- CMS Compliance Index remains at high level
- Companies are enhancing their compliance structures and investing in the associated resources
- Compliance officers see lack of support for compliance issues among management
Berlin – German businesses have steadily expanded their compliance structures and internal training programmes compared with previous years and have never been in a better position than they are now. However, declining support for compliance issues among management is giving compliance officers cause for concern. Those are the key findings of the representative cross-sector survey for the CMS Compliance Barometer, conducted in 2017 for the third time by commercial law firm CMS Germany. The CMS Compliance Index produced a reading of 67.1 this year, out of a possible 100 points, representing a stabilisation compared with previous years. The Index measures the extent to which compliance is embedded in major companies.
“Even though the latest Compliance Index shows that companies consider themselves well resourced in relation to compliance, recent compliance scandals have apparently failed to make management sufficiently aware of the significance of these issues,” said Dr Harald W. Potinecke, partner and Head of the German Compliance & Forensic Services Group at CMS. “This is a worrying situation, especially since a lack of commitment on the part of management may result in compliance and liability risks, both for the company and for the management team.” For the survey, leading market research institute Ipsos conducted anonymous interviews with a sample of compliance officers from 200 large companies with at least 500 employees.
More compliance departments in large companies
There has been a significant increase in the number of companies with their own compliance department. While only 28% had a dedicated compliance department in 2015, the proportion is now four out of ten companies. This development also impacts other departments. Overall, correspondingly fewer employees from legal, controlling and risk management departments are performing compliance tasks. An improvement has also been seen in the way departments are equipped and organised. More than half of the companies surveyed had increased the staffing and budget devoted to compliance departments.
Compliance awareness lacking among management
While a positive trend is emerging in relation to the resources and infrastructure of compliance departments, only around half of compliance officers feel they are properly equipped to deal with compliance risks. It is particularly noteworthy that compliance awareness among management was assessed as lower this year than in previous years. The willingness of management to support and drive compliance issues has also decreased over the past three years, as perceived by compliance officers, falling from 79% in 2015 to a current level of 71%. “The results indicate that compliance officers would like greater support from company management due to rising demands and additional duties. Our practical experience also shows that a compliance system is only effective if company management is fully committed to compliance,” commented Florian Block, a partner in the Compliance Group at CMS’s Munich office.
Professionalisation of compliance
The most important task of compliance officers within companies is currently developing compliance processes and the associated policies. As reported in previous years, more than eight out of ten of the companies surveyed (83%) have a compliance code of conduct. Companies are also increasingly extending training programmes designed to communicate behavioural requirements around compliance. Less than half of the companies surveyed conducted internal training sessions in 2015; this year the figure is 71%. Seven out of ten companies train their employees on compliance topics at least once a year. Another indication of the increasing professionalism of compliance departments is that in addition to the main duties of compliance officers, risk management is also gaining in importance. One in every four compliance departments is now also responsible for risk management within the organisation. “Identifying, assessing and managing risk is becoming an increasingly important part of the work of compliance officers. This is a welcome development as it demonstrates that more and more companies are aligning their compliance systems with their own particular risks in order to boost the effectiveness of the system,” said Dr Tobias Teicke, a compliance lawyer at CMS in Berlin. In internal investigations, companies continue to rely heavily on external consultants for support. 70% of firms use such consultants to conduct internal investigations – another sign of professional handling of suspected breaches.
Cartels and money laundering are underestimated as compliance risks
Data protection, corruption and liability remain the greatest compliance risks for respondents, while competition law issues and money laundering continue to be less of a compliance priority among the companies surveyed. Relevant risks are often underestimated here. Looking to the future, compliance officers see the greatest external challenges in increasing regulation and various special issues, such as the growing importance of data protection and foreign trade law, as well as requirements relating to the prevention of money laundering. This applies in particular to companies with more than 5,000 employees. “The EU’s upcoming General Data Protection Regulation, the 4th EU Money Laundering Directive – which came into force in June 2017 – and the sanctions against Russia confirm the view that rising statutory requirements will continue to place pressure on compliance departments,” said Florian Block.
The survey and the CMS Compliance Index are published annually, providing a comprehensive overview and insight into the current state and progress of compliance in major German companies.
Pressekontakt
presse@cms-hs.com
