It's tempting, when the financial cash flow is up against the wall, to look for ways of reducing or redirecting investment and spend in or away from your cost centres. Compliance should not be on that list.
We could be heading into increasing levels of 'non-compliance'.
I've recently heard the term 'a compliance pause' being banded around governance, risk and compliance circles, as well as in boardrooms. We need to be incredibly cautious and consider carefully what this actually means.
It does not mean that the compliance function's work has stopped
It does not mean that an organisation can worry less about compliance
It does not mean that businesses can make decisions without consideration of their regulatory obligations.
As a consequence of this crisis,
Some regulators have issued amended financial capital requirements, so organisations can weather this storm and banks for example can continue to loan to businesses that are also struggling.
Some regulators have issued statements delaying the submission of returns or particular reports insight of the difficulties organisations are facing in retrieving some of this information
Some regulators have issued guidance to support businesses who have been forced to move to a more virtual world of operation, such as financial services and electronic verification.
What regulators have not done is in anyway lessened the regulatory obligations of organisations which they licence. In fact, in many industries, such as online gambling in the UK, the regulator has made clear that it expects organisations to 'work harder' to ensure compliance with obligations under social responsibility and assessing affordability.
This crisis is testing our capital markets, challenging our whole capitalistic society and is widening the door for corruption, financial crime and bribery.
If history is to learn by, such as following the 2008 financial crisis, this one will lead to increased levels of non-compliance if we are not very careful, and these practices and decisions will only come back to haunt businesses and directors years down the line.
There are things that boards and businesses can do, however:
Reinforce your organisation's values and culture regularly
Increase levels of transparency and openness with your stakeholders
Invest in your internal control functions, such as compliance and risk
Bring governance, risk and compliance up the agenda
Increase, if possible, the monitoring of internal controls
Support your staff and communicate regularly
Consider removing commission or performance related pay benefits
Where compliance with your controls are breached, report these immediately to your regulator
Consider bringing in external support to bolster your governance, risk and compliance efforts.
These times of crisis tell us that whilst there is often a resurgence of community, collaboration and contribution, there are also sadly, many who use these crises malevolently.