Homepage GRC Institute newsroom

Media Alert: Royal Commission

Announcement posted by GRC Institute 13 Feb 2019

Rebuilding Trust Will Require Significant Change

Sydney, Australia—13 February—The GRC Institute (GRCI) welcomes the actions of those organisations sending a clear message to their leadership that they are willing to make difficult decisions to achieve meaningful change. The resignations of Ken Henry and Andrew Thorburn at NAB are two strong examples.

However, the GRCI, premier professional association in Risk and Compliance, cautions that symbolic sacrifices are not enough. Directors should consider themselves on notice: being unaware of issues is no longer a valid excuse. Priorities must be shifted to ensure the circumstances that led to the Royal Commission don’t happen again.

“If they have not already done so, directors, CEOs and senior management need to clear the obstacles and reporting line filters between themselves and their compliance teams. They must provide power, access and resources immediately to their compliance teams to ensure they are in a position to act on what we have all learned through the Royal Commission, and to rebuild the trust of their customers,” GRCI’s Managing Director, Naomi Burley said.

She added that senior management needs to schedule urgent meetings as a top priority with their Heads of Compliance, not just with their risk teams, and to hear, digest and inform themselves of every competing issue. Only with this knowledge can they then honestly and meaningfully set priorities for change. “Your compliance team is more than just an administrative function,” said Burley. “They are possibly the only personnel you have who are equipped to lead the changes necessary to positively impact customer trust.”

Directors and senior management must adopt a proactive, strategic view towards breach detection, customer complaints and issues reported by staff—that is, they must learn to see such information as valuable, rather than as ‘bad news’. A lack of detected and reported breaches is the real bad news. If directors and senior management are not hearing about these issues, they have already breached their staff’s internal trust by failing to act decisively and without prejudice to protect the company’s reputation, as well as the reputation of employees and customers. And that simply isn’t good enough.

Unfortunately, the business drivers for investing in Compliance and Risk management come unstuck because all many see is that the cost of remediation is huge, when issues are identified. However, organisations that understand and manage their risks proactively, and that build sustainable and robust business practices for the future, can by-pass the pitfalls of remediation. Risk and Compliance not only detects issues, it has the potential to complement the business strategy by building stronger, more sustainable enterprises in the long run.

Burley concludes that, “Compliance professionals are the best-placed team members to assist organisations to strategically rectify the damage they have sustained through poor behaviours. But for too long, many have been prevented from communicating directly with those who need to know what they know. The myth that compliance ‘slows down’ business growth is complete fiction. Hopefully, directors have discovered that doing things right in the first place might have prevented eighteen months of pain and immense expense.”

For further information, you can contact GRCI directly via the contact listed above.

 

About the GRC Institute

The GRC Institute (GRCI)—formerly known as ACI—is the pre-eminent member association, servicing compliance and risk management professionals since 1996. We aim to unify and strengthen the GRC profession to provide a community in which individuals can come together to share knowledge, challenges and ideas on solutions to mould their vision for the future. For more information, visit: http://www.thegrcinstitute.org/

 

Proudly supported by our Principal Members: Westpac, NAB, ANZ, AMP, Commonwealth Bank and AIA.