By Chris Fordham, Managing Director, Disputes and Investigations Asia, Alvarez & Marsal

For businesses, understanding its risk universe is an ever-present challenge. But with the economic downturn, global pandemic and uncertain political climate, new risks are emerging and existing risks evolving at such a rapid pace that businesses are finding it ever more challenging to cope with. Now more than ever is the time to update rigid compliance frameworks with a more flexible, technologically advanced and iterative approach designed to weather the changing risk landscape.

The global economic downturn is significantly impacting Asia-Pacific as many territories show signs of negative growth. A steep decline of economic growth in Asia-Pacific in 2020 is forecasted, with 1.3% contraction this year according to S&P Global Ratings. Unlike the Global Financial Crisis in 2008 where mostly only finance-related sectors were affected, the current economic downturn is impacting all sectors globally. Despite best efforts to act ethically in these challenging times, ‘bad pennies’ are bound to turn up in the form of higher fraud, bribery and corruption cases as financial pressure mounts. In addition, the pandemic has hit people hard, intensifying financial pressures further.

Businesses are constantly playing catch-up to deal with regulatory changes that are happening at short notice, and often without full clarity. These regulatory changes can affect all industries, although financial services institutions are often on the so-called frontline; and these regulatory changes can be in the areas of anti-money laundering and expert controls, as well as cyber-security and data privacy, to name just a few. The chances of being in danger of non-compliance is now higher than ever before. Businesses in APAC are finding themselves caught in the ever-changing landscape and find their compliance frameworks too rigid to adapt to changing rules.

New Smarter Approach to Compliance

Instead of responding to changes and risks as and when they arise, businesses should take a proactive approach. A stitch in time saves nine, and businesses would be prudent to adopt an iterative compliance framework.

1. Businesses should ensure compliance frameworks are continuously updated in order to adapt quickly to changing risks. Having an effective alert system to identify new risks, regulatory updates and their related ‘red flags’ is crucial. This will enable compliance teams to then tweak and update compliance frameworks or policies accordingly. The iterative process continues as each new alert triggers a risk assessment, policy revision (if necessary) and implementation.
   
2. Risks are harder to detect if employees do not recognise what the warning signs are. Important information on ‘red flags’ to help employees identify new risks will need to be developed and disseminated in a timely manner throughout the entire organisation including subsidiaries and third parties in supply chains. With regulatory changes happening at such a fast pace, it is even more important that everyone in the organisation receives the latest information in order to stay compliant.
3. Technology plays a key part in revamping compliance frameworks. Businesses need to spot high-risk business units, geographies, payments and third parties faster. Data-driven tools powered by Artificial Intelligence will help businesses improve their risk-profiling by incorporating analytics specific to emerging risks. From advanced real-time alert generation to deploying AI-driven learning models that identify hidden patterns and risks, the use of technology is fundamental to a flexible compliance framework.
   
4. Traditionally, compliance teams collaborate with internal audit and procurement units to introduce new controls, but issues may arise with adherence and enforcement. Periodic audits are meant to resolve these issues but are inherently limited in scope and often expensive, cumbersome and disruptive to administer. To overcome these challenges, external experts can work with businesses to customise a regulatory and compliance framework that suits each organisation.

Now is not the time to cut compliance budgets. Instead, businesses should make compliance frameworks smarter and adaptable to change.

This article was originally published on Lexology.com on December 2, 2020