Having worked in governance, risk and compliance for almost 2 decades, it's time to rethink how we manage regulatory compliance failure.
I was out in the countryside yesterday.
Walking, minding my own business and when rounding a corner, there is was!
As compliance, risk and governance professionals, we often feel that this is a daily occurrence.
Having experienced this most of my career, this new year, this new decade, I’ve been rethinking.
Previously, I would've worked tirelessly to clear up the mound. source the origin, address the problem and in most situations seek to correct the issue by implementing procedures and controls. This is seemingly all good compliance work, however they keep appearing, so perhaps my strategy is wrong?
I’ve rethought my approach based on the premise that if I want to stop the piles, I need to change culture; I need to redefine the norm.
Firstly, I will leave the pile where it is.
Secondly, I will raise the profile of the pile to the right fora.
Thirdly, without judgement, those responsible for the pile will be asked to take ownership, begin the clear up and look at the causes and how the norms can be changed to prevent reoccurrence. Fourthly, throughout this process, I will work tirelessly to support a shift away from more rules, towards
Ethical behaviour, and
This in an environment of kindness, openness and generosity.