We have written about the importance of having the right culture before, and so have other prominent publications like Quartz. Culture is often found to be a major factor in scandals related to risk, compliance and accounting. Just look at this list from Forbes of the biggest corporate scandals in 2015 and note how often culture is mentioned as one of the main problems in these organizations. We have been in the Fintech industry for a decade at this point and we have seen the difference culture can make – even in the implementation and success of GRC technology.

Compliance and Risk Culture


What makes culture so important? 

Risk management, compliance management, audit management, and other such GRC related activities are highly regulated. The processes that are followed in work related to these domains is highly scripted – businesses ensure they follow the accepted industry practices according to regulations and industry standards. How can culture then be such an important factor? 

The simple truth is that any organization that does not encourage good practices within its culture will have compliance and risk related problems, regardless of how well-written the codified rules and practices are. If any business is having trouble with compliance or risk, then they need to look at the culture which is fueling the problem. 

See our recent post “Managing Compliance Risks Needs Synergy Between Culture and Technology 

Compliance management and risk management need commitment  

A big mistake made by many people is assuming that scandals are caused by evil or criminal people. That couldn’t be farther from the truth. Yes, there are famous stories (like Enron) where it is clear that many stakeholders were acting in bad faith and caused the problems, but for every Enron there are a 100 more stories where businesses got embroiled in scandals simply because of the wrong approach. Any business that wants its compliance officers and risk managers to truly perform with dedication will have to ensure that these people are actually heard. 

It is difficult to get a man to understand something, when his salary depends on his not understanding it. 

The above quote of Upton Sinclair perfectly describes a major culture related problem that occurs in compliance management and risk management domains. There are some companies where making too much noise is considered a bad thing. Compliance and risk experts that raise too many issues are often seen as being needlessly problematic. They aren’t officially reprimanded but are often given the cold shoulder and jokes are made about how they are worrying too much. These small, innocuous acts can destroy the culture of a business. It encourages these experts to raise fewer red flags because raising red flags creates a negative impression of them and that means putting their career at risk. 

Get more details how you can “Develop a Culture of Compliance and Risk Management 

Side-stepping culture related issues with GRC technology 

Some businesses have taken a different approach towards the culture problem – instead of asking why they have the wrong culture, they are wondering why they have left such important domains vulnerable to culture. Instead of simply fixing the culture, these businesses are also looking for technology that can ensure that even the wrong culture will not be able to negatively affect compliance management and risk management.  

This approach can be successful if done the right way. Our own Predict360 solutions for compliance management and risk management incorporates many features to ensure that compliance and risk are insulated from such externalities. The simple solution is to completely automate the workflow of compliance and risk managers. In a streamlined automation-based system like Predict360 most risk and compliance monitoring are completely automated. The red flags don’t have to be raised by people – the system raises the red flag the minute it detects something wrong.  

Instead of being negatively affected by the culture, businesses with this approach end up fixing their culture. Since monitoring is automated no one feels unsafe reporting issues or highlighting problems – it is already highlighted within the system. 

If you want to see how your business can benefit from automation-based risk and compliance solutions, you’ve come to the right place. Get in touch with the Predict360 team for a demo and trial of how the solution can help your business improve efficiency and productivity. 

About the Company

360factors, Inc. (Austin, TX) helps companies improve business performance by reducing risk and ensuring compliance. Predict360, its flagship software product, vertically integrates regulations and requirements, policies and procedures management, risks and controls, audit management and inspections, and on-line training and qualifications, in a single cloud-based platform based on artificial intelligence.

Remain up-to-date on industry news/updates through our Twitter & Linkedin profiles.