 "Welspun corporate office building is pictured in Mumbai")
In a hyper connected world and an era of heightened disclosure requirements, a crisis faced by a company spreads like wildfire with a tumbling impact on its share price. For how long the stock plummets depends on how deep the problem runs and the extent to which it can potentially impact the financial health, competitiveness quotient and reputation of the company. This is a recurring phenomenon that has made even large global companies go into a downward spiral over escalating crises that have threatened their reputation. There are many reasons for stock prices to tumble, but a risk of major non-compliance leading to trust erosion generally results in a sharp drop. The effort towards recovery is generally slow, painful and in some cases non-yielding.
These kinds of crises lay bare the readiness and responsiveness of an organisation, testing the company’s leadership and character. Who navigates the company through rough weather becomes a key question. While the immediate responsibility is that of a chief executive officer, often boards have to step in when the crisis engulfs the CEO as well.
Dealing with such risks needs special skills. Therefore, boards need to design systems and processes that pre-empt such scenarios, thereby reducing the odds of being caught off guard. Prevention in these cases is certainly less expensive than cure.
In India, the Companies Act, 2013, has laid significant emphasis on improving the culture of compliance within enterprises through specific requirements and accountability for risk management, internal controls and compliance with laws and regulations. While the audit committee’s role has evolved over the years and this has resulted in improving financial prudence, it is time boards pay attention to strengthening other committees and improve compliance processes through them. A look at the top companies from Nifty indicates that most companies have formed Risk Committees according to the Securities and Exchange Board Of India’s guidelines. The risk committee can take a leading role in ensuring that compliance risk is mitigated. Certain business risks have rewards associated with them, but not compliance risks, which are best dealt with by mitigating through proper assessment and deploying adequate controls.
For boards to deal with compliance management on a systematic and sustained basis, they should:
Set up compliance committee
A strong message defining culture of compliance needs to be driven from the top. Compliance is not a priority agenda for boards as they understandably need to have oversight on several other matters pertaining to the functioning of a company. To this effect, boards should form a separate committee to oversee compliance and schedule at least two meetings in a year to understand compliance readiness of a company in greater detail. The time will be well spent because it may help boards detect the fault lines before the circuit trips. There should be a management committee as well, represented by senior executives heading respective functions, i.e. environmental, legal, secretarial, risk, finance, HR, quality, etc.
Focus on subsidiaries
For organisations with global subsidiaries, it often becomes challenging to ensure complete compliance because of the lack of wherewithal, resources and authority. A Deloitte India compliance survey report published in 2015 shows that 58 per cent of Indian organisations do not have designated compliance officers in their subsidiaries, business units and geographies, compromising objectives of the programme.
Compliance management mechanism
It is often necessary to develop detailed compliance libraries that enlist specific requirements under various statutes, define internal owners and factor in consequences of non-compliance. For businesses that have extended supply chains, contractual compliance becomes critical and needs to be monitored closely. Similarly, all important licences have to be closely monitored for validity and business continuance. Investment in training is also necessary to ensure owners understand importance of their actions and consequences of errors.
Monitoring and reporting system
Compliance requirements cut across all functions and levels of organisation. Deployment of technology solutions makes the programme efficient to manage and helps it permeate across length and breadth. The monitoring mechanism should be designed to have a three-pronged approach through self-assessment and certification, assurance by internal audit and lastly through periodic assessment by external experts. A robust whistle-blower mechanism also helps.
In an increasingly globalised world, compliance is the only factor that maintains order amidst chaos. Today, technology is making the world a level playing field, creating opportunities for smaller companies to participate in global supply chains. However, these companies need to realise that they not only have their own reputation to safeguard, but also have to uphold India’s image. For “Make in India” to succeed, companies need to ensure that the world can trust what is “Made in India”.
The writer is partner, Deloitte Touche Tohmatsu India LLP
