Compliance is often viewed as a cost of doing business. However, instead of viewing compliance only as an expense and something to reduce, what if it was seen as part of the overall business value proposition.
In Geoffrey A. Moore's book entitled, "Zone to Win" he introduces a framework for understanding how change in the form of disruption can be introduced and managed to help organizations successfully compete. This is a very useful model not only to understand how companies can best prioritize their efforts but also to understand where and how compliance fits in.
The Four Zones
Moore describes 4 zones that define different areas of the business each having distinct goals, focus, and attention during disruption. The following diagram presents these zones with compliance added in RED:
Performance Zone – The focus of this zone is to execute the business model and creating revenue.
Productivity Zone – This zone focuses on efficiency, effectiveness and meeting compliance. This is the home of shared services, programs, systems and where cost is managed.
Incubation Zone – This zone is looking 3-5 years out to position the company to catch the next wave of growth.
Transformation Zone – this is where a disruptive business model scales and is introduced to the performance zone.
The productivity zone according to Moore is responsible for delivering the following value propositions:
Regulatory compliance – meeting obligations
Improved efficiency – doing things right
Improved effectiveness – doing the right things
This is also the primary place where LEAN is applied and where compliance improvements are made.
Moving Compliance to the Performance Zone
While compliance is enabled by the productivity zone it is manifested in the performance zone. This creates a number of tensions including that between production and compliance objectives such as: safety, quality, environmental, regulatory, and so on.
When you view compliance only as a cost you want to spend as little on it as possible. This can often lead to reducing the effort altogether instead of investing in compliance maturity. When it comes to safety, quality, and regulatory compliance this can create significant risk.
Moore is correct in saying that as is the case of quality you cannot inspect compliance in; you have to design it in.
I would argue that you need to go further and say that you don't have a business without compliance. Therefore, it is not simply a choice between whether to inspect or design in quality; you need to do more.
LEAN talks about value in terms of activity that directly contributes to building the product the customer is purchasing. For example, inspections are seen as necessary but not value added. If the product is built correctly in the first place you would not need to do inspections. The customer does not want to pay for the cost of rework.
Now, this line of thinking can (inappropriately) also be made regarding safety. If only workers acted in a safe manner we would not need safety systems. Safety systems only exist because of unsafe behaviors and the customer should not have to pay for that.
The question that is really being asked is, "what is the value of compliance and is that something that customers are willing to pay for?" This same question was asked during the early days of quality. We now know the answer: quality adds value, reduces cost, and is something that customers are willing to pay for. This is now were compliance is at.
Compliance is more than a cost or just necessary to obtain a regulatory license. Compliance contributes directly to and is part of a company's:
business value proposition,
social license to operate (legitimacy, credibility, trust),
regulatory license to operate (quality, safety, environmental, integrity),
and customers will not only pay for it; they will demand it.
It's time to make compliance a full citizen of the performance zone and not just a visitor.
