ABSTRACT
This chapter considers a number of important areas where compliance may need to be involved as the regulators increase their focus and businesses change and develop. For the compliance function this may require a separate team to agree the work to be undertaken, the timetables, subsequent amendments, progress checking and reassessment and reporting. Policy and procedures are clearly important in ensuring compliance but compliance also requires a high level of judgement and intuition. Policies and procedures are good at establishing best practice. The chapter also considers a number of these including ‘risk’ and ‘heat maps’, the ‘directed telescope’, the ‘spider’s web’ approach and also techniques for addressing organisational obstruction and delay. A compliance ‘risk map’ is more usefully thought of as an analytical database rather than as a single document. Following a risk-based approach too closely holds ‘out the promise that the challenges and complexities of regulation can be rationalised, ordered, managed, and controlled.
