Print Page   |   Contact Us   |   Sign In   |   Apply online
Community Search

2017-09-27 » 2017-09-28
2017 IRMSA Annual Conference - 27 to 28 September

2017 Annual Conference Masterclass - 29 September

2017-10-03 » 2017-10-04
Risk based IT Governance (RITG) training – 3&4 October 2017

Risk Reporting Training - 10 October 2017 Durban

IRMSA Risk Chat
Blog Home All Blogs
Search all posts for:   


View all (61) posts »

Compliance- A Business Imperative: Risk Chat 1 February 2016

Posted By IRMSAInsight, 04 February 2016

1 February 2016 


Compliance- A Business Imperative


Many organisations see compliance as a ‘necessary evil’ and in many cases pay lip-service to it, hoping it will go away. Whether we like it or not compliance is here to stay and it’s not only getting more and more complex in an increasingly complex and connected world but is having a bigger and bigger impact on business. Here are a few examples that highlight the impact of non-compliance and / or unethical behaviour:

  • Just look at what MTN is facing right now relating to the so called non-compliance with the Nigerian Communications Act (NCC).   MTN was fined $5.2 billion by the NCC late last year for failing to disconnect five million subscribers, who were not properly registered, as required by law. The fine was subsequently reduced to $3,9 billion, which MTN is challenging in court. MTN has just been granted a lifeline to settle its $3,9 billion fine out-of-court with Nigerian authorities. On top of this, imagine the cost of all the legal fees! At least the lawyers will be happy! At one stage MTN’s shares declined by about 20% when the news of the fine broke out and on November 2nd 2015 the Johannesburg Stock Exchange briefly suspended trade in MTN.
  • In December 2015, Standard Bank’s London unit was ordered to pay about $33m in fines, compensation and refunds relating to bribes paid to the Tanzanian government to secure a $600m contract. Standard Bank was punished for the sins of its subsidiary because it did not conduct "know your customer" and due diligence checks on Enterprise Growth, despite the possibility of bribery, said Justice Leveson.
  • The U.S. Justice Department sued Volkswagen late last year for up to $48 billion for allegedly violating environmental laws - nearly four months after its emissions scandal broke.
  • And the list of corporate failures and fines related to unethical behaviour and non-compliance to regulations goes on and on and will continue to go on whilst organisations continue to flout or ignore compliance. Some of the more notable scandals include Enron (2001), WorldCom (2002), Lehman Brothers Scandal (2008) Newscorp (2011), FIFA (2015).

If you as an SMME (Small, Medium and Micro Enterprise) think that compliance only applies to large corporates you will be surprised; you can have the best product and service in the market but just try winning a tender if your compliance documentation of which there is plenty is not up to date.   

So the moral of the story is that compliance, whether you like it or not is here to stay and is critical to the survival of any business. The trick is to find a balance between meeting regulatory requirements that demand compliance without impacting on the business imperatives of the organisation negatively.



As a risk manager:

  • Have you assessed how effective your compliance function is within your organisation?
  • Do you include and report on compliance risks in your risk universe?
  • How embedded and automated is the compliance function within your organisation ensuring ownership and ongoing follow-up of the relevant regulations and provisions at the right level?
  • Do you record and report on non-compliance issues, potential consequences, near misses and actual losses relating to non-compliance?





Connect with us and share your views:




Copyright © 2015 IRMSA - All rights reserved.

You are currently signed up to the IRMSA Risk Chat mailing list. To unsubscribe click here.

144 Katherine Street, Grayston Ridge Office Park, Block A, First Floor

Tel: 011-555-1800 

This email was sent to '@@email@@' from The Institute of Risk Management South Africa. If you wish to stop receiving email from us, you can simply remove yourself by visiting: @@unsubscribe_url@@ 


This post has not been tagged.

Share |
Permalink | Comments (0)
Sign In
Sign In securely