This site uses cookies to provide you with a more responsive and personalized service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.

Bookmark Email Print this page

New Survey: Companies Advance Their Compliance Programs, but a Long Road Remains

Reg Pulse

Center for Regulatory Strategies blog

Compliance executives at many companies in heavily regulated industries are wielding more influence, broadening their responsibilities, and better measuring the effectiveness of their programs. But just how far have they come? In a joint effort with Compliance Week, our newly released In focus: 2013 Compliance Trends Survey shows the progress that companies worldwide have made in building and managing their compliance programs – and it’s a mixed bag. For example, while compliance executives now have greater authority at their companies, many still don’t have the resources at hand to develop robust compliance programs.

In March 2013, we surveyed 189 compliance executives representing 22 different major industries, including banking, manufacturing, energy and utilities, and pharmaceuticals. The median annual revenue of surveyed companies was $5 billion and the median workforce was 18,000-plus employees. The in-depth study explored three main questions: Do compliance executives have the right authority and resources to do their jobs? Are they addressing the right risks? And do they use the right metrics to measure progress?

While there’s a lot of useful information in the survey, I’d like to touch on three findings that really stand out.

  • Scraping up resources. Fifty-two percent of respondents said their full-time compliance staff is comprised of five people or fewer. And 47 percent said their compliance budget – including salaries – is less than $1 million annually. This shows that many companies still need to devote greater resources to building rigorous compliance programs.
  • Prioritizing risk. When we asked respondents if their companies are focusing on the right risks, the answers surprised us. For example, while it may seem that vendor management should be a high priority; companies of all sizes rated it on the low end. The following list shows how compliance executives at small and large companies ranked their top priorities.
What are compliance officers’ top responsibilities?
Small companies Large companies
  1. Complaints
  2. Whistleblower hotlines
  3. Testing & monitoring
  4. FCPA compliance
  5. Audit & regulatory findings
  1. Establishing standards of conduct
  2. Whistleblower hotlines
  3. FCPA compliance
  4. Issue escalation & resolution
  5. Complaints
  • Tracking improvement. When it comes to measuring their progress, 31 percent of respondents said they don’t bother. Of course, if they don’t track key performance and risk indicators, then they may not know how their compliance program is performing. And without this knowledge, companies may not be able to meet certain regulatory expectations and requirements.

There’s no doubt that today’s regulatory environment is challenging for many companies. But if the 2013 benchmarking survey tells us anything, it’s that companies need to empower their compliance executives and increase the visibility of compliance programs. This starts with “tone at the top” – clear support from senior management and the board – and extends to the organization’s culture and behaviors. Ultimately, it’s about driving compliance across the enterprise and into the front lines. While the survey results indicate that companies are making progress in several areas of their compliance programs, many still have a long way to go before they reach the level they need to stay ahead of regulators.

Please take a moment to share your thoughts regarding the survey results. Were any of the results surprising to you?

Thomas Rollauer
Executive Director, Center for Regulatory Strategies
Deloitte & Touche LLP


1As used in this document, "Deloitte" means Deloitte LLP and its subsidiaries. Please see for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.

Share this page

Email this Send to LinkedIn Send to Facebook Tweet this More sharing options

Stay connected