All of the key regulators, APRA, ASIC and the ACCC, emphasise the importance of businesses’ corporate culture in their approach to risk and compliance.(Background).
The poor management of recent compliance breaches can often be traced back to a silo culture which undermines the organisation’s values.
While setting up departments or subsidiaries in an organisation can be efficient (as it allows for specialisation) when an organisation has hundreds, let alone thousands, of employees communication become critical.
Not only does a department need to communicate within itself it needs to communicate with other departments and observe common values.
An organisation’s underlying corporate culture has to be consistent across all groups regardless of their function. If your organisation has core social values how do you make sure they are implemented?
Financial advice breaches in recent years by CBA, Macquarie and more recently IOOF all appeared to involve a failure to successfully implement a uniform set of standards and procedures across the organisation’s various individual licensees and at the group level.
In particular a breakdown in compliance within one division was typically covered up internally and not reported to, or inadequately communicated to, head office. Internal reviews became a “whitewash” and external consultants were not given the full facts.
When there are organisation-wide risk issues the organisation as a whole needs to be aware and respond appropriately. The creation of silos affects the monitoring and supervision of risks as well as responding to them.
Your compliance management program needs to address this risk.