top of page
Writer's pictureRaimund Laqua

The Risk and Compliance Problem



The risk and compliance problem:


  • Companies are too reactive.

  • Prescriptive policies, standards and regulations do not adequately protect against loss or ensure value creation.

  • High consequence risk rarely occur due to a failure of a single activity but instead occur because of an alignment of vulnerabilities across multiple activities (i.e. systemic risk).

  • The capabilities needed to manage systems is different than managing individual processes where results are limited to the sum of the parts.

  • To keep up at the speed that risk becomes a reality companies cannot wait for audit findings to make improvements.


The solution:


  • Companies must be more proactive.

  • Policies, standards and regulations need to and are transitioning to performance and outcome-based designs (e.g. vision zero)

  • Meeting performance and outcome-based obligations will require a holistic and integrative approach that goes beyond process improvement to focus on system effectiveness.

  • Capabilities must include managing interdependencies between and across functions to unleash performance where results are the product of the interactions.

  • Continuous improvement will be driven by the presence of uncertainty not only the presence of problems.


When companies adopt a proactive approach to risk & compliance they will have a competitive advantage because most others will not. And if they become good at it they will be unstoppable.


48 views

Related Posts

See All
bottom of page