Companies today face a daunting combination – tremendous uncertainty and the need to move ever more quickly. Customer expectations are rapidly evolving, pressuring the pace of innovation. Entirely new sources of risk such as cybersecurity, must be addressed. Technological innovations are disrupting traditional business models as new types of competitors arise. The accelerating turnover among Fortune 500 firms is just one proof point of the risk facing companies, regardless of their size. McKinsey forecasts further acceleration, with over 75% of the 2017 F500 disappearing by 2027. In such a dynamic and uncertain environment, agility is key to success.
Governments are only feeding the uncertainty, with Brexit, U.S. threats to renegotiate NAFTA and impose tariffs and Chinese aggression in the South China sea being just a few, high profile examples. Capturing fewer headlines but arguably having a greater impact is the stark shift in regulatory attitudes. The laissez-fare approach of earlier decades has been replaced by an increasingly hyper-regulatory environment affecting virtually every business. According to a 2017 survey conducted by Thomson Reuters and the Association of International Certified Professional Accountants, 43% of business leaders feel that regulation will be among the greatest disruptors to their business 25 years from now.
While certain industries are directly targeted (most notably Financial Services, with Basel III, Dodd-Frank, et al), much recent or pending regulation is much broader in scope. The upcoming GDPR regulations are a great example. While most directly focused on technology firms, GDPR is broadly relevant as companies of all types increasingly capture information on their customers and prospects.
The cost of compliance is great. The Competitive Enterprise Institute noted that in 2015 the U.S. government issued over 80,000 pages of rules including 76 “major” rules costing more than $100 million to implement. They estimated the cost at $1.9 trillion, more than taxes collected by the federal government. And the effort shows no signs of abating. On the contrary, regulations seem set to rise. A 2017 study of compliance professionals by Thomson Reuters found 62% of firms are expecting even greater new regulations in 2018.
Compliance is not just a significant expense, but also a major risk for corporations given its complexity and the potential fines and penalties involved. Hence, more and more resources are being invested. Yet the key to long-term success is not to work harder and throw ever more resources at compliance efforts, but to work smarter. Given the tremendous uncertainty, that means building an agile approach that can efficiently and effectively help companies ensure compliance with current and future regulations. Such an approach must at a high level enable the organization to quickly assess compliance, identify gaps, build improvement plans to address those gaps, execute and monitor progress.
Additionally, any approach must extend throughout the supply chain. Regulators are increasingly holding companies responsible for actions of suppliers. Even when not, customers certainly are, and they will quickly turn their nose on a brand if it is involved in a scandal, regardless of how far down its supply chain. This presents unique challenges as companies have less visibility and control over suppliers, which can easily number in the tens of thousands for larger organizations and many times that when second and deeper tier suppliers are considered. Agility requires the ability to scale any approach to such levels.
Companies must look to technology as a critical enabler. Given the need to extend processes through the supply chain, Supplier Risk and Performance management (SRPM) or broader Source-to-Pay (S2P) solutions are a natural source. The key to any compliance assessment is the ability to quickly and efficiently capture information from all relevant stakeholders. Effective SRPM or S2P solutions can support assessments through flexible and easy online surveys/questionnaires that can be configured by end users and distributed both internally and externally.
When it comes to addressing gaps, robust project management functionality is critical to developing and tracking progress against improvement plans at scale. It can enable the sharing of information, assignment of responsibilities, automated alerts and status tracking. Leveraging technology has the added benefit of ensuring auditability, maintaining a log of all activity. Being able to prove that a company is compliant, or at least has taken significant efforts to ensure compliance can be as important as the act of being compliant, both for the sake of regulators and customers.
An often overlooked factor when evaluating technology is whether it indirectly imposes new constraints that can actually reduce agility. The shift towards SaaS solutions has brought tremendous benefits, including rapid ROI and lower total cost of ownership (TCO). Much of these benefits are the result of more standard configurations and the inclusion of upgrades in fixed subscription fees. As a result, many solutions have been architected in a way that optimizes these benefits at the expense of agility. This is particularly true among S2P solutions, where the focus has been squarely on rapid deployment and embedding best practices that companies adjust their processes to. If SaaS software cannot meet a requirement, often the only recourse is to have the provider add the requirement to the roadmap, which is an uncertain and lengthy process. In the face of rapid and uncertain regulatory changes, there is no time to be a slave to your vendor’s roadmap. The flexibility to meet unique or evolving requirements without vendor enhancements, thereby improving rather than reducing agility, should be a key criteria in technology evaluations. Companies should demand it of their vendors, just as they demanded more easy to use interfaces.
More than ever, Darwin’s claim that “it is not the strongest or the most intelligent who will survive but those who can best manage change” seems relevant to corporations. Today’s unpredictable and dynamic regulatory environment has further increased the importance of agility. Success will increasingly depend on leveraging technology to empower an agile organization.