Facing down complexity – Creating a global framework for compliance

TMF Group discusses how in‑house general counsels can help Asia-Pacific‑based organisations navigate an increasingly complex regulatory landscape by creating a global subsidiary compliance strategy that also addresses regional needs

Faced with rapidly evolving regulatory requirements, organisations in Asia-Pacific must address new subsidiary compliance challenges. Particularly for organisations present in multiple jurisdictions, the role of corporate secretarial – or ‘cosec’, as it is widely known – services is becoming an increasingly important aspect of the drive to create a robust approach to regulatory compliance that can take into account a range of regulatory regimes. However, many organisations struggle to develop compliance strategies that work on both a regional and an international basis. “Finding an optimal setup can certainly be challenging,” Leila Szwarc, global head of compliance and strategic regulatory services at TMF Group, said in a March 2018 briefing paper entitled 5 truths about global compliance. However, as the paper also points out, there are strategies that organisations can use to create a global framework for compliance.

 

Dealing with complexity

Globally, there is a growing emphasis on transparency – both internally and externally – from regulators, the media and the public. Just as companies have come to grips in recent years with new international regulatory regimes such as Basel III, the International Financial Reporting Standard, the Foreign Account Tax Compliance Act and the Common Reporting Standard, a raft of regional reporting requirements is now being rolled out with the aim of increasing transparency, especially in regulated industries such as financial services. In addition to efforts by the Monetary Authority of Singapore (MAS) to overhaul MAS 610, for example, Australia, Hong Kong, Malaysia and India are all currently updating national reporting procedures. Such changes will require organisations to develop better internal systems and processes for collating and managing data, as well as for reporting both internally and to external entities such as regulators and shareholders.

For organisations with a presence in more than one jurisdiction, these efforts to boost transparency will also result in increased complexity as businesses must monitor and react to changing regulations on a number of fronts. In addition to overcoming language barriers, there is often a need to address national compliance requirements, as well as variations within countries. According to the TMF Group briefing paper, 19% of Asia-Pacific countries have different compliance requirements per jurisdiction or province, and 35% of countries impose severe penalties for legal administrative non‑compliance.

Businesses are also becoming more complex internally because of major disruptions such as digitalisation and individual structural changes such as expansion into new territories. As organisations push these boundaries, there is a growing need to develop an enterprise‑wide approach to cosec duties that also takes into account the array of regional rules and regulations currently affecting companies based in Asia. Furthermore, the cost of non‑compliance is increasing – it is no longer enough to concentrate on regulatory consequences alone, but it is also important to be mindful of the reputational impact of negative media attention. “In a world where social media exposes organisations to reputational risks, legal counsels have a massive opportunity to proactively define business outcomes. Rather than simply keeping business leaders out of jail, the role has now moved towards helping them define the company culture,” says Shagun Kumar, managing director at TMF India.

In‑house general counsels must be able to navigate this rapidly changing landscape, and it is becoming increasingly clear that this requires an enterprise‑wide approach to compliance. By creating a global framework that provides a solid template for compliance, it is possible to address increasing regulatory pressures and mitigate the reputational risks of potential compliance issues. However, such a framework also needs to account for regional differences throughout an increasingly complex regulatory picture.

 

Creating a global framework

In the current regulatory environment, organisations must ensure that they remain not only on top of new rules, but well ahead of regulatory output across multiple jurisdictions. It is not enough to begin working on a compliance response as new rules are published by regulators. Organisations must be aware of these developments ahead of time so they can prepare for and promote change across the organisation in advance – as well as lobby for adjustments to upcoming rules that might adversely affect the organisation or the wider industry.

It is the responsibility of legal and compliance professionals to stay one step ahead to map out the ever‑changing parameters in which today’s organisations must operate. More specifically, in‑house general counsels should take the lead in creating an enterprise‑wide response to regulatory change, as well as spearheading the development of systems and processes to ensure compliance. While it is important to be an independent source of information and guidance for other business units, those at the forefront of this movement are now also exploring how to be a more effective business partner by listening and responding to evolving compliance needs throughout the organisation.

So how can in‑house general counsels ensure that increasingly complex organisations are fully prepared to face a changing regulatory landscape? While there is no single approach, a solid first step would be to conduct an audit to assess current standards and potential requirements. This should compare and contrast each jurisdiction in terms of its present level of compliance and performance, including an assessment of cosec data to ensure harmonisation and accuracy across all sources of information within the company. An audit should also help map out the lines of communication within regional entities and between these units and the rest of the organisation. A new global framework can then be created to address any gaps or areas in need of improvement identified by the audit, as well as current and future compliance needs.

 

Communication is key

In‑house general counsels need to work with compliance, risk and audit teams to develop a global framework that can be disseminated throughout the organisation’s regional hubs. “There is a need to balance global compliance frameworks with fast‑moving local knowledge,” Kumar says. Locally based employees must be given the knowledge, ability and confidence to tweak the global framework to suit local regulations and cultural differences. Internal communications systems and processes will play a key role in this area by reinforcing the company culture and ensuring full buy‑in from all employees. Local experts should be empowered to tailor the global framework to fit regional needs, informing employees of their responsibilities and any changes on an ongoing basis. 

These lines of communication should not just be one way. “Where there are changes in law, it is expected that an organisation’s board be trained or briefed to ensure regulatory and compliance risks are well managed through the compliance team,” says Sharon Yeoh, director and head of cosec at TMF Singapore. As such, local units need to be able to convert rules and regulations from their jurisdictions into a standard format that can be understood by management and used to develop an overview of the organisation’s overall compliance status. For many firms, a simple but effective strategy is to schedule regular telephone calls between head office and regional hubs to keep the wider organisation abreast of regulatory developments. Maintaining an ongoing dialogue in this way can also help break down any resistance to change that might come about due to unexpected policy adjustments, for example.

Most organisations face a range of overlapping standards across jurisdictions and in terms of internal policies. Adopting the highest standard is usually the safest way forward in such circumstances, but to do this effectively everyone in the organisation must be on the same page with regard to local and international regulations. The legal team must work more closely than ever with compliance to co-ordinate this communication and ensure full understanding. 

In addition to a strong internal communications function, many organisations find that a training framework focused on compliance is a useful tool. This allows employees to gain a deeper understanding of the company’s overall compliance needs and reinforces a culture across the organisation that puts compliance at the forefront of all activities. By conducting this training online and tracking employee progress, it is possible to ensure all employees have equal access to relevant information, rather than relying on regional business heads to get the point across in a uniform manner.

 

Exploring outsourcing

Many organisations have the necessary skills and knowledge to develop a response that can adapt to fit both global and regional needs, particularly if it is impossible to allocate a dedicated in‑house expert or local compliance officer for every region. However, others require external support – which is where outsourcing can be of great value to the cosec function. Engaging a partner that can provide on‑the‑ground expertise can fill in the gaps, particularly as organisations expand into new regions and business areas. For example, some firms outsource certain business transactions to local service providers such as lawyers, accountants and professional services firms. The service provider can then feed information about common issues or changes through to the group compliance division, which can then, if necessary, create a response on a firm‑wide basis – such as updating relevant training programmes. While the organisation itself creates the global solution, service providers act as a key source of local expertise to ensure the company remains a step ahead of regulatory change in all regions.

It should be noted that outsourcing may not be the best option for every organisation, but it is certainly worth considering as companies attempt to tackle growing levels of compliance complexity. Those that wish to explore this option should begin with due diligence to identify the full range of organisational obligations – from mission-critical to those of lesser importance. Any obligations that are earmarked as candidates for outsourcing should be discussed and agreed upon by all internal stakeholders before finding and engaging professional providers. It is also worth noting that this process of identifying, discussing and outsourcing activities could take time to complete – as much as two years for some activities. Even once an obligation has been outsourced, ultimate responsibility always remains with the organisation. As such, it is important to act in partnership with outsourcing firms to ensure sufficient, ongoing communication of objectives and understanding of corporate goals, strategies and overall culture.

 

A new approach

Compliance has moved beyond simply satisfying legal and regulatory issues – reputation is an increasingly precious commodity as organisations face growing pressure from regulators, stakeholders and the media to be good global actors. As company culture and conduct plays a more important role in compliance, organisations need to broaden their perspectives in terms of their overall compliance goals. In this respect, the development of an enterprise‑wide approach is key. Furthermore, legal counsels play a major role in ensuring an entire business is on the same page when it comes to satisfying an increasingly complex web of rules and regulations – particularly across multiple jurisdictions. This will ensure all parts of the business operate according to the highest standards and can satisfy internal and external reporting needs in an effective and efficient way.

Sponsored content