, which polled business executives, compliance officers, and IT leaders, indicated strong consensus on the need for enterprise-wide perspective and strategy for achieving regulatory compliance. It also demonstrated that executives disagree on who is ultimately responsible for compliance, on compliance’s actual costs, and on how to budget for compliance.

A majority of surveyed organizations rely on manual, paper-based methods to manage compliance. More than half of senior managers are unaware of recently developed technologies that cut compliance costs and increase operating efficiencies. 

The Promise of GRC Platforms

“For companies who take compliance seriously – and by far most of them do –a tremendous opportunity awaits to reap major savings and build their value of their brands. They know intuitively what needs to be done – seizing the initiative and centralizing control of compliance through better technologies like Polivec’s. But they are unsure of how to go about it or where to start, ” said Polivec CEO Kim Nelson.

Ninety percent of respondents stated that companies that perform the compliance function well are more reliable than others as clients, vendors, and partners. Other large majorities cited the need for controlling compliance from a single vantage point in the organization (88%); linking regulations and standards to corporate policies (92%); and enforcing policy adherence (92%). But more than half (53%) were unfamiliar with the software-based solutions such as Polivec’s that perform those desired functions, along with reducing costs and increasing efficiencies.

Nelson continued, “This tells me that people, for the most part, ‘get it’ when it comes to the big picture. They’re now starting to fill in the details. They know the value of compliance, and that it is not just about avoiding trouble with regulators. It is about being consistent and competitive across all lines of business, which leads to increased brand value.”

Opinions Differ Widely on Compliance Costs, Responsibilities, and Approach to Management

While more than 80% of survey participants thought that compliance is too costly and that knowing the costs is important, estimates of what aspect of compliance is most costly were widely dispersed among legal (23%), technology (19%), policy (17%), documentation (14%), assessment (9%).

Only 26 percent of respondents said that executives in their organization were responsible for compliance. The next most frequent response was “other” (19%) followed by operations and legal (both 16%) and finance (15%).

The methods currently employed to manage compliance and governance are predominantly paper-based, including spreadsheets, folders, and manual systems (ranging from 43-47%). Only 35% mentioned software solutions, while 44% of the replies were “not sure.” 

“This part of the survey makes it quite evident that an enterprise-wide technology solution will streamline compliance activities across all functions and departments.  In fact, it’s the only possible alternative to the ad hoc, reactive approaches that still predominate,” commented Amir Hartman, co-founder and managing director at Mainstay Partners.

“Everyone wants to know the costs. They should ask what is the true cost of the people, the spreadsheets, and the folders. And do they have a well thought out budget for compliance activities, which they all agree are important? Probably not.”

“Despite the disparity in the answers about ultimate responsibility for compliance, we all know that the buck stops with the executive team,” observed Polivec Vice President Tom Grubb. “They are stewards of the brand and reputation of the organization. As Banco Santander International’s CIO told us, their adopting the Polivec solution brought transparency to the entire process of compliance. “The survey shows that transparency is exactly what is needed, and the tools for achieving that transparency are technologies like Polivec’s,” concluded Grubb.