When we wrote about our 2020 compliance trends, there was no way we could have predicted the COVID-19 pandemic and its impact on businesses. The pandemic has required all organizations to find ways to adapt to keep business moving and support their employees in the past several months. But it has not been an easy journey and many of these adaptations have created heightened risks. Some regulators have made changes to reflect this including the Office of the Comptroller of the Currency who will consider the impact of the pandemic on its enforcement. The Hong Kong Monetary Authority, too, has issued observations and best practices for the remote onboarding of customers which is something we will see more of. But it is likely that there are many hidden compliance landmines on the road ahead that may have significant consequences in the future.
From disrupted supply chains to weakened compliance practices, we take a look at the major new compliance risk trends you need to consider and how best to respond.
New Risk Trends
The COVID-19 pandemic threw standard business procedures into disarray. The disruption it created is likely to create these significant issues for businesses in the months and years ahead.
Weakened Compliance Practices
The Paycheck Protection Program (PPP) was one of many global relief initiatives that required financial institutions to operate swiftly, despite operating with a remote workforce. Working with new practices and procedures and under significant pressure, it is likely there were many hastily approved loans that compromised standard compliance practices. Without significant attention in the near future, it’s likely that these, and other decisions, will need to be reviewed post-acceptance to assess the risk-impact in the longer term.
Not enough focus on the “s” in ESG
When the pandemic hit full force in the United States in March, ESG-aware companies outperformed other stocks by up to 5.7 percent. If anything, the pandemic has further reinforced fund managers’ belief that ESG is worth worrying about. But how prepared are businesses to handle a new level of scrutiny from investors on social matters? Coronavirus has put the issue of company culture front and center, and investors will be looking to see which businesses have stood by their promises at this time of crisis.
Increased Supply Chain Risks and New High-risk Vendors
With 94 percent of the Fortune 100 experiencing disruptions as a result of the pandemic, weaknesses in supply chains were dramatically exposed. For many organizations that relied on single-sourcing models, there were limited options to keep their businesses moving. In the scramble for new vendors and suppliers, it is likely that usual risk tolerances have been compromised and higher risk third parties have been onboarded, potentially with inadequate due diligence. With the path ahead still unknown, businesses need to assess their supply chains and close the holes exposed by COVID.
Increased Fraud and Cyber Risk
Cybercriminals have taken advantage of the global crisis. There was a 600 percent increase in malicious emails during the crisis. In America alone, there were 200 percent more Business Email Compromise (BEC) scams between April and May this year, with attackers posing as vendors, suppliers, or customers in order to redirect vendor payments. The Association of Certified Fraud Examiners (ACFE) has described the pandemic as a “perfect storm” for fraud, with the question not if we see more fraud, but how much?
How Can You Best Respond?
While fire fighting may not have been in the original job description, it’s certainly been the norm for many compliance teams over the past few months. As the initial shock of the early pandemic days subsides, it is time to adjust best practices to reflect the “new normal.”
- Robust due diligence: Ensuring that your due diligence is consistent is crucial when faced with new third parties, customers, and heightened risks. Identifying red flags early in the relationships continues to be expected by regulators and should be the first line of defense in any compliance program. Sustainability due diligence will also position your business for success with ESG investors.
- Remediation programs: With so many decisions made in the heat of the moment, businesses will need to develop remediation plans to review clients and third parties onboarded during the crisis. Making sure there are no hidden surprises and that standards have been met will fare well under regulatory scrutiny.
- Ongoing risk monitoring: This vital tool has a more important role to play as the pandemic moves into the next phase. Being made aware of significant changes to your third parties, before they disrupt your supply chain or services, is invaluable in such an unsteady landscape.
- Utilizing technology: Managing compliance and due diligence remotely has been made possible by new technologies. Now more than ever, compliance teams must be efficient and resourceful, and technology plays a significant role in future due diligence. But getting the best out of compliance technology requires planning and experience. Maximizing its potential is possible when combined with human intelligence, and identifying this will put your business in the best possible position for recovery.
- Responsive risk management: Inflexible compliance solutions are no longer an option in a post-COVID environment. At IntegrityRisk, we know that a responsive and agile approach to risk management is the only way to meet the known, and unknown, challenges that lie ahead.
Contact us to discuss how to navigate the new normal with nimble compliance, and get ahead of compliance and due diligence trends.