Compliance system needs to be regularly monitored, periodic reports generated for the management, audits by third party, updating of laws, and communication of the changes to the concerned functions, and has to be driven by the management with utmost commitment to ensure an effective compliance framework Growing Regulatory Environment, ...
Compliance system needs to be regularly monitored, periodic reports generated for the management, audits by third party, updating of laws, and communication of the changes to the concerned functions, and has to be driven by the management with utmost commitment to ensure an effective compliance framework
Growing Regulatory Environment,
higher business complexity, economic growth and increased focus on accountability have led enterprises to pursue a broad range of governance, risk and compliance initiatives across the organization. Primarily, achieving legal compliance is crucial for any and every company functioning in today's India.
Compliances
Legal/regulatory compliance and reporting needs to be viewed as a natural extension of the governance duties shouldered by top management and corporate boards. Moreover, only good governance can ensure that compliance is aligned with the company's business objectives and risk management strategies - and is thereby adding real value (and not just cost) to the organization. Ultimately, the goal is to ensure that the spirit of compliance - as well as the letter of the law - is embraced in every corner of the enterprise.
Legal Compliances And Risk Management
The economic environment remains challenging without any apparent signs of easing. Global operating models can add a mixture of efficiency and complexity to virtually every business today. With such rising complexities, risk management is forming a critical function of almost all organizations irrespective of the industry/sector. 'Risk management' is a commonly used word and organizations now give higher priority to risk management than they did a few years ago. But there still appear to be large gaps between expectations of the risk management function's role in meeting broader goals and its perceived performance.
Historically, many perceived risk management as, "the department that says no", we now see a shift in this perception, with risk management being seen more as "the department that enables execution".
In a recent study by Accenture1, the vast majority (i.e., 98%) of surveyed respondents report an increase in the perceived importance of risk management in their organization. One phrase that stood out in the study was "Action is not optional". One can even say that is seen as true for not just the risk management function but also organization.
Legal compliances per se are increasing, both in terms of sheer number of regulations but also in levels of specificity. Consumers are better informed and more demanding. And competitors, both new and old, are look ing for ways to expand their market share at a time when growth remains low. Risk management as a function is now expected to help in responding to these challenges as well.
In today's corporate world, with a globalised business environment blurring geographical boundaries, organizations face a complex assortment of new and often contradictory laws and regulations. High-profile corporate scandals, involving compliance failures, teach us that loss of reputation can have a significant, if not fatal, effect on an organization. The development and management of effective legal risk management and compliance operation is, therefore, the need of the hour.
Need For Legal Compliance & A Compliance Framework
The Merriam-Webster dictionary defines 'Compliance' as "the act or process of doing what you have been asked or ordered to do". Compliance from an Organization's perspective is a very broad term, and encompasses statutory as well as non-statutory compliances.
Statutory Compliances, popularly known as legal & regulatory compliance essentially means and includes adhering to various laws, rules, regulations, bye-laws, directions, guidelines, as may be applicable to an Organization. Non-Statutory compliances generally include complying with internal rules/regulations of the Company, code of conduct, guidance note, voluntary guidelines issued by Government/various institutions. Non-compliance or delay in compliance with applicable law/ regulations intentionally can lead to dire consequences such as fines, penalties & prosecution of Directors/Officers of the Company, imprisonments, product recalls or reputational risks and plant shutdowns etc., depending on the law concerned.
This complex area requires expertise and full time monitoring. Treating this area in an ad hoc manner or even with the best of intentions by non-experts is an unnecessary risk.
Statutory Compliances specific to the Non-Alcoholic Beverage Industry
Statutory compliances in India may vary from state to state, and is subject to frequent, sometimes unpredictable changes. At the central level, an effective risk management is further reinforced owing to the compliance requirements enshrined in the Companies Act, 2013 and the Listing Agreement:
1. The Companies Act, 2013
As per the newly enacted The Companies Act, 2013, the Directors of a company are responsible for devising a proper system to ensure compliance with the laws applicable to the Company. Directors are further responsible for ensuring that such systems are adequate and operating effectively under Section 134 of the Companies Act, 2013.
Further, Section 205 of the Companies Act, 2013, which enlists the functions of the Company Secretary of a Company, requires the Company Secretary to report to the Board about (i) Compliance of the Companies Act, 2013, the rules made there under and (ii) all other laws applicable to the Company.
2. Listing Agreement
Shortly after introduction of the CII Code2, SEBI appointed the Birla Committee3. In 1999, the Birla Committee submitted a report to SEBI - to promote and raise the standard of Corporate Governance for listed companies. The Birla Committee's recommendations were primarily focussed on two fundamental goals - improving the function and structure of company boards and increasing disclosure to shareholders. With respect to company boards, the committee made specific recommendations regarding board representation and independence that have persisted to date in Clause 49.
The first step towards creation of compliance framework or ensuring compliance otherwise is ascertainment of the applicable laws, and preparing a detailed checklist of the required compliances. Generally, the laws applicable to a Company are in the nature of corporate laws, fiscal laws, labour laws, environment etc.).
Compliance Framework - An effective compliance framework should, among other things, clearly define the reporting framework, specifying the contents of the reports (non-compliance, penalties/risk involved, timeline/action plan to ensure compliance), periodicity (monthly/quarterly/half yearly), reporting authority and the like.
A very important aspect of any compliance framework, irrespective of choice of mechanism, is that of cascading of the 'Compliance Process'. The entire exercise to be performed by companies would prove useless should there not be a process to train the process owners and management. Once process owners and the various management hierarchies related to compliance have been trained and the tool operationalised, the organization can start the process of reporting compliances and top management can rely on the same for reporting to boards of companies.
A Compliance Framework on the above lines, not only ensures, to a very large extent, that all concerned in the organization become aware of applicable compliances, but also helps in bringing to light non-compliances in a timely manner, and providing a plan to remediate non-compliance.
To sum up, ensuring Compliance is a continuous exercise and therefore compliance system needs to be regularly monitored, periodic reports generated for the management, audits by third party, updating of laws, and communication of the changes to the concerned functions and has to be driven by the management with utmost commitment to ensure an effective compliance framework.
With an effective compliance system in place, management can mitigate the risk of non-compliance. An effective compliance system ensures cost saving by avoiding penalties/prosecution, minimising litigation, building credibility and equity, and increasing shareholder value.
Footnote:
1 Accenture 2013 Global Risk Management Study Risk Management for an Era of Greater Uncertainty
2 Confederation of Indian Industry (CII) - Desirable Corporate Governance – A Code, 1998; 3 Committee on Corporate Governance, chaired by Kumar Mangalam Birla appointed
Disclaimer - The views expressed in this article are the personal views of the author and are purely informative in nature.