2022年全球ESG合规与风险报告（英文版）-波士顿咨询VIP专享VIP免费

下载本文档

阅读 776
格式 pdf
大小 1.69 MB
约13页
2023-07-20
收藏
点赞(0)
海报
举报

2022 GLOBAL ESG,

COMPLIANCE &

RISK REPORT

Value creation amid rising global uncertainty

JEANNE KWONG BICKFORD

MANAGING DIRECTOR AND

SENIOR PARTNER



DR. KATHARINA HEFTER

MANAGING DIRECTOR

AND PARTNER



PIERRE ROUSSEL

MANAGING DIRECTOR

AND PARTNER



MATTEO COPPOLA

MANAGING DIRECTOR AND

SENIOR PARTNER



PAUL O’ROURKE

MANAGING DIRECTOR

AND PARTNER



JULIANE BUTTERS

PROJECT

LEADER



KEN CARLSTEDT

ASSOCIATE DIRECTOR,

GLOBAL TRADE & INVESTMENT



ELISABETH BENAZIR LIPPERT

SENIOR KNOWLEDGE

ANALYST



NICOLA NICOL

MANAGING DIRECTOR

AND PARTNER



LORENZO FANTINI

MANAGING DIRECTOR

AND PARTNER



HANJO SEIBERT

MANAGING DIRECTOR

AND PARTNER



DR. BERNHARD GEHRA

MANAGING DIRECTOR

AND SENIOR PARTNER



DR. JULIA GEBHARDT

MANAGING DIRECTOR

AND PARTNER



REI TANAKA

MANAGING DIRECTOR

AND PARTNER



TAD ROSELUND

MANAGING DIRECTOR AND

SENIOR PARTNER



JANNIK LEIENDECKER

PARTNER AND

ASSOCIATE DIRECTOR



0302

THE AUTHORS

The global regulatory environment has grown increasingly complex, and now spans a far broader range of issues than in the



such as sanctions and trade compliance and supply chain risks, as well as a general rise in regulation and regulatory

enforcement, especially in the environmental, social and governance (ESG) area. To compound matters further, the pace of

change will only accelerate in a highly networked and digitized world.

However, this new world should not only be seen as a challenge to overcome, but also as an opportunity to create value for

the company and forge ahead of rivals. As regulators raise the bar for all kinds of risks, the compliance function is set to play

a pivotal role in managing these regulatory developments successfully and steering organizations through crises. For example,

the proliferation of sanctions over the past year has shone a new light on the crucial role of compliance departments in all

industries. Similarly, headlines exposing greenwashing clearly demonstrate how important compliance departments are in





determine the role of their compliance function for these risks, and then optimize the function so that it lives up to the



risk. Companies that succeed in this endeavor will gain sustainable competitive advantage, boost customer loyalty and trust,

attract and retain talent, and enhance their reputation for acting responsibly in a testing business environment.

But exactly how are companies reacting to the changing compliance landscape in order to gain an advantage and get closer

RISK AND COMPLIANCE SURVEY FROM 2021, we repeated

the exercise in May and June 2022, this time with the goal of identifying and then analyzing the core issues relating to risk

and compliance. We interviewed 250 compliance professionals from companies across various industries around the world,





function, and how companies in general are coping with various types of risk and the myriad growing uncertainties in the

global landscape.

In a more complex world, simply writing policy guidelines and instructing employees to follow the rules will not be enough



circumstances, rules, regulations, and expectations develop. The goal of this study is to provide companies with the perspective

and tools they need to develop their compliance strategy, and then implement it successfully in the face of diverse and

evolving compliance risks.

COMPLIANCE MANDATE

The clearer the mandate of the compliance function, the more it can create value for the company.

GEOPOLITICS



to volatile developments in supply chains and sanctions, the company will prove more resilient during

times of geopolitical tension.

ESG COMPLIANCE

Taking concerted action to mitigate risk of ESG regulation enforcement only works if the gaps



DIGITIZATION



the opportunity to reduce the cost of compliance.

CYBERSECURITY





business performance and lead to an erosion of customer trust.

BUSINESS ETHICS



a sustainable compliance awareness across the organization.

WORKFORCE

A strong workforce strategy, involving carefully considered recruitment, training, and retention,

is essential in unleashing the potential for compliance as a competitive advantage.

