What are the compliance issues that are facing the verticals such as pharmaceutical, banking, Insurance and business process outsourcing (BPO)
The latest amongst the compliance requirements is the Sarbanes Oxley Act (SoX) that aims at ensuring appropriate standards of corporate governance, ensuring that public accounting firms can do truly independent audits and and that directors and officers are held accountable for corporate fraud.
Others include Basel II regulations for banking, CFR compliance for pharma and research companies and IRDA compliance for Indian insurance companies. These regulations, whatever their genesis may be, are driving corporate governance and adoption of industry best practices globally to minimize the risk of fraud, avoid penalties and litigation and to uphold the interests of employees and stakeholders.
BPOs on the other hand have to comply with the internal service levels that they have promised to their end customers. This is not only desirable but also mandatory as per the service level agreement with the customer and affects the viability, longevity and the profitability of the business relationship.
Some of the processes that BPOs undertake may also be required to be compliant with a third party regulations (like SoX).
Why have the compliance issues suddenly become so important in the Indian / global context
The biggest factor that is driving compliance is corporate governance. This is sometimes proactive when stakeholders ensure that corporations are run according to high professional and ethical standards, and company officers meet their responsibilities to the shareholders and other stakeholders. In some cases, governments enforce this, usually after a mishap, when loopholes in the system come to light. Governments today are driving process compliance by making it a responsibility of the board of directors.
Does an organisation need to re-engineer its processes to cater to compliance requirements
The answer is yes and no. This becomes clear only after a process audit that determines how compliant the process is today and where are the gaps. There may be some processes that may comply, some that may need tweaking and some that need complete re-engineering.
How can technology make this simpler
Many organisations are now developing compliance strategies, that will allow them to meet their statutory obligations, while also minimising the disruption of day-to-day operations and the workload on employees. Also business processes are inherently complex and involve hundreds and millions of transactions. Through use of technology, companies are looking for ways to manage this process complexity and keep the costs of compliance to the minimum.
Technology needs to be viewed as an enabler of improvement to processes. Typical process enablers include business process management (BPM), collaboration tools, document management, business intelligence, ERP systems, audit tools etc. The most important amongst these today is BPM. BPM can help companies automate their business processes, set and communicate goals, establish key performance metrics and accountability, and continuously measure performance against company/ compliance goals and objectives. This can then fire alarms to senior executives whenever the processes go out of bounds.
Mature systems today allow business executives to even simulate processes and remove any discrepancies before deployment. Subsequently users can view process metrics through a management dashboard and tweak processes in real time to ensure that the processes remain within control limits set by compliance requirements.
Are there any current examples of organisations that have used technology to meet compliance requirements
Yes. Regulated environments such as insurance and banking have either moved on to or are moving towards technology platforms to help them comply with regulations. Most Indian private insurers today use BPM for IRDA compliance including Max New York Life that uses Newgen solutions for process compliance. A company like Philips on the other hand uses it for SoX compliance. Most Indian BPOs also have to comply with strict SLAs of their end customers. This is a compliance requirement governed more by the customer rather than by statutory regulation. Even here technology is being actively used to deliver on the SLAs and to keep the costs of this compliance within competitive limits.
What kind of business benefits can an organisation achieve by making itself compliant with regulatory requirements
More often than not, compliance is mandatory and is driven by regulation to help safeguard the interests of organisational stakeholders. If implemented well, business processes compliant with regulatory requirements can lead to multiple benefits including transparent processes, higher process efficiencies, higher employee productivity etc. BPO companies are even showcasing their SLA compliance capabilities to differentiate themselves against competition.