One or more regulatory compliance violations will quickly erode the trust you worked so hard to build with customers, not to mention potential lawsuits and financial liability. Regulatory compliance is a company’s ability to properly follow local, federal and international laws and regulations.
Compliance requirements pop up in numerous transaction services like the order-to-cash and procure-to-pay cycles, said Chris Doxey, CAPP, CCSA, CICA, CPC, president and owner of Doxey Inc., during an NACM and FCIB Executive Series webinar, Regulatory Compliance 101. “If you leverage compliance efforts and internal control efforts, you're really going to make sure that nothing falls through the gaps, and you're not duplicating efforts, and you're using resources correctly,” she explained.
A recent increase in fraud risk makes staying on top of compliance regulations all the more important. “A risk-aware culture is perhaps the most valuable asset that a firm can develop, especially when confronted with a changing environment,” according to Thomson Reuters Cost of Compliance 2021 report published earlier this month.
The problem is that a multitude of compliance regulations exist, and they are constantly being updated. For example, the AML (anti-money laundering) Act of 2020 will cause the U.S. Treasury Department to “create or amend at least a dozen regulations and create a beneficial ownership registry,” which could make compliance more “burdensome” for financial institutions, the report states.
The sheer volume of regulations makes it easier for fraudsters to slip through the cracks, especially as the volume of financial crimes increase. The virtual world created by the pandemic also makes it easier for companies to get away with fraud because they can hide behind a screen, making it more challenging to validate proper adherence.
Credit managers should already have a hand in the KYC (know your customer) compliance process, but properly conducting due diligence and identity verification is more difficult today. “The COVID event has underscored the financial sector’s susceptibility to operational risks, especially those related to cyber security,” the Thomson Reuters’ report explains.
So, if your company is not using a third party to help with compliance screening, it can be time consuming, Doxey said. “You may do some compliance screening today and think that you've checked everything you needed to check but unfortunately that individual or company may show up on a government watchlist like OFAC [Office of Foreign Asset Control] tomorrow, so it's really hard to keep up with everything.”
Some companies outsource compliance responsibilities due to a lack of in-house compliance skills for additional assurance on compliance processes and to access third-party KYC functionality
However, outsourcing is not always the answer for keeping up with compliance regulations. It can be expensive, and “ultimately, boards and senior management of regulated firms retain responsibility for the functions and services outsourced and are responsible for the management of risks associated with outsourcing,” the Thompson Reuters’ report says.
That is partly why it is crucial for credit managers to work with their company’s CFO and internal controls department to ensure “that we're paying our foreign vendors properly, but we're also receiving cash from our foreign vendors … and that we're not paying or receiving a bribe from anyone according to the Foreign Corrupt Practices Act,” Doxey said.
Combining compliance regulations with the internal controls program is one of the best ways to lessen the chances of a violation because doing so reinforces due diligence requirements, leverages resources and makes it easier to validate compliance requirements, Doxey explained.”[The CFO and controller] provide a stewardship to prevent cash leakage; they want to align capabilities and cost; they want to provide a strategy to make sure that the achievement of both the business and financial strategy are something that that actually happens.”
This article first appeared in the June 24 eNews. It is used with permission.