INTRODUCTION

Our analysis revealed the following seven core topics and conclusions:

/13

下载本文档

文本预览下载提示常见问题

2022GLOBALESG,COMPLIANCE&RISKREPORTValuecreationamidrisingglobaluncertaintyJEANNEKWONGBICKFORDMANAGINGDIRECTORANDSENIORPARTNERBICKFORD.JEANNE@BCG.COMDR.KATHARINAHEFTERMANAGINGDIRECTORANDPARTNERHEFTER.KATHARINA@BCG.COMPIERREROUSSELMANAGINGDIRECTORANDPARTNERROUSSEL.PIERRE@BCG.COMMATTEOCOPPOLAMANAGINGDIRECTORANDSENIORPARTNERCOPPOLA.MATTEO@BCG.COMPAULO’ROURKEMANAGINGDIRECTORANDPARTNERO’ROURKE.PAUL@BCG.COMJULIANEBUTTERSPROJECTLEADERBUTTERS.JULIANE@BCG.COMKENCARLSTEDTASSOCIATEDIRECTOR,GLOBALTRADE&INVESTMENTCARLSTEDT.KEN@BCG.COMELISABETHBENAZIRLIPPERTSENIORKNOWLEDGEANALYSTLIPPERT.ELISABETH@BCG.COMNICOLANICOLMANAGINGDIRECTORANDPARTNERNICOL.NICOLA@BCG.COMLORENZOFANTINIMANAGINGDIRECTORANDPARTNERFANTINI.LORENZO@BCG.COMHANJOSEIBERTMANAGINGDIRECTORANDPARTNERSEIBERT.HANJO@BCG.COMDR.BERNHARDGEHRAMANAGINGDIRECTORANDSENIORPARTNERGEHRA.BERNHARD@BCG.COMDR.JULIAGEBHARDTMANAGINGDIRECTORANDPARTNERGEBHARDT.JULIA@BCG.COMREITANAKAMANAGINGDIRECTORANDPARTNERTANAKA.REI@BCG.COMTADROSELUNDMANAGINGDIRECTORANDSENIORPARTNERROSELUND.TAD@BCG.COMJANNIKLEIENDECKERPARTNERANDASSOCIATEDIRECTORLEIENDECKER.JANNIK@BCG.COM0302THEAUTHORSTheglobalregulatoryenvironmenthasgrownincreasinglycomplex,andnowspansafarbroaderrangeofissuesthaninthepast.Compliancefunctionshavebeenheavilyaffectedasaconsequence.Theymustdealwithmultiplegrowingchallenges,suchassanctionsandtradecomplianceandsupplychainrisks,aswellasageneralriseinregulationandregulatoryenforcement,especiallyintheenvironmental,socialandgovernance(ESG)area.Tocompoundmattersfurther,thepaceofchangewillonlyaccelerateinahighlynetworkedanddigitizedworld.However,thisnewworldshouldnotonlybeseenasachallengetoovercome,butalsoasanopportunitytocreatevalueforthecompanyandforgeaheadofrivals.Asregulatorsraisethebarforallkindsofrisks,thecompliancefunctionissettoplayapivotalroleinmanagingtheseregulatorydevelopmentssuccessfullyandsteeringorganizationsthroughcrises.Forexample,theproliferationofsanctionsoverthepastyearhasshoneanewlightonthecrucialroleofcompliancedepartmentsinallindustries.Similarly,headlinesexposinggreenwashingclearlydemonstratehowimportantcompliancedepartmentsareinguidingimplementationoftherelevantrequirements.Inthesedemandingconditions,companiesneedtodefinethetermsoftheircompliancemandatefortheirrelevantrisks,determinetheroleoftheircompliancefunctionfortheserisks,andthenoptimizethefunctionsothatitlivesuptothemandate.Tocreatevalue,thecompliancefunctionneedstofulfilldifferentroles,accordingtotheparticulartopicandspecificrisk.Companiesthatsucceedinthisendeavorwillgainsustainablecompetitiveadvantage,boostcustomerloyaltyandtrust,attractandretaintalent,andenhancetheirreputationforactingresponsiblyinatestingbusinessenvironment.ButexactlyhowarecompaniesreactingtothechangingcompliancelandscapeinordertogainanadvantageandgetclosertotheirTargetOperatingModel(TOM)?FollowingourfirstRISKANDCOMPLIANCESURVEYFROM2021,werepeatedtheexerciseinMayandJune2022,thistimewiththegoalofidentifyingandthenanalyzingthecoreissuesrelatingtoriskandcompliance.Weinterviewed250complianceprofessionalsfromcompaniesacrossvariousindustriesaroundtheworld,andaskedthemtonametheforemostissuesandchallengesfacedbycomplianceorganizations,andhowaretheyfulfillingtheircompliancemandates.Inaskingthesequestions,wewantedtobuildacompletepictureoftheriskandcompliancefunction,andhowcompaniesingeneralarecopingwithvarioustypesofriskandthemyriadgrowinguncertaintiesinthegloballandscape.Inamorecomplexworld,simplywritingpolicyguidelinesandinstructingemployeestofollowtheruleswillnotbeenoughtostayaheadofthegame.Everycompanyneedsastrategynotjusttomanagecurrentrisksbutalsotoadaptquicklyascircumstances,rules,regulations,andexpectationsdevelop.Thegoalofthisstudyistoprovidecompanieswiththeperspectiveandtoolstheyneedtodeveloptheircompliancestrategy,andthenimplementitsuccessfullyinthefaceofdiverseandevolvingcompliancerisks.COMPLIANCEMANDATETheclearerthemandateofthecompliancefunction,themoreitcancreatevalueforthecompany.GEOPOLITICSIfacompanyisequippedwithcrisisresponseplans,andwithproceduresforswiftactioninresponsetovolatiledevelopmentsinsupplychainsandsanctions,thecompanywillprovemoreresilientduringtimesofgeopoliticaltension.ESGCOMPLIANCETakingconcertedactiontomitigateriskofESGregulationenforcementonlyworksifthegapsbetweenESGexpectationsandtherealityaresignificantlynarrowed.DIGITIZATIONAdequateoperatingmodelsenablecompaniestomeetfuturechallengesandseizetheopportunitytoreducethecostofcompliance.CYBERSECURITYInsufficientinvestmentincybersecurity,resilienceandtesting,resultinginafailuretokeeppacewithdigitizationorrespondtoescalatingcyberthreats,couldhaveasignificantimpactonbusinessperformanceandleadtoanerosionofcustomertrust.BUSINESSETHICSConsequentimplementationofadefinedethicalcultureisthecrucialsteptoestablishasustainablecomplianceawarenessacrosstheorganization.WORKFORCEAstrongworkforcestrategy,involvingcarefullyconsideredrecruitment,training,andretention,isessentialinunleashingthepotentialforcomplianceasacompetitiveadvantage.04INTRODUCTION05Ouranalysisrevealedthefollowingsevencoretopicsandconclusions:1.2.3.4.5.6.7.Againstabackgroundofdiverseandevolvingcompliancerisksandrisinguncertainties,settingoutthecompliancemandateandtheroleofthecompliancefunctionfordifferenttypesofriskiscritical.Thesurveyrevealsthatcomplianceorganizationsarealreadydealingwithawiderangeofriskcategories:fraudandfinancialcrimerisk,competitionrisk,informationsecurity/informationtechnologyrisk,corporateandcapitalmarketrisk,andemployeerisk.Interestingly,ouranalysisrevealsthatkeyESG-relatedtopics,suchassustainability,environmentallawandhumanrights,areonaverageonlyincludedinthecompliancemandatesofaroundhalftotwothirdsoforganizations.FIGURE1:OURFINDINGSAREBASEDONFEEDBACKFROM250COMPANIES…INDUSTRIESCOMPANYSIZE(#FTE)PARTICIPANTSCOMPANYREVENUE32%5%13%33%17%REGIONSFIGURE2:KEYRISKSUNDERCOMPLIANCEMANDATE(IN%)Thispointhighlightsacrucialthemewhenitcomestothevaluecreationambitionsofacompliancefunction-theimportanceofcross-collaborationinESG,riskandcompliancemanagement.Themanagementofriskisnotthesolepreserveofthecomplianceandriskfunctions.Individualdepartmentshaveinthepastoftenusedtheirownpiecemealriskmanagementmethodstokeepupwithregulations.Onefrequentexampleistheprocurementdepartment.Thissiloedresponsefailstoprotