Updated: Feb 21
Continuous Improvement (CI) is an essential part of operational excellence to increase the performance of operational processes used in the creation of products or services. Improvement strategies and techniques such as: Plan-Do-Check-Act, LEAN, Six-Sigma and others have been applied incrementally by many companies for years with remarkable results.
However, when it comes to compliance programs such as: quality, safety, environmental, and regulatory we find that companies are less certain about how to improve performance of these processes let alone effectiveness. With increasing compliance demand coming from government regulations, industry standards, and internal policies and standards, this presents a daunting challenge for many organizations to keep up let alone improve their compliance.
Compliance is part of everything a company does
Many companies will have a variety of programs dedicated to compliance usually driven by regulatory requirements although for many it is the industry specific standards that take up the majority of their compliance resources.
It is common practice for companies to adopt voluntary, industry standards such as ISO 9001 (Quality), 45001 (OH&S), 14001 (Environment) along with others, to provide a baseline for normative behavior with respect to these objectives. While these guidelines and standards are useful, they are management-based in their design and do not prescribe levels of performance or specifics on how to improve. However, they all require that compliance improves in maturity (i.e. capability, competence, outcomes, etc.) over time.
The adoption of numerous regulatory and voluntary standards tends to result in a disintegrated set of management systems and processes supporting overlapping and often conflicting obligations. It is not uncommon to have separate systems for quality, environmental, health, safety, security under the name of QEHSS. And the list of letters does not end there as companies in highly regulated, high risk sectors often have18 or more compliance programs to contend with:
When you also consider compliance to internal policies and standards, it is easy to conclude that compliance is embedded in every aspect of an organization.
No wonder the reactive approach to compliance based on audit-fix cycles as the primary driver for improvement needs to change. It simply cannot scale and keep up by reacting to things after the fact.
Compliance needs excellence
So how do you improve compliance and Is there such as thing as compliance excellence and if so how would this look?
To answer this, it is helpful to first understand that compliance is more than just a state or a condition. Compliance is not just checking off boxes to demonstrate that the right steps were conducted and where you get a "gold star" to say that you did. This is not grade school where we are looking to pass a test. There is much more at stake. The success of a company often hangs in the balance depending on the performance of its compliance programs.
Now compliance does have an element of complying with "prescriptive" requirements. But this is the basic level that companies are intended to move beyond. Compliance has a critical role to ensure that companies don't go outside the lines which would otherwise result in loss of margins, loss of customers, loss of trust, and perhaps even loss of the business. To do this well requires knowledge, skill, competency and supporting systems that perform in such a way to always keep companies on track and between the lines. Companies require "operational excellence" in how it does compliance.
Wikipedia defines operational excellence in the following way:
Operational Excellence is the execution of the business strategy more consistently and reliably than the competition. Operational Excellence is evidenced by results. Given two companies with the same strategy, the Operationally Excellent company will have lower operational risk, lower operating costs, and increased revenues relative to its competitors, creating value for customers and shareholders. It may more simply be interpreted as "Execution Excellence."
Some interpretations of this management philosophy are based on earlier continuous improvement methodologies, such as Lean Thinking, Six Sigma, OKAPI and Scientific Management. However, the focus of Operational Excellence goes beyond the traditional event-based model of improvement toward a long-term change in organizational culture. Companies in pursuit of Operational Excellence do two things significantly differently than other companies: they manage their business and operational processes systematically and invest in developing the right culture.
Operational Excellence manifests itself through integrated performance across revenue, cost, and risk.
From this definition it is possible to imagine operational excellence expanding to include risk, an essential focus of compliance. However, it can only do so if defined more as "Execution Excellence" as opposed to "Cost Reduction." The latter of which preoccupies the majority of continuous improvement initiatives today.
However, there is too much at risk to wait for operational excellence to embrace this broader definition. Until it does, companies should make "Compliance Excellence" a priority to support their quality, safety, environmental, security and regulatory objectives.
This will involve the application of continuous improvement, the elimination of waste and variability, but as importantly the reduction of risk. The latter requires risk management skills and capabilities that so far have been lacking from operational excellence but are essential for compliance.
It's time to take Michael Porter's value chain analysis and add compliance activities along side the value chain:
Competitive advantage now includes cost, differentiation, focus and compliance leadership. Managing risk better than anyone else may in fact be decisive in determining which companies last and which ones fail to complete their mission.