Skip to content Skip to footer

Loading Results

The journey to compliance transformation

Are you maximizing the value of your risk and regulatory activities?

“To truly maximize the value from compliance, you need to think about the people and the technology and the process around it . . . because if you’re concentrating on any single piece without thinking about the others, you’re not going to get the benefits that you’re looking for.”

France-Anne Fortin

Listen to the article

Playback of this video is not currently available


Listen now

Maximize value

How you can reimagine your approach to risk and regulation

As organizations invest more in compliance to stay ahead of evolving regulations, many are asking whether they’re maximizing the value of their risk management spend. Some have created complex regulatory compliance processes in silos, which can increase costs and reduce effectiveness. Others are looking for ways to streamline labour-intensive processes and eliminate redundancies. 

In our latest audio blog, Shawn Reain and France-Anne Fortin discuss how you can reimagine your approach to risk management and governance requirements to reduce the costs of compliance. They explore the key role of governance, risk and compliance (GRC) technology solutions and the importance of considering both your people and process improvement in maximizing value and building trust through your risk management program.

Shawn Reain:

Hello, everyone. I’m Shawn Reain, PwC Canada’s Tax Markets and Compliance Transformed Leader. I’m really excited to talk about the opportunity companies have to maximize value within their organization through the integration of risk management and compliance activities across functions, 

And also increase accuracy and eliminate the costs of duplicate and siloed efforts. What’s more, you’ll be on the path to building trust with stakeholders, which gives you a competitive advantage and is key to creating sustained outcomes in today’s complex business environment.

I’m joined with my colleague, France-Anne Fortin, a regulatory compliance expert here at PwC Canada and a key member of our team of solvers. Together, we’ll explore how transforming the compliance function can create tangible business value. Welcome, France-Anne.

France-Anne Fortin:

Thanks, Shawn. Very happy to be here.

Shawn Reain:

Well, let’s dive in. So first question is what are the costs of compliance within an organization?

France-Anne Fortin:

That’s a really good question. I would challenge all organizations to answer that question for themselves and they probably have a really hard time identifying what is the true cost of compliance. Compliance means different things to different people. And obviously, you have certain costs that are easier to understand, whether it be your compliance team, the legal team that does the monitoring of what compliance means, the risk management team that follows the key risks and the controls to be able to provide you with some visibilityof  if the organization is compliant or not.

But all of those programs historically have been built in silos for particular needs or regulations or market trends. They’re not necessarily connected together and can create some inefficiencies. So when we are thinking about compliance in this much broader term, the scope can be really huge and overwhelming. I think it’s important to take a step back and say, “OK, what are the risks I’m trying to manage?” Whether they be tax, cyber, data privacy and all the other regulatory requirements that are out there. And how can I more effectively manage those operations in today’s environment?

There are many compliance activities that are currently being performed based on historical processes and reviews and programs that were built to answer particular regulations or particular needs at that time. Today’s environment, potentially you have duplicate steps, you have lost the understanding of why certain activities are being performed. 

So that limited understanding can really represent an opportunity to revisit with the various stakeholders, including outside stakeholders, what are the risks we’re trying to manage and what are the potential cost savings that we could achieve if we rethink the controls and activities and our processes that we’ve put in place for those various programs?

That being said, it’s important to note that when some of those activities, programs, processes, controls were put in place, the technology available to us was very different than what we have now. There are much more user-friendly tools right now and ways to automate that make things more efficient and effective and can significantly help compliance as a whole. It’s a great opportunity to identify areas where you could reduce manual data feed, eliminate duplicate steps, revisit processes. Make sure that there’s an effective internal communication strategy so that people understand why certain controls are important and into which piece of the compliance pie do they relate to.

Sometimes, they relate to one; sometimes, they relate to many. But I think that type of integration is really important for people to actually buy into the program and improve the compliance results for each of your organizations.  

Shawn Reain:

Amazing. And throughout this, many organizations don’t have a clear insight into the impacts of continually changing regulations. Why is that?

France-Anne Fortin:

They’re being hit on all sides by new rules, regs and trends, industry trends that they need to apply. These take a lot of time and effort to make sure that you’re aware, that you understand what the impact is. And that you apply them as quickly and as efficiently as possible in your day-to-day operations. Making sure that you have a long-term vision and an upfront plan on how you’re going to go about streamlining these activities and rethinking how you’re going to use technology and digital upskilling to get to the end result you’re looking for is really important.

As I mentioned before, the good news is there’s technologies and solutions now to maximize value, reduce costs and improve the overall effectiveness of compliance. The GRC [governance, risk and compliance] technologies and automation technologies that are out there definitely provide organizations with a way to digitize and automate a lot of those activities with the user in mind.

It’s also really important to think about the relationships with your end user and [make] sure that it’s as easy as possible for them to comply and that the process and automation that you’ve created makes their life easier.

Shawn Reain:

So you mentioned the technology and how it can help. And so what are some of the other considerations around implementing technology to support compliance processes?

France-Anne Fortin: 

Many organizations have adopted technologies along the way, but oftentimes it was the best-of-breed approach for a specific regulation or a specific need. So what we’re suggesting is to truly maximize the value from compliance, you need to think about the people and the technology and the process around it.

And all that works hand in hand because if you’re concentrating on any single piece without thinking about the others, you’re not going to get the benefits that you’re looking for. You’re going to keep having the issues of manual effort and workarounds and large volumes of transactions or data that’s disorganized and not necessarily positioned in a way that you can drive insights and make compliance activities easier.

Shawn Reain:

Amazing. You were talking about the benefits really around maximizing value. So what do organizations need to do to maximize the value of their compliance function and show impact?

France-Anne Fortin:

It very much depends on the maturity level of your programs and the industry you’re in. Think through the various activities and the end result that you’re looking for. From a holistic perspective, rethink how can we get to that outcome? Because when you’re looking at it in silos, the answer could be very different than if you’re looking at it from a holistic perspective.

A couple of items that I think [are] really important: Design your practices and your process with the end user in mind. Make sure that it’s aligned with the values and the organizational culture. When you’re putting yourself in the shoes of the person that’s doing the activity on a day-to-day basis, it makes it that much easier for them to comply [with] all the various controls and reporting that you’re looking for.

With today’s environment where talent is hard to come by, retention and improving their experience is one of the ways that you can indirectly reduce the cost of compliance, because you’re going to have hopefully reduced turnover. The other element that we think is really important is to make sure that your folks are digitally savvy, that they’re trained and they can actually help you to identify areas for improvement.

The goal is really to think about risk management and compliance activities in an integrated way, establish a governance around it so that you get the best value for money. And that’s all being driven by technologies as the backbone. The technology right now is available for us to be able to be much more self-reliant and create automation without necessarily having to invest in large systems.

The next step is to make sure that you have a long-term vision. What is it that you’re trying to do? Because you won’t be able to do everything all at once. So companies need to ask themselves, what’s their strategic plan over the next 18 months? What are we expecting in terms of regulatory requirements? How can we better prepare for the unexpected and evolve our programs so that the approach becomes more proactive while limiting the impact to the business?

Shawn Reain:

Great insights and advice for people to think about, France-Anne. I know approaching compliance this way could be a game changer for many organizations. So I really want to thank you for joining me today. Before we close, I’d like to highlight some of the key points France-Anne and I discussed.

Firstly, a complex, evolving regulatory landscape requires a different approach to your compliance, including your data gathering, reporting and strategy practices.

Secondly, many organizations have gaps in their current approach that represent opportunities to truly maximize the business value created from compliance.

And thirdly, a reactive, silent approach to compliance is not only a reputational concern but also a cost issue. In many cases, compliance costs are higher than they need to be. It could be reduced with many of the strategies we’ve discussed today. We know there is so much opportunity in ensuring that practices are aligned to the organization’s values, which is key to building trust and a better relationship with your stakeholders.

Thank you for listening today. If you’re wondering how to get started, reach out to learn more or schedule an exploratory workshop with us. Our contact information is at the bottom of this page.

France-Anne Fortin is a Partner with PwC Canada's Risk Assurance practice. Her experience includes previously serving as Vice-president, Internal Audit and Compliance, at PSP Investments. During her time at PSP Investments, she established an internal audit as well as a compliance function that gained recognition for its ability to bring value to the organization, improve its processes and better grasp the risks it faced.

Shawn Reain is the Compliance Transformed Leader and the National Tax Markets Lead at PwC Canada. He has more than 30 years of experience helping organizations address evolving market trends and solve their important problems.

Contact us

Shawn Reain

Shawn Reain

National Tax Markets Lead, Compliance.Transformed leader, Partner, PwC Canada

Tel: +1 403 509 6373

Junaid Mirza

Junaid Mirza

Partner, Legal Function Transformation and Tax Reporting & Strategy, PwC Canada

Tel: +1 905 815 6404

France-Anne Fortin

France-Anne Fortin

Partner, Risk Assurance Services, PwC Canada

Tel: +1 514 205 5438

Genevieve Groulx

Genevieve Groulx

Partner, PwC Canada

Tel: +1 403 441 6350

Follow PwC Canada