The Compliance Journey – Balancing Risk and Controls with Business Improvement

Articles

Author(s)

BPMInstitute.org
Business Relationship Manager - Product Lifecycle Management, Chevron Corporation

Vince Sumpter has over 20 years of experience in Performance Management, data warehousing, and related areas and sees a synergy between process management, performance management, and controls transformation. The new regulatory environment demands compliance, but most of the present efforts are manual and specific only to the rules with little regard to how the changes could improve the business. Sumpter sees process, performance, and controls all coming together to give new value to the enterprise.

Sumpter says there is a lot of buzz now about Sarbanes Oxley (S-O). The fundamental issue with the intent of the law was to drive more transparency into corporate America to make investors and consumers more comfortable. C-level management is telling their internal auditors that S-O costs too much, about 1% of the cost of doing business. The main questions are how much will initial compliance cost and how much will it cost to maintain over time? But the important question is how can you get business value from compliance?

Corporations use a process analysis template to document the financial controls processes in their business. This template is a treasure trove for performance improvement and this fact is being lost in the mad dash to manually document the controls.

All companies are going through the process of controls transformation now, usually through simple spreadsheets. Rather than approaching it as a specific, one-time government requirement, controls transformation needs to seen as a multi-year program for change. The drivers are different for each industry and regulatory position so there isn’t a band-aid or a cookie-cutter approach that can be used. Instead of being a handicap, this helps create the business case for change and process improvement.

A typical Fortune 1000 company has thousands of processes, hundreds of systems, and tens of thousands of controls. The controls are either detective or preventive, and are handled manually or automatically. The goal is to move from manual (spreadsheets) to automated controls (processes). There is always a finance function that goes with every process.

Controls cost money. The upfront costs include:

  • Internal costs within the company
  • Upfront costs to scope and launch projects
  • Outside S-O advisors
  • Ongoing testing and monitoring
  • External audit fees

But there are also hidden costs that affect the total cost of controls that includes ongoing testing and auditing, and the effects on business performance and this cost is higher. The goal is to balance the finance need to control the business and the operations need to improve the business.

The documented controls need to become a new lens for evaluating the business, according to Sumpter. He says one of the best things you can do in your own company is to introduce yourself to your company’s internal auditor and ask him to see the work he is doing with S-O with regards to your part of the business. You will be enlightened by the experience.

“Controls are nothing more than information points that set a context for action that cut across all parts of the business,” Sumpter said.

In the rush to comply, businesses view their projects in isolation and manage them disparately. Compliance efforts are mainly manual and separated from the flow of business. There are problems whenever key people leave, when processes are improved or new systems implemented, or when the business is sold or acquired. Compliance needs to become a dynamic and action-oriented way to do business, integrated into all the processes, data centric and automated. The question you need to ask your CFO and your finance organization is how do we use the financial controls process to help sustain and drive business improvement?

To achieve compliance, there is a top-down and a bottom-up approach. Top down includes:

  • Confirm business goals and initiatives
  • Establish priorities
  • Identify key dependencies

Bottom-up include:

  • Portfolio analysis
  • Qualitative analysis
  • Cost of control analysis

The process is to define and analyze, then evaluate the opportunities and build the business case. The results of the top-down and the bottom-up analysis will help the business to:

  • Improve the quality of controls and better manage risk
  • Improve business performance
  • Reduce the ongoing cost of compliance over time
  • Develop better business insights

Identify and prioritize the opportunities for immediate and future initiatives based on the strategic needs of the business and make the business case for change.

Similar Resources

Understanding the Difference Between a Certificate and Certification

Understanding the Difference Between a Certificate and Certification

Author(s):

Gregg Rock
Editor & Founder, BPMInstitute.org, BAInstitute.org and DBIZInstitute.org

As professionals seek to advance their careers or pivot to new fields, understanding the variety of learning and credentialing options is essential. At BPMInstitute.org, we often encounter students wondering whether they should pursue a certificate or certification in Business Process Management (BPM). This article is designed to clarify the differences, highlight the benefits of each, and guide prospective students in making the best decision for their career goals.

Enhancing Your Team’s BPM Capabilities: The Value of External Expertise

Enhancing Your Team’s BPM Capabilities: The Value of External Expertise

Author(s):

Gregg Rock
Editor & Founder, BPMInstitute.org, BAInstitute.org and DBIZInstitute.org

Enhancing Your Team's BPM Capabilities: The Value of External Expertise In today’s dynamic business environment, managing and improving business processes is critical for any organization aiming to maintain a competitive edge. Many companies consider handling Business...

