Chapter 9Compliance Risk Management

“The secret of getting ahead is getting started.”

—Mark Twain

“Nothing will ever be attempted, if all possible objections must be first overcome.”

—Samuel Johnson

The purpose, in simple terms, of risk management is to protect all of the stakeholders of an organization with a predominant bend toward customer/client/consumer protection. A point to note is that protection of all stakeholders is the purpose of effective risk management. So while the traditional risk areas like credit, market, and operational risk endeavor to protect the solvency, profitability, liquidity, and growth of the organization, the environmental requirements manifested as laws, regulations, or market expectations seek to protect customers, market, and the economy they operate in, in addition to the organizations themselves.

There are times when there could be conflict of interest between the narrowly defined organizational objectives and the environmental expectations from it. The reason I say “narrowly defined” objectives is because in its true spirit there is no conflict as the organizational objective at its fundamental level is to have “sustained growth,” which is really possible only when all the stakeholders' well-being is ensured. A distinction needs to be made between the organization as a legal person by itself and its management at a point in time. They are not necessarily synonymous. This aspect is discussed in Part Five of the book on real-life issues of compliance ...

Get Enterprise Compliance Risk Management now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.