The Cost of Compliance: Time & Money
According to survey data released in Q1 2017 from the National Small Business Association, on an average small business owner currently spend more than $83,000 ongoing compliance in the first year of operation.
Too much of a cost isn’t it?
The same survey found that small-business owners spend an average of $12,000 a year on direct and indirect regulatory costs. Those include workplace upgrades, daily work routine changes and attorney fees, as well as time taken away from other business tasks to understand regulations and meet with specialists. Over the course of five years, the average cost of regulatory citation fines was $30,651, the survey found.
“The impact of regulatory burdens cannot be overstated: more than one-third have held off on business investment due to uncertainty on a pending regulation, and more than half have held off on hiring a new employee due to regulatory burdens,” say NSBA Chair Pedro Alfonso and President and CEO Todd McCracken, in a preface to the survey results.
Managing regulatory compliance isn’t just a financial burden, it is time-consuming as well. One in three small-business owners report spending more than 80 hours a year meeting requirements, the survey says.
What are Your Options?
Most business owners would tremble at the thought of neglecting their regulatory responsibilities. Hence, their only alternatives would be either through the:
- Use of technology that allows for greater data analytics and reduces overall hours spent on manual compliance tasks, or
- Outsourcing of ongoing compliance work to the experts that have the relevant tools at their disposal and experience, such as Argus
first is usually far too expensive for the SME market, at least with existing technology, leaving the preferable choice for most market-participants to be second.
Should You Outsource Compliance?
Demands for compliance functions within an organisation are rapidly increasing and so are the risks associated with failing to meet these demands. Due to the extent of compliance demands, many organizations maintain large and growing compliance functions that increase their overall operational costs. The increasing number and complexity of regulations, continuing shortage of talent, and constant pressure from stakeholders to reduce operating costs make this the opportune time to consider alternative strategies.
The decision to outsource may be driven by one or more of the specific challenges that compliance functions currently face, including the following:
- Coping with talent shortages
- Sub-optimal compliance processes
- Investing in technology infrastructure
- Addressing global compliance needs
- Increasing operating costs
- Additional regulatory complexities
Outsourcing: Do Your Homework
Financial Institutions (FIs) big or small have to be cautious considering Outsourcing compliance can present risks to data security as well as risks to proprietary trading and confidential information on strategies and operations. As such, an organization will want its third-party compliance provider to take appropriate measures to protect the security of the organization’s data, as well as be able to discharge their duties accordingly. Aside from the recommended approach stipulated by the Monetary Authority of Singapore when outsource compliance, FIs should also consider the following:
- At the request for proposal stage or third-party vetting stage, clearly, define the data security requirements and expectations for the security environment.
- During the provider selection process, assess the provider’s IT security and business continuity capabilities and plans.
- In contracting, require the provider to maintain a client-specific security and control environment.
- In the contract, define the frequency and types of provider audits the organization may conduct (e.g., scheduled or ad hoc, complete or partial).
- Provider selection criteria, service contracts and service-level agreements should place a high priority on data security and specify the tools and techniques that can be employed to achieve it.
It is via these methods that we see the effective Outsourcing of the Compliance function. If you want to know more, please feel free to contact us at firstname.lastname@example.org.
Follow us on LinkedIn.