I joined the compliance community back in 2000. At that time the scandals at Enron, Worldcom, Tyco, and Arthur Anderson were yet to come. FCPA was a relatively ill-used combination of four letters, and compliance officers wondered if they could make their compliance training mandatory.
Much has changed. FCPA has led to the growth of compliance programs around the world, the challenge in training is about making it more engaging, and, cyber threats are keeping compliance officers up at night.
The world changes, the risks change, and the public’s expectations for business keep rising. So it behooves us to manage our current risks, but also look to what the next issue, or issues, are going to be. By looking to the horizon we can start preparing, even mentally, for what may come.
[bctt tweet=”What do you think will be the next #compliance risk? @AdamTurteltaub explains ” via=”no”]
So where do we find that next issue? The social responsibility movement is certainly worth watching. Issues such as anti-corruption and conflict minerals were talked about extensively there before they became compliance challenges
Let me be clear, I’m not advocating for compliance officers to start taking over their organization’s CSR efforts. There is HUGE danger in doing so. But, watching what issues are high on the CSR agenda could be an indicator of what may eventually be a compliance issue.
My personal bet of the next big issue is human trafficking. In May, the US Congress passed and the President signed human trafficking legislation. The press is increasingly filled with reports of the problem.
In many ways it’s an issue like FCPA, in that much of the risk comes from third parties. I’m confident that few if any global companies engage in human trafficking. But, sooner or later, some will find that a supplier, or a subcontractor of that supplier, is using forced labor. The public hue and cry will be enormous. The reputational damage will be epic in scale.
The good news is that the infrastructure put in place for vetting third parties for FCPA risks can likely be used here as well. Many companies have already utilized that infrastructure to address sanctions risk.
But for that infrastructure to work, companies need to start using it that way. How many will do so before a scandal breaks is hard to predict.
Regardless, the odds are good that my pick for the next big issue will be wrong. The future is notoriously hard to predict, and a few years ago few, myself included, would have put hacking so high on the agenda.
What do you think will be the next risk? And what should compliance professionals start planning to do about it? Click on the comments link below, and let your colleagues in the profession know you’re your prediction is, and help them start thinking about what’s next for compliance.