Determining the Determining the Effectiveness & ROI - - PDF document

determining the determining the effectiveness roi
SMART_READER_LITE
LIVE PREVIEW

Determining the Determining the Effectiveness & ROI - - PDF document

Jul 09, 2023 401 likes •504 views

6/18/2012 Effectiveness & ROI of GRC June 22, 2012 1 Determining the Determining the Effectiveness & ROI Effectiveness & ROI of Your GRC Program of Your GRC Program Bob Conlin, Chief Products Officer SCCE Regional Conference June

slide-1
SLIDE 1

6/18/2012 1

Determining the Effectiveness & ROI

  • f Your GRC Program

Determining the Effectiveness & ROI

  • f Your GRC Program

Bob Conlin, Chief Products Officer

SCCE Regional Conference June 22, 2012

June 22, 2012 Effectiveness & ROI of GRC 1

Today’s Objectives Today’s Objectives

A discussion around:

Tracking ethics and compliance success

Measuring the ROI of your ethics and compliance programs & technology

Effectiveness & ROI of GRC June 22, 2012 2

Why listen to a GRC vendor? Why listen to a GRC vendor?

 Combined ‐ ELT, EthicsPoint and Global Compliance have:

 6,500+ customers  75% of the Fortune 100  More than half of the Fortune 1000

 Sponsored an independent ROI study to determine the facts presented

today

 Our sales effectiveness depends on our ability to help prospects build a

business case backed by a strong, defensible ROI

June 22, 2012 Effectiveness & ROI of GRC 3

slide-2
SLIDE 2

6/18/2012 2

Material Costs of Ineffective GRC Material Costs of Ineffective GRC

The numbers tell the story: $49M

Average sanction for unlawful ethical violation

5%

Annual revenue lost to fraud

$2.4B

in fines collected by DOJ in 2010‐11

43‐year

record high in EEOC charges

50%

  • f witnessed

unlawful misconduct goes unreported

June 22, 2012 Effectiveness & ROI of GRC 4

A recent study by the National Whistleblowers Center found that 89.7% of employees who eventually file a lawsuit, such as a False Claims Act case, initially reported their concerns internally to either their supervisor or compliance department.

June 22, 2012 Effectiveness & ROI of GRC 5

RISK DATA BEING LOST OR SILOED RISK DATA BEING LOST OR SILOED

Observed

100%

Source: Compliance and Ethics Leadership Council

50%

Unreported and lost

30%

Siloed or trapped Actual risk being addressed

20%

June 22, 2012 Effectiveness & ROI of GRC 6

slide-3
SLIDE 3

6/18/2012 3

In 2011, some 56% of frauds had exhibited one or more prior red flags but only 10% of those had been acted on. This means that company and public sector employees are consistently failing to identify, or respond appropriately to warning signs.

June 22, 2012 Effectiveness & ROI of GRC 7

GOVERNANCE, RISK & COMPLIANCE GOVERNANCE, RISK & COMPLIANCE

8

Control, Monitoring & Enforcement Event & Case Management Strategy, Performance & Objectives Reporting & Analytics Audit & Assurance Risk Management Policy & Procedures Compliance Management

June 22, 2012 Effectiveness & ROI of GRC

Legal Risk Management Corporate Compliance Corporate Security Internal Audit HR Information Technology

FRAGMENTED OVERSIGHT FRAGMENTED OVERSIGHT

June 22, 2012 Effectiveness & ROI of GRC 9

slide-4
SLIDE 4

6/18/2012 4

No longer can organizations afford to focus on single risk and compliance issues as unrelated projects; nor can they allow software Band‐Aids that are not integrated with the business to masquerade as GRC. A targeted strategy addressing GRC through common processes, information and technology gets to the root of the problem.

June 22, 2012 Effectiveness & ROI of GRC 10

THE NET THE NET COMPONENTS OF EFFECTIVE COMPLIANCE PROGRAM COMPONENTS OF EFFECTIVE COMPLIANCE PROGRAM

Tone at the Top Risk Assessment Policies, Procedures, Guidelines Reporting Mechanism Monitor & Assess Risk Assessment

June 22, 2012 Effectiveness & ROI of GRC 11

Integrity Capital: 5.8% higher Integrity Capital: 5.8% higher

7.9% 2.1%

Companies with open and active employee communication Other companies

Employees’ comfort level in sharing honest feedback correlates with strong business returns:

SOURCE: COMPLIANCE AND ETHICS LEADERSHIP COUNCIL

June 22, 2012 Effectiveness & ROI of GRC 12

slide-5
SLIDE 5

6/18/2012 5

The GRC Maturity Model The GRC Maturity Model

C O M P L I A N C E C O M P L E X I T Y UNINFORMED | REACTIVE | ADAPTIVE | PROACTIVE | FULLY INFORMED

Effectiveness & ROI of GRC June 22, 2012 13

EFFECTIVE GRC ENABLES CLIENTS TO: EFFECTIVE GRC ENABLES CLIENTS TO:

COLLECT MANAGE LEARN

risk data from multiple sources risk and case information in a centralized system from risk‐related data and monitor program effectiveness

June 22, 2012 Effectiveness & ROI of GRC 14

 Achieve business objectives  Make better decisions  Build strong cultures  Increase stakeholder confidence

ACT

 Protect your brand  Manage organizational risk  Optimize economic & social value

June 22, 2012 Effectiveness & ROI of GRC 15

EFFECTIVE GRC ENABLES CLIENTS TO: EFFECTIVE GRC ENABLES CLIENTS TO:

slide-6
SLIDE 6

6/18/2012 6 Determining the ROI Determining the ROI

  • f your

ethics & compliance programs

June 22, 2012 Effectiveness & ROI of GRC 16

Compliance impacts ROI Compliance impacts ROI

6/18/2012 17

Proactive compliance programs improve performance, employee relations, brand equity and shareholder value. Superior governance practices generate 20% greater profit. Superior governance practices generate 20% greater profit.

