26. June 2020

Why companies need resilience, and resilience needs compliance

Husky dogs dragging a sled. Photo by Maria Belford on Unsplash

New business and new markets present risks and opportunities. For a compliance officer, assessing and mitigating these together with business colleagues is no easy task. But a robust compliance programme and a clear, sustainable business strategy make it a lot easier.

Risk and opportunity

In the last few months, the business world has been turned upside down by the Covid-19 pandemic. We are reminded of the Chinese word for “crisis”, which is composed of the two characters for risk and opportunity.

The ability to withstand this unprecedented crisis is something that many companies are continuing to grapple with months after the lockdowns first started. Everyone around the world has to manage the effects of the Covid-19 crisis on personal lives as well as economic livelihoods. Entire industries are rethinking their futures and what they can do better to ensure long-term sustainability.

For some companies, the crisis has undoubtedly created opportunities and they will continue to prosper. For others, it will be the end of their existence. Once a crisis hits a company, its capacity to deal with it is a mark of its resilience.

What is resilience?

Resilience has many definitions. In this context, it means the organisation’s ability to bounce back from a major risk. This could be a natural disaster or misfortune such as a change in market conditions that knocks out a business plan, or a specific event like a cyber-attack. The pandemic encompasses many different risks and is a disaster and misfortune all at the same time.

In the current economic climate, the concept of “resilience” has taken on a new significance. If resuming business and restoring reliability characterise resilience, then it will be support from the compliance function that will continue to provide guidance, stability and certainty in an uncertain future.

That is why Chief Compliance Officers are increasingly expected to have an enterprise-wide focus, with compliance integrated into business operations.

Embedding compliance into business operations

To develop resilience, companies must invest in compliance by integrating risk assessments into processes and projects from the start. Only by fully understanding risks and addressing them can company management identify strengths and develop resilience.

Making compliance considerations integral to those deliberations as work resumes will be a key element to ensure real resilience in business operations in future.

As we contemplate the future of business, resilience will be at the forefront for many firms as they endeavour to ensure that lessons are learned to shorten the recovery process. This disaster is not a black swan. The next pandemic – or another major disrupter – will strike, so companies had better get prepared.

An adapted version of this article appeared in German in the May edition of Recht relevant – für Compliance Officers, published by Schulthess.

Gemma Aiolfi

Senior Advisor, Legal and Compliance