If the Royal Commission has highlighted anything, it is the fact that the solutions require more than just a greater number of bodies being thrown at the issues raised.
Recently, the Australian Financial Review (AFR) reported that demand for risk and compliance roles is slated to rise.
Randstad Risk and Compliance Team Leader, Andrew Wouterz, told GRC Professional that opportunities in GRC have been growing steadily, with 61 per cent growth in 2017 and 62 per cent 2018.
“I think every company has its own situation, but generally, we are seeing that compliance has a seat further up the table than they did two-to-three years ago, and they have a lot more influence and power,” Wouterz said. “I think companies are on that journey where they see compliance, and see the benefits and usefulness, but what we are hearing anecdotally, and seeing, is that a lot of companies are raiding their project spends, and they’re raiding them for anything associated with the Royal Commission.”
The international recruiting firm has seen the biggest growth in jobs ranging between the $90,000 to $170,000 mark. Wouterz also emphasised that bonuses and salaries are being targeted towards a very select group of specialists.
“Also, we have seen transformation around analytics, robotics, and artificial intelligence.”
While Woutersz expects the spend on risk and compliance will to continue grow, it will be interesting to see whether the risk and compliance investment will be in people or whether it will focus more on Regtech solutions to automate the administrative elements of risk and compliance.
The prospect of growth is driven by the compliance failures that have been revealed by the findings of the Royal Commission.
In 2018, Director of Compliance and Complaints, Bill Dee, wrote the for GRC Professional magazine:
The Royal Commission’s evidence has thrown up serious questions about the dismal state of compliance culture of the bodies under scrutiny, and the unhealthy status of the compliance function within organisations. The forensic microscope of the Royal Commission has unflinchingly exposed wholesale system failures, and, in particular, compliance management system failure.
This is especially significant when one considers that both the Australian Securities and Investments Commission (ASIC) and the Australian Prudential Regulation Authority (APRA) have had their funding boosted, along with increased pressure to prosecute more.
Prior to the confirmation of increased government funding to the federal courts to focus corporate crime, ASIC Chairman, James Shipton, said during the Royal Commission hearing that ASIC will be taking the position of ‘Why no litigate?’.
This means that businesses will not be able to depend on agreements or enforceable undertakings if a breach has been discovered but can expect the regulator to take litigious action.
The right GRC people?
But will any of this have a material impact on whether risk—and especially compliance—professionals, will start getting the resources they need to do their jobs?
Earlier this week, GRC Professional got an opportunity to catch up with GRC Institute Director, Carolyn Hanson, who has been advocating for the professionalisation of compliance.
Hanson worried that the bigger spend in compliance might equate to throwing more bodies at the problem.
“What you need are the right people,” Hanson explained, “and not necessarily more people. By that, I mean getting in people who know and understand the business, and who understand the regulatory obligations, and who can then apply obligations to the business situation pragmatically.”
She added that, failing this, organisations may end up with ‘tick box’ compliance or not applying the obligations in the manner they were intended.
“Most of the obligations are not there for you to simply set up a checklist. They are there to encourage you not to do the wrong thing, and that I think that’s something that we miss sometimes.”
The change in the perception of compliance is not unique to Australia. Angus Young, from Hong Kong Baptist University, said there is reliable statistical evidence that investment into compliance has been increasing.
The GRC Professional reached out to Young, who has been keeping a close eye on the regulatory developments and the Royal Commission in Australia.
Young has also called for better standards for training in Hong Kong.
In Hong Kong, risk and compliance has been growing because of political and reputational risk exposure—particularly where Hong Kong-based companies are doing business with other highly-regulated jurisdictions.
“With the bribery case of former HK Minister, Patrick Ho, the extradition case of Sabina Meng of Huawei, as well as more legal actions of the Justice Department in the US against Chinese companies, I think Chinese companies will try to poach HK's compliance professionals, especially those who can speak Mandarin (Putonghua) because there are even fewer individuals with that kind of expertise and experience on the Mainland,” Young said. “Further, the need for compliance professionals with international exposure to various jurisdictions like the US, EU, UK, and other major markets, will be in higher demand on the Mainland and in Hong Kong. Also, with the HK branch of JP Morgan being reprimanded and fined by HKMA for compliance failures on the 28 December 2018, highly experienced compliance professionals with excellent track records or experience in major markets will be in greater demand—all of which will drive up the costs of hiring highly-experienced compliance professionals in HK.”