Edgile - How the C-Suite is Blinded

Issue link:

Contents of this Issue


Page 0 of 2

Many enterprises today are losing the battle to maintain compliance and it's frighteningly unintentional. These companies have senior executives who believe—incorrectly— that managers are tracking and managing all of the company's compliance obligations. The truth is that these firms have compliance matters so compartmentalized by business units and specialty that critical compliance requirements routinely fall through the proverbial cracks. Siloed compliance management creates problems Within many enterprises today, compliance and regulations are often managed in silos. For example, issues that are seen as primarily dealing with technology—think ISO or PCI—are handled by IT and ultimately the CIO, whereas those seen primarily as financial—such as SOX or FCPA—are dealt with through finance and treasury, the controller's office or the CFO's team. Sometimes regulations are handled by internal audit or legal teams or the Chief Risk Officer, but unless someone bothers to ask, actual ownership may not be obvious. Allowing specialists to handle rules in their arenas is understandable. But there are two massive problems with this approach. The first is that few regulatory requirements exist solely within any one group's jurisdiction. Take PCI. Is that regulation primarily technology-driven and in IT's purview, or is it primarily security-driven and more under the Brian Rizman, Edgile Managing Director How The C-Suite is Blinded by Compartmentalized Compliance Efforts The solution? Have one senior manager or executive responsible for all of the enterprise's compliance and regulatory needs, so that nothing inadvertently gets hidden from view.

Articles in this issue

view archives of Articles - Edgile - How the C-Suite is Blinded