top of page


Elevate Your Undestanding

Why Organizations Are Ineffective at Compliance

A seemingly simple question was asked of Satya Nadella, CEO of Microsoft, that resonates with profound implications: "Why do cars have brakes?" The answer given was "So they can go fast."

The wisdom encapsulated in his answer unveils a deep understanding of the science behind regulation and compliance and how they work together.

Compliance and Regulation
Compliance and Regulation

The Brakes-Compliance Nexus

At first glance, the connection between mechanical brakes and organizational compliance might seem distant. Yet, the essence of both lies in the pursuit of equilibrium between movement and restraint.

Just as brakes empower cars to accelerate while maintaining safety, compliance enables organizations to surge ahead while adhering to ethical and legal standards.

This intersection between brakes and compliance mirrors the principles of cybernetics—a field that studies control systems and communication in machines and living organisms.

External Regulation requires Internal Compliance

Imagine a world where cars sped along highways at varied and unrestricted velocities—a recipe for chaos and accidents. To prevent such mayhem, governments establish speed limits, serving as external regulators that impose a standard pace for safe travel.

This external control mechanism parallels the role of compliance regulations in organizations. Similar to speed limits, compliance obligations act as benchmarks, guiding companies to navigate within ethical and legal boundaries.

However, to meet external regulations requires compliance. Just as drivers commit to adhering to speed limits as a promise of responsible driving, organizations pledge to comply with regulations as a condition of their legal and social license to operate.

This commitment necessitates a process to ensure compliance—a practice mirrored in the automotive world by a driver's conscious control over their speed, facilitated by the use of brakes. This process is called: self-regulation.

Effective Compliance requires Effective Regulation

The interplay between compliance and regulation is not unlike a system of cooperating processes—effective compliance requires effective regulation, and vice versa.

Just as a car's braking system is a measure of compliance allowing the driver to self-regulate speed, organizations deploy compliance mechanisms to self-regulate within the constraints of legal, ethical, and social obligations. This reciprocal relationship is the crux of effective compliance.

The reason why organizations are not effective at compliance with external regulations is that they are not effective at regulating their functions, behaviours, and interactions.

Saying this another way, organizations usually don't have a "compliance" problem they have problem with self-regulation.


In the world of automobiles, brakes are more than just tools for deceleration – they represent the delicate equilibrium between speed and control.

In the same way, compliance isn't merely a checklist to be ticked off; it's an essential capability that allows organizations to navigate the dynamic landscape of risk while achieving their goals.

Just as drivers commit to staying within speed limits, businesses must commit to complying with regulations. For this they need the function of self-regulation - the science behind compliance, and the "brakes" to allow them to go fast.

So, the next time you hit the brakes in your car, remember the invaluable lesson they offer – the art of balancing speed and control, a lesson that resonates far beyond the realm of automobiles.


Related Posts

See All
Operational Compliance - Primer

"For Compliance to be Effective,

It First Must be Operational."

Download our Free

Operational Compliance - Primer


bottom of page