P R OFI T A B I L I T Y

Strong sense

  • f cultural

integrity boosts shareholder return by 16%. Strong sense

  • f cultural

integrity boosts shareholder return by 16%.

P E R FOR M A N C E

Organizations in compliance avoid up to 95% of fines and penalties. Organizations in compliance avoid up to 95% of fines and penalties.

L I M I T E X P OS U R E

Every $1 spent saves $5.21 in liability, brand damage & lost productivity. Every $1 spent saves $5.21 in liability, brand damage & lost productivity.

M E A S U R A B L E R OI ‐ MIT Sloan School of Management ‐ Corporate Executive Board ‐ General Counsel Round Table ‐ Federal Sentencing Guidelines Meet NewCo: Compliance Experts

Quantify your program Quantify your program

VALUE AREA SPECIFIC BENEFITS Operational Efficiencies Reduce time spent talking and recording hotline calls Reduce time spent recording and reporting incidents Reduce time spent setting up incident cases Savings on materials, mailing and storage costs Reduce audit time and costs Reduce time spent generating management reports Reduce duplicated effort Corporate Risk Increase awareness of small and medium‐sized incidents Reduce fines and penalties from regulatory bodies Corporate Oversight Reduce fraud and other unexpected loss events Reduce litigation and settlement costs Protect revenues by proactively managing risk

June 22, 2012 Effectiveness & ROI of GRC 18

slide-7
SLIDE 7

6/18/2012 7

Collect Collect

REDUCE TIME SPENT RECORDING AND REPORTING INCIDENTS.

Prior to having an automated system there used to be a significant amount of FTE time required at a number of stages in the process: from 30‐60 minutes required for each hotline call, 2‐3 hours per case to get each set‐up and into the system, and about half a day needed for each report that had to be created. – Staffing Coordinator

June 22, 2012 Effectiveness & ROI of GRC 19

Manage Manage

REDUCE THE DUPLICATION OF EFFORT

 Numerous departments are stakeholders

  • f a single investigation, often repeating

work

 A centralized data repository enables

authorized users from every department to see what is being worked on in real‐ time, avoiding duplication of effort The average time required to resolve a case was reduced by at least 10%, due to a reduction in duplication of effort, eliminating issues such as the amount of follow‐up needed between different groups. – Staffing Coordinator

June 22, 2012 Effectiveness & ROI of GRC 20

Learn Learn

INCREASE AWARENESS OF INCIDENTS AND ALLEGATIONS

There was a 40% increase in the number

  • f cases reported after

the implementation of the EthicsPoint system.

– Manager, Cases & Compliance

June 22, 2012 Effectiveness & ROI of GRC 21

slide-8
SLIDE 8

6/18/2012 8

Act: Use data to improve efficiency Act: Use data to improve efficiency

Key compliance management challenges facing organizations:

 Minimizing time & costs requires to manage all aspects of case

management

 Reduce duplication of effort across multiple departments and

processes

 Allocate training programs and policies where needed based on active

and historic data

 Increase overall corporate oversight to avoid fines/penalties, fraud

and other unexpected loss events.

June 22, 2012 Effectiveness & ROI of GRC 22

ROI BY VALUE DRIVER ROI BY VALUE DRIVER

June 22, 2012 Effectiveness & ROI of GRC 23

BENEFIT SUMMARY SAMPLE BENEFIT SUMMARY SAMPLE

June 22, 2012 Effectiveness & ROI of GRC 24

slide-9
SLIDE 9

6/18/2012 9

Sample Client Sample Client

INDUSTRY

Large energy services company

REQUIREMENT

Meet anti‐bribery standards under UK Bribery Act, FCPA, and Dodd‐Frank

CHALLENGE

Heavily manual processes for identifying, documenting and measuring incidents across four functional groups

  • Code of conduct provided for 16 different means of raising issues
  • Issues being documented on paper via manual processes
  • Duplication of effort happening in assigning cases, re‐keying data, and capturing

multiple reports on the same issue

APPROACH

  • Conducted a stakeholder analysis to identify key areas of documentation by each

functional group.

  • Documented current state and desired state for process and touch points
  • Created process maps and policies to enforce consistent workflow
  • Developed change management and training strategy for key stakeholders and teams

IMPACT

  • Investment: $300,000 over 3 years
  • Payback 3.3 Months
  • ROI 605%

June 22, 2012 Effectiveness & ROI of GRC 25

Sample Client Sample Client

Increase

  • perational

efficiencies Reduce corporate risk Improve

  • versight

June 22, 2012 Effectiveness & ROI of GRC 26

Questions? Questions?

Bob Conlin

Chief Products Officer bconlin@ethicspoint.com

Effectiveness & ROI of GRC June 22, 2012 27