Compliance as a Competitive Advantage?

05 November 2018 - 12:00 am UTC

Compliance as a Competitive Advantage?

By Michael F. Savicki, Vice President, Compliance – The Americas, for American Express Global Business Travel.

The service industry can be an incredibly competitive marketplace. A myriad of factors including costs, service quality, customer experience, brand recognition and reputation, all contribute to the success and failure of non-manufacturing, service-based businesses.

One factor rarely referenced as a marketplace differentiator is compliance and effective internal controls. Indeed, for many corporations, be it service industry related or otherwise, regulatory compliance is often viewed as a significant cost and burden on the business, holding it back from greater growth opportunities. While such a viewpoint is not meritless (depending on the nature of the company and industry), the relevant question for in-house legal and regulatory practitioners is how to handle this perception as a headwind or obstacle and demonstrate value to their respective organizations.

Charlie Munger, who is 94 years old, founding partner of Munger, Tolles & Olson LLP, and the current Vice Chairman of Berkshire Hathaway and Warren Buffett’s long-time investment partner, has a great quote for addressing such challenging problems:

Invert, always invert: Turn a situation or problem upside down. Look at it backward.

Applying Mr. Munger’s guidance to the question presented – what if regulatory compliance was viewed as an opportunity, a critical part of your value proposition and a tailwind to help differentiator the business in the marketplace?

One approach for doing so is embedding compliance within the company’s overall value proposition. Such goal alignment can be done by demonstrating how strong internal controls and compliance initiatives help to achieve the underlying client needs of the company’s product and service offering. Although it will vary by company and industry, an illustrative example is found in the business travel and meetings industry where the numerous regulatory risks can be tied back to the needs of corporate clients and their travelers. Specifically:

Privacy Laws & Information Security requirements – the European Union’s adoption of the General Data Protection Regulation (GDPR) has made privacy a front-burner issue for corporations, employees and travelers. It has increased the requirements for cross-border data transfers, increased potential fines for breaches and accelerated the timing for breach notification requirements. Business travel and meetings & events involve a significant amount of personal information that must be processed appropriately, and transferred securely to a host of entities across the traveler ecosystem to permit travelers and meeting attendees to arrive at their destinations. Unfortunately, bad actors are increasingly aware of the valuable information contained in traveler records and have conducted several cyber-attacks on airlines, hotel chains and other industry suppliers. These data incidents illustrate the criticality of strong privacy and information security controls for travel management and meetings & events suppliers and underscore how such controls directly benefit their corporate clients.
Anti-corruption compliance – As corporations have increased their internal controls eliminating the days of cash filled gym bags, third parties have filled the void to facilitate improper payments and circumvent internal controls. Non-product services – such as those provided by travel agents and meetings & events suppliers – lend themselves to potential invoice abuse with inflated invoices creating slush funds due to a lack of transparency. Having the right controls in place and properly vetted local partners – particularly in high risk jurisdictions such as Brazil, China & Russia – directly benefit clients and augment their internal compliance programs by ensuring only legitimate invoicing for and services rendered.
Economic sanctions – Economic sanctions are constantly evolving and will invariably touch upon global business travel and meetings & events activities. Ensuring that there are proper controls to block sanctioned travel suppliers or destinations is critical to avoid potential economic sanctions violations. Similarly, sanctions screening of individual travelers by a corporate travel provider can help a corporate client avoid a potentially sanctioned transaction.
Third-party oversight – global travel management companies use a multitude of third parties to provide products and services with the potential for government touchpoints such as visas. Documenting the substantial vetting and due diligence of third parties – and how it directly benefits the client and end user – illustrates the value add both to the corporation and its clients.

By identifying the key regulatory risks facing the corporation and illustrating how effective compensating controls are not only the right thing to do but a significant contributor to the clients’ goals, it allows you to align compliance with the corporation’s objectives and overall go-to-market value proposition. In short, compliance can be a competitive advantage when effectively communicated with the corporation’s overall goals in mind.

This focus on the client/end user can have additional benefits. Such an approach can help to create an overall culture of compliance within the organization and amplify the impact of the legal/compliance personnel focused on regulatory compliance. When regulatory compliance is viewed as an entrenched part of the company’s value proposition, it is no longer simply a legal/compliance initiative and likely to benefit from a force multiplier affect across the organization and its various functions. In these days of doing more with less, internal budgeting and resource allocation discussions can be far more effective when the head of sales and business development states that compliance is a marketplace differentiator.

In sum, regulatory compliance does not need to be viewed as an obstacle to doing business. Rather, it can be a competitive advantage when positioned properly. Just remember to invert, always invert.

Michael F. Savicki is American Express Global Business Travel’s Vice President for Compliance – The Americas where he is responsible for all risk and compliance disciplines throughout the Americas region and Commercial Compliance globally. Prior to joining American Express GBT, he was Senior Attorney – Compliance & Corporate Governance at Sikorsky Aircraft Corporation, Secondee Counsel at Deutsche Bank’s Litigation and Regulatory Enforcement Group and Senior Litigation Associate at Fried, Frank, Harris, Shriver & Jacobson, LLP. He began his legal career as a law clerk at the United States Second Circuit Court of Appeals. He is a graduate of Tulane Law School and Connecticut College and a member of the Connecticut, Massachusetts and New York state bars. The views expressed within this article are entirely his own and not those of his current or former employers.

Cookie	Duration	Description
__cfruid	session	Cloudflare sets this cookie to identify trusted web traffic.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
crumb	session	Squarespace sets this cookie to prevent cross-site request forgery (CSRF).
has_js	session	This cookie is set by Drupal Core, to indicate whether the user's browser has enabled JavaScript.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
bcookie	1 year	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie	1 year	LinkedIn sets this cookie to store performed actions on the website.
lang	session	LinkedIn sets this cookie to remember a user's language setting.
li_gc	5 months 27 days	Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
player	1 year	Vimeo uses this cookie to save the user's preferences when playing embedded videos from Vimeo.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_5N0BNQWREV	2 years	This cookie is installed by Google Analytics.
_gat_UA-138412639-6	1 minute	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
AnalyticsSyncHistory	1 month	Linkedin set this cookie to store information about the time a sync took place with the lms_analytics cookie.
undefined	never	Wistia sets this cookie to collect data on visitor interaction with the website's video-content, to make the website's video-content more relevant for the visitor.
vuid	2 years	Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos to the website.

Cookie	Duration	Description
country	1 month	No description available.
loglevel	never	No description available.
test	never	No description available.

Products & Services

News & Press Releases

Knowledge Base

About Acuris Risk Intelligence

Compliance as a Competitive Advantage?

Compliance as a Competitive Advantage?