For corporate compliance and ethics teams there is a lot to think about for 2016. The regulatory pressure continues to intensify — whether it’s related to additional disclosure requirements or lawmakers and governments aggressively scrutinizing corporate behavior.
The threats posed by ever-expanding relationships with third-parties and the proliferation of new technologies open up firms to a wide array of risks, particularly as they relate to data privacy and cybersecurity. Indeed, how companies collect and handle sensitive digital information will continue to be a top concern for compliance and privacy professionals in years to come.
And these are just a few examples. Meeting all these challenges requires a sound departmental strategy that is grounded in more than just tactical “to-dos,” it should take into account a broader set of inputs that include business and political trends and corporate strategic objectives.
And all this isn’t easy. On the whole, corporate compliance teams have trouble defining and measuring what constitutes success for them, and this in turn makes it nigh on impossible to show how they play a valuable role over time.
A good strategic plan can help with this, as it links specific objectives or tasks with broader corporate priorities and then provides meaningful ways of measuring what constitutes “achievement” of those tasks, and so contribution to overall corporate success.
Goal and Objective Setting
Chart 1 provides a good overview of how the compliance and ethics function can support corporate strategy.
Chart 1: How the compliance and ethics function supports corporate strategy Source: CEB analysis (click to expand)
Heads of compliance can then translate their functional goals into specific objectives to implement the departmental strategy (see chart 2 for an example).
On the model in chart 2 a goal is clear and based on a specific verifiable outcome, it therefore guides behavior, and has a single owner who can be held accountable. An objective, on the other hand, is a discrete and measurable step that is necessary to accomplishing a goal.
Goals should be something to aspire to, but should be grounded in reality. The act of articulating the objectives can help you test whether the overarching goal is achievable. A big part of a strategic planning process should be about deciding which objectives to prioritize in the short-and long-term. This will require you to designate specific activities (or tasks) to complete for each objective.
Chart 2: Corporate goals and compliance goals Source: CEB analysis (click to expand)
All of this strategy, goal, and objective setting will be worthless, however, if teams can’t measure their progress towards achieving the objectives and so ultimately the strategy. Measuring performance holds everyone accountable and allows teams to correct their course as circumstances change (see chart 3).
Some teams are more inclined (or equipped) to track and report on multiple metrics. If you haven’t strategically linked your goals to a broader corporate framework, or if you simply don’t have the resources to monitor progress properly, a detailed metrics program may not be for you.
This doesn’t mean you can’t monitor progress with a lighter touch, but you want to make sure not to bite off more than you can chew.
Chart 3: How metrics fit into the wider strategic framework Source: CEB analysis (click to expand)
And once you know what and how many metrics you want to track, it pays to use the faithful old SMART framework to determine which measures are ideal (see chart 4). If you can’t measure an objective in this manner, you may want to reconsider whether or not you should pursue it in the first place.
Chart 4: The SMART framework Source: CEB analysis (click to expand)