Exploring Shared Data Model and Notation (SDMN) and Its Role in BPM+

Exploring Shared Data Model and Notation (SDMN) and Its Role in BPM+

Author(s):

Gregg Rock
Editor & Founder, BPMInstitute.org, BAInstitute.org and DBIZInstitute.org

Exploring Shared Data Model and Notation (SDMN) and Its Role in BPM+ Introduction In the evolving landscape of Business Process Management (BPM), the introduction of Shared Data Model Notation (SDMN) marks a significant advancement. As businesses increasingly seek to...

Featured Certificate: BPM Specialist

Everyone starts here.

You're looking for a way to improve your process improvement skills, but you're not sure where to start.

Earning your Business Process Management Specialist (BPMS) Certificate will give you the competitive advantage you need in today's world. Our courses help you deliver faster and makes projects easier.

Your skills will include building hierarchical process models, using tools to analyze and assess process performance, defining critical process metrics, using best practice principles to redesign processes, developing process improvement project plans, building a center of excellence, and establishing process governance.

The BPMS Certificate is the perfect way to show employers that you are serious about business process management. With in-depth knowledge of process improvement and management, you'll be able to take your business career to the next level.

Learn more about the BPM Specialist Certificate

Courses

  •  

 
Certificates

  • Business Process Management Specialist
  • Earning your Business Process Management Specialist (BPMS) Certificate will provide you with a distinct competitive advantage in today’s rapidly evolving business landscape. With in-depth knowledge of process improvement and management, you’ll be able to take your business career to the next level.
  • BPM Professional Certificate
    Business Process Management Professional
  • Earning your Business Process Management Professional (BPMP) Certificate will elevate your expertise and professional standing in the field of business process management. Our BPMP Certificate is a tangible symbol of your achievement, demonstrating your in-depth knowledge of process improvement and management.

Certification

BPM Certification

  • Make the most of your hard-earned skills. Earn the respect of your peers and superiors with Business Process Management Certification from the industry's top BPM educational organization.

Courses

 
Certificates

  • Operational Excellence Specialist
  • Earning your Operational Excellence Specialist Certificate will provide you with a distinct advantage in driving organizational excellence and achieving sustainable improvements in performance.
 

 

OpEx Professional Certificate

  • Operational Excellence Professional
  • Earn your Operational Excellence Professional Certificate and gain a competitive edge in driving organizational excellence and achieving sustainable improvements in performance.

Courses
Certificate
  •  

  • Agile BPM Specialist
  • Earn your Agile BPM Specialist Certificate and gain a competitive edge in driving business process management (BPM) with agile methodologies. You’ll gain a strong understanding of how to apply agile principles and concepts to business process management initiatives.  
 

Business Architecture

 
Certificates

  • Business Architecture Specialist
  • The Business Architecture Specialist (BAIS) Certificate is proof that you’ve begun your business architecture journey by committing to the industry’s most meaningful and credible business architecture training program.

  • Business Architecture Professional
  • When you earn your Business Architecture Professional (BAIP) Certificate, you will be able to design and implement a governance structure for your organization, develop and optimize business processes, and manage business information effectively.

BA CertificationCertification

  • Make the most of your hard-earned skills. Earn the respect of your peers and superiors with Business Architecture Certification from the industry's top BPM educational organization.

Courses

 
Certificates

  • Digital Transformation Specialist
  • Earning your Digital Transformation Specialist Certificate will provide you with a distinct advantage in today’s rapidly evolving business landscape. 
 

 

  • Digital Transformation Professional
  • The Digital Transformation Professional Certificate is the first program in the industry to cover all the key pillars of Digital Transformation holistically with practical recommendations and exercises.

Courses
Certificate

  • Agile Business Analysis Specialist
  • Earning your Agile Business Analysis Specialist Certificate will provide you with a distinct advantage in the world of agile software development.

Courses
Certificate
  • DAS Certificate
  • Decision Automation Specialist
  • Earning your Decision Automation Certificate will empower you to excel in the dynamic field of automated decision-making, where data-driven insights are pivotal to driving business innovation and efficiency.