Research by Deloitte in their In-house Insights Report “Trusted navigators in complex and challenging environments” prepared in response to a September 2022 survey of New Zealand's in-house legal community, showed that keeping up-to-date and compliance with legal, regulatory and government policy updates was the number one issue that legal teams are concerned about.
Regulatory compliance has become increasingly onerous, but in my view, traditional methods of managing compliance are no longer fit for purpose as a means of keeping up.
Have clients ever gotten much value from getting an A3 document or spreadsheet from their law firm summarising some of the key requirements in various Acts and associated Regulations?
Such summaries are inherently generic, inaccurate for any particular purpose, and require additional translation to be implemented. They're also out of date almost immediately and quickly fall into disuse.
There are signs of a desire for better solutions. The 2023 In-House Counsel Trends Report by ACC and Wolters Kluwer showed recognition that technology can significantly improve compliance, record-keeping and reporting.
But even then, I think more modern compliance software solutions are not advancing things as much as they could if the main feature is providing the summary in a digital form and giving a means of sending out six monthly surveys to staff asking if they have complied with the requirements. Assuming they even understand the requirement, can staff really be relied on to answer accurately over a long period?
Checklists, flowcharts and tables can be useful, but won't have much impact if they are separate to the workflow people are in, and have to be remembered and looked up separately. Out of sight, out of mind.
Compliance by Design – A better approach
I think that the best approach, which is now possible using modern low-code software platforms, is "compliance by design", where legal compliance and best practices can be built directly into the business process wherever possible.
Let's use a lending process as an example, given how much the Credit Contracts and Consumer Finance Act (CCCFA) requirements have caused pain in the New Zealand lending sector over recent years with changing requirements around responsible lending and the information that a lender needs to obtain from customers, unless certain exceptions apply.
Many lenders have struggled with these requirements because they still use antiquated PDF forms to gather customer information. Because different requirements were introduced over time under different legislation, they may have multiple PDF forms capturing similar information for different purposes. Many sections of the PDF are unlikely to be relevant to all customers (e.g. sections relating to trusts or companies or partners/spouses), so they are confusing, and customers are unlikely to complete all sections with all the information needed in the form it is needed. Someone at the lender must gather all the information and re-enter it into other systems.
So you have a bad business process, which is a handbrake on how much business the organisation can manage, and it's also a compliance nightmare.
As an alternative, consider a digital form. All the separate PDFs can be combined into one dynamic form. Questions are only visible if they are relevant. Detailed income and expense information is not required if the customer can rely on an exception in the regulations and it's not actually needed for the business process. Unnecessary information can be removed, and the reliance on the exception can be recorded. It's simple because it's meant to be! If the customer cannot provide all the information immediately, they can save and resume from whatever location(s) they are at. Staff can see the application and step in to help if required.
When the form is submitted, all the data is available to other systems and steps in the process without manual re-entry and risk of error.
- First and foremost, this is a great business process. It makes the lender easier to work with and more attractive than competitors, enabling more applications to be obtained and processed via online channels. Do some excellent content marketing, and get your incredible solution assessed for the market leader it is on MoneyHub, and you could triple your applications overnight.
- Secondly, it's also highly compliant. Applications must be submitted with all information being provided in the required form. Data-driven calculations and decisions can be made to ensure compliance with critical requirements.
- Thirdly, it's very agile. Noting that the new Government is going to repeal a number of the more onerous requirements in the CCCFA, the difficulty that many legacy systems will have with these updates can be avoided by using no-code and low-code solutions.
With this approach, the compliance register can be updated to note where and how compliance has been built into the process.
It can be coloured green and should only require further analysis or investigation if the requirement changes. Until then, you can see the compliance of every single transaction as it goes through the system.
If disclosure or other documents need to be created at any step in the process, they can be automatically generated with accurate data, saved and delivered with evidence of every step being recorded as proof.
And if anything changes, a low-code solution will allow tweaks to be made almost instantly, reducing costs and risks further.
Compliance surveys can also be simplified to target issues which are not capable of being addressed in this way, adding to their value and effectiveness too.
A similar approach can be applied to almost any industry. If you'd like to discuss any particular processes in your organisation that are currently raising compliance concerns and where it would be better to help people to comply rather than identify situations where they haven't, get in touch for an initial chat.