Regular guest on the GRC Professional Podcast and frequent contributor to GRC Professional Magazine Angus Young, from Hong Kong Baptist University, has been a major advocate for the elevation of compliance in Hong Kong and Australia.
Young’s interests lie not only in seeing the standard of compliance elevated, but also in helping to create a shift in the existing regulatory models where regulators change the way they enforce regulation.
His publication, A Concise Guide to Corporate Compliance, sets up a solid foundation for compliance practice.
It’s hard not to see Young’s work in the context of major compliance breaches in Australia; however, he also draws on examples and speeches from both the Australian and Hong Kong context, and considers the ASX Governance Code, the Hayne Royal Commission, and its implications for businesses and business compliance functions.
Young’s work comes at a time when compliance roles are becoming more demanding, as a result of increased regulatory complexity. In the Australian context, the Hayne Royal Commission sparked increased investment in the risk and compliance space, particularly in an environment where there is a growing trend of mandatory codes of conduct and where regulators like the Australian Securities and Investments Commission (ASIC) have made new commitments to first asking the question of ‘Why not litigate?’.
This concise guide on corporate compliance management is written for those who are thinking of embarking on a career in compliance, starting out as a compliance officer, and senior managers who want to understand what compliance involves.
The text begins by first examining theories of regulation and the role these theories play in their markets and how they are intended to influence regulated entities.
Some would be familiar with Young’s thoughts regarding the tactics’ regulators should employ when using enforcement tools, from an interview with the GRC Professional Podcast earlier this year.
Young takes the time to examine the different types of regulation, dividing this into three categories: public interest theories; private theories; and institutional theories.
Understanding different regulatory methods is highly relevant, if not integral to how compliance can be achieved, because each determines the regulatory instruments governments and stakeholders use to achieve regulatory objectives.
Young breaks the principles into bite-sized pieces and provides recommendations on how compliance professionals should be looking at regulations and the new environment.
He then moves from discussing regulatory principles to looking at the competing standards around risk management. He considers risk management from the compliance perspective when he notes that risk assessments will have implications for prevention detection, reduction and ‘unwanted regulatory risks’.
He also looks at governance and the challenges there when it comes to risk and compliance often not being mentioned explicitly.
From compliance monitoring to compliance policy setting and training, to the contentious issue of culture and how best to manage these challenges, Young’s text provides a concise yet comprehensive view of corporate compliance management.