Neanderthal man had it easy – when faced with a sabre-toothed tiger the choices were simple – run away (flight) or stay and fight to get hide to keep warm and flesh to eat. That was good old-fashioned risk assessment!
Then Neanderthal man discovered suits – and red tape (aka bureaucracy) meaning rules – and rules produced vast amounts of paper. I call it toilet paper – used for wiping up the mess! The simple ‘fight or flight’ risk management process became much more complicated.
Risk management can be broken down into four options:
In today’s risk-averse world, everyone seems to be focused on either avoiding risk or offloading it onto someone else. Whilst avoiding risk is good – if avoidance means hampering the business operating effectively that’s definitely not good.
Dumping the risk on someone else isn’t always as simple as it seems. Some business owners have later discovered that, despite their protests that they have transferred the risk to a contractor, actually the buck still stops with the business owner and they’re liable.
Reducing the risk is good sense and the process of doing so is generally:
- 50% about getting the job done efficiently and effectively (and safely).
- 40% equally divided between information, instruction, training and supervision
- 10% ‘toilet paper’; the written evidence that outlines that you followed the rules even if an ‘accident’ happens and the ‘toilet paper’ is needed, to clear up the mess.
The problem is that the regulatory bodies are making it harder and harder for organisations to operate without yards of toilet paper. The focus is on the paperwork, not on getting the job done and it’s overcomplicated what were, essentially, simple processes. Some people are not even carrying out the processes – just doing the paperwork. That 10% grows to a much higher proportion and can actually cause business to stall whilst ‘someone’ is dealing with all that paper.
The paper trail
Compliance should not be an exercise in filling in forms and collecting reports. That kind of compliance simply encourages people to hide behind the rules, which becomes an excuse for not doing things or, for some people, a challenge to find a ‘short-cut‘ around the compliance requirements. That just creates more problems with unsafe and, sometimes, unethical, practices.
The challenge is that legislation has been delivered to excess – creating a complex mountain of paper that prevents the customer getting what they want, the way they want it. How can any organisation deliver world class service when, in order to be compliant, they are prevented from saying ‘yes’ without breaking the law? Imagine how that Neanderthal would fare with all that paperwork – the tribe would die from hunger whilst they worked out a ‘safe’ way to catch their dinner.
The current EU ‘cookie’ legislation is a classic example. All the big organisations are rushing to put something on their websites, every small web company is trying to jump on the ‘fast buck’ wagon and, already, there are cookie notices that are still not compliant. It’s just too complicated for most people to know what is OK. The rule is simple, but the means of compliance isn’t.
Even the Information Commissioner thinks is too complicated as there is a statement on record to that effect, being the reasoning behind why no action is likely to be taken against non-compliant businesses for the next year or two. Even the establishment recognise that this kind of legislation is holding back business by tying it up in knots. It’s enough to make anyone tear their hair out!
In order to buy the financial products (e.g. insurance, pensions etc.) your organisation needs you may well require the services of several different financial advisors – some are qualified to provide one kind of product and some to provide another. It all adds to the pressure on the organisation and its senior staff.
What happened to the famous ‘it’s a free country’ ethos? It isn’t any more, we all have to think a dozen times before taking action and not only is it draining creativity, but organisations are spending so much time dotting the ‘i’s and crossing the ‘t’s that their profits are going down the drain.
Compliance that creates profit
However, there is light at the end of the tunnel. With the right integrated management procedures compliance doesn’t have to be a stumbling block, it can be built in. This also allows organisations to carry out their core activities ‘efficiently and effectively, in a safe environment’, in the knowledge that business continuity planning derives from known and controlled risks – and have a recovery plan in place that is ready to swing into action if the worst happens.
Whilst governments around the world are trying to save the environment by pumping funds into encouraging ‘green’ practices and solve the global financial meltdown on the one hand, they’re making organisations, and particularly the revenue generators (businesses), work harder to make a profit. If something doesn’t change to iron out all the bureaucratic bumps on the road to running a successful organisation, it will continue to cost the national and global economies billions.
Integrating compliance into the way in which the organisation operates prevents it becoming an inconvenient stick-on solution; removes the pain of paperwork (i.e. perhaps even that elusive paperless environment) and becomes ‘the way we do things around here’. The bonus is that it can also deliver real profit instead draining the resources.
That’s got be a much more positive approach to making compliance work for, instead of against, the business owners – and provide a much needed boost to the world-wide economy.
Take the Red Tape challenge