Professional Documents
Culture Documents
BA 602
John Kenney
Vishwanath Thummala
Tharun Bojja
Karan shah
Premender Aenugu
Mira Upadhyay
Qaisar Mehmood
Phani raja konakalla
Introduction
There are several challenges that an organization has to work on while developing a compliance
program. One of the most challenges that all companies face is automation. Most of the
companies process and business involve manual intervention (Guan Siew Teo, 2004). Failure to
automate all business process are the biggest challenges that organization faces while
issue in maintaining compliance regularities.pg.174 There are many challenges that make
enterprise network, approach toward compliance adopted by both client and vendor, one of the
other major factors that makes compliance management difficult for the organizations is cost
associated with the management of regulations (Garry C. Gray, 2014). Regulatory compliance
not only poses serious challenges to insurance, It, financial companies seeking global expansion
but also affects the fact that business model cannot be established as it in another county. Pg. 3
There are several challenges that organizations face while implementing regulatory compliance.
Organizational structure
Centralized structure So
Decentralized structure
Failure to monitor
Every organization has different structure. Structure of the organization is explaining what the
organization is about. For every ITT company it is important to have consistency. Organization
structure plays an important role in defining compliance and regulations (Guan Siew Teo, 2004).
The challenge for the organization is not only in the developing regulation but also in
maintaining policy instruments.pg.188 Sometime companies faces a problem in understanding
target group and how to inform regulatory design. While developing compliance program
What will motivate individual in an organization to maintain and follow the compliance.
Cost
Maintaining compliance can sometimes be very costly. There are many things that results in
high cost of compliance. Some of them are regulations are inflexible, substantive standards are
too high, the transition time for coming into conformity is too short. If we see that cost
associated with complaining regulation is too high, then it is often observed that compliance rate
in an organization is low. It is difficult for policy makers to predict economic and social
Employees of the company do not follow compliance rules if they see there is no purpose of
having regulation. Overly rule regulation can have a negative impact on the compliance.
Financial and IT companies has go through regulation. So, regulations under regulation becomes
challenge for the financial companies. There regulation has rules that tell companies how
outlining how financial institutions must protect their organizational data. According to these
regulations, financial services and IT companies has to make sure that the data is accurate and
has integrity. IT companies faces issues and challenges when they want to do business with
entities in different countries. Compliance program developed in one country might not be
compatible with the compliance program developed for the entity in another country.
Most of the IT and financial companies prefer to adopt data centric approach. No data centric
approach has proven to be weak to protect information and data, There are has been cases where
the data breach happened in the companies that uses non data centric approach. There has been
continuous grow in complexity of the modern network. This complexity has resulted in
challenges to maintain compliance (Garry C. Gray, 2014). There have been new ways of
connecting to networks, employees of the company wants to access the devices, networks
overseas, this has made systems more complex and has increased the risk of security breach. It
has been one of the biggest challenges for the companies to have control over the networks.
Since few years organizations are generating more and more data. It has become challenging for
the organization to maintain the data and analyze vast amounts of information while maintaining
compliance and regulations. As the data is evolving and changing at a faster rate, companies
have to make sure that their compliance program is flexible and can easily adopt changes. In
coming years changes will come both in data and compliance regulations. It has been
challenging for the companies to add more and more data and at the same time maintain the
regulations.
Access Management
Now a days employees can connect to the company's network, devices from different ways. This
causes some challenges to maintain mobile and laptop devices management policies and
technologies. When it comes to IT compliance company has to create better approach towards
handling of the data and data security approach. It is important to create this approach to protect
Assess how IT governance will improve the effectiveness of the IT Division to attain
regulatory compliance
Develop a broad vision, an architecture, and a detailed plan of action that follows a
life cycle concept
Assess all key business processes and IT compliance factors and link to all business
When it comes to the financial compliance for organizations, Sarbanes-Oxley Act has driven all
the companies listed on the New York Stock Exchange to go through a strict audit process,
looking at which many other stock exchanges have also introduced similar compliance policies
around the globe. This act came into play after the housing market crash and recession that
happened in 2009. Compliance policies like this is reforming the financial industry to be more
transparent and better with that it is also reforming the IT compliance in the organization.
To be compliant of Sarbanes-Oxley, performing regular assessments of regulatory standards and
having the best practices in place time and again which reshapes and restructures the IT
compliance policy of the organization. A good IT compliance framework would ensure to have
the best practices and processes in place to ensure compliance solutions are in place for a long
term and would give out best results to the organization. There is increased scrutiny in the
financial field currently which means, there is a higher number of audits and having to do all the
process by humans tends to be very expensive in the long run. This is demanding the automated
solutions that performs the analysis and help in cost reduction and higher efficiency by cutting
For the good IT compliance policy companies must make firstly define the compliance strategy
which with there are strong policies and procedure laid down. With increasing business
complexity, there are new rules and policies that businesses operating different spaces must be
compliant to. Adding these addition parts to the compliance policy would make it more
competitive and puts the company under less risk of defaulting or non-compliant. To conclude
on the assessment, having to define all the processes from end to end in a business would make a
Your detailed plan should include the following phases: initiate, plan, develop and
implement.
This takes time, money and experience to establish a regulatory compliance program. Although
with a plan in mind, perhaps institutions don't have the means to start implementation. A
representatives partake in the important preparing to all the more likely comprehend the
significance of good morals and honesty and consequently apply these standards to their work
(Scanlan & Purdon, 2007). The different phases while planning for the compliance program will
include initiating, planning, developing and implementing the effective IT compliance program
so as to provide a regulation from the risks involved in the financial institutions as the companies
Initiate- In this phase the focus will be on the need of the regulatory compliance
in the financial institutions by projecting the risks involved. This phase of initiation mainly
includes the decision to design the compliance program. This phase will also include the
Plan- This phase is the crucial phase while designing a compliance program as it
is the position where the compliance team will form the goals, objectives, risks, policies and
which will move ahead with monitoring and identifying the gaps in regulations of the
financial institutions. An internal audit could be the best possible way to understand the
required policies for the organization as per the compliance (Prorokowski & Prorokowski,
2014).
and install process applications that handles threats, reports and problems from top to bottom
that affect the company. Be that as it may, a genuinely effective compliance program needs a
dedication from the association's most significant levels not exclusively to set up the program
yet in addition an eagerness to make the best choice as an organization. In the event that the
organization isn't completely dedicated to moral conduct, the most powerful compliance
Guan Siew Teo (2004). Regulatory challenges in the development of a global security markets.
Garry C. Gray. (2014). Governing Inside the Organization: Interpreting Regulation and
0041
Scanlan, A., & Purdon, C. (2007). Compliance Program Management for Financial Services