5 Key Areas of Risk & Compliance to Prioritise in 2021
With the year we have all had, compliance professionals could certainly be forgiven for gently dragging themselves through these last few months in an effort to start afresh in 2021. All we really want for Christmas this year is to avoid any major risk or compliance failures, slip away to a beach somewhere (preferably with a Pina Colada) and for the borders to open so we can finally see our families and friends interstate at least once in 2020. We are with you on all fronts.
Unfortunately, the world is not that kind to us in compliance. After a year of regulatory reforms being suspended or put on hold and regulators gearing up to do what they set out to do in 2020 (but had to soften so businesses could manage their responses to COVID-19), 2021 is shaping up to be an enormous year for compliance. Treasury announcements for long awaited Bills are coming in thick and fast, implementation dates for regulatory changes are now upon us and enforcement action in areas such as anti-money laundering/counter terrorism financing regulation has been foreshadowed.
Whilst the temptation is to just get through to Christmas, we think that a prudent end of year activity to undertake is to prioritise what you need to focus on in 2021. For instance, it may be the case that 2021 is not the year to embark on an organisation-wide documentation review or compliance management framework enhancement (if that is not a significant risk for your organisation or it may be the most important risk you are facing).
The key is to take the time to review the risks which could be heading your way, analyse those that are likely to be material in 2021 and plan your activities around these risks.
Oultined below, are 5 areas of risks we have identified as potential avenues to prioritise in 2021.
For those of you who are regulated by the AML/CTF regulations, if compliance risks arising from these regulations are not currently on your priority list, they should be.
Unlike other regulators, AUSTRAC has not taken its foot off the pedal in 2020 and is continuing its enforcement agenda. We saw a record fine against Westpac this year and the AUSTRAC CEO has foreshadowed more regulatory action is in progress. It is therefore critical to assess the effectiveness and performance of your AML/CTF Program right now so you can identify any areas of compliance which present a high risk and plan to remediate these risks as soon as you are back on deck.
The proposed reforms to responsible lending were released on 4 November 2020 and, if passed, will commence from 1 March 2021. The reforms present a regulatory change risk which will need to be managed. Any adjustments to responsible lending procedures will also need to be considered in the broader context of credit risk. In addition, COVID-19 has put many loans under pressure with banks already signalling likely impacts by setting aside funds for potential losses anticipated over the next 12 months. How loans are managed in a recovering economic environment presents a particular responsible lending risk for banks and other lenders.
Many reforms which were to be rolled out in 2020 have been delayed until 2021 which has snowballed to include the reforms which were already scheduled in 2021. Accordingly, regulatory change management is likely to be a key risk for many organisations. However, as resources are channelled into various regulatory change projects, organisations will need to ensure other key compliance risks are not forgotten or neglected. Identifying and highlighting these risks to senior management and boards before the year ends could be a prudent step to take to ensure you have the necessary resources and support to manage all material compliance risks and not just narrowly focusing on regulatory changes which present a more immediate risk.
We will see publication of the first modern slavery statements in Australia in late 2020 and 2021.
Those organisations which are captured by the regime will be focused on ensuring that they meet their obligations to prepare a statement. However, if the groundwork of reviewing and assessing supply chain risk has not been undertaken, a misleading modern slavery statement is a risk in itself.
The Government has announced that it has committed $147 million to the development and operation of a Commonwealth Integrity Commission (CIC) to strengthen the existing approach to integrity, anti-corruption and law enforcement.
However, the establishment of the Commission is not just a risk for Government departments and agencies. Bodies that supply goods or provide services to Government should also be considering how they manage corruption. Corruption is an important risk to be managed by all organisations and in 2020 we have seen heightened focus on corrupt practices by the media which is gaining momentum and will continue to be a focus in 2021.
As you prioritise and plan for 2021, the challenge we want to set for all compliance professionals as your new year’s resolution, is to think outside of the box. If we have learnt nothing else from the compliance failures which have come to light in the last few years and are continuing to be uncovered, a fundamental shift, a “revolution”, in compliance management is desperately needed.
We believe it starts with shifting your focus from detailed obligations registers to material compliance risks, and ends with ensuring you have efficient, effective and innovative technology to manage these risks. Software for enterprise risk management is evolving and rather than just a ‘box of forms’, software is far smarter with integrated content and smatterings of artificial intelligence to help accelerate manual activity.
As part of an organisation looking to bolster your compliance management, you can find a collection of risks crucial to managing compliance, legal and regulatory needs captured in the CompLeR libraries. The 6clicks platform boasts CompLeR’s three core libraries and two sector libraries with more to be released soon.
Once you have finished ringing in the new year and gladly saying goodbye to 2020, be sure to use the right technology to drive risk and compliance awareness, identification, assessment and treatment – all the way from the board, right to the front line risk and compliance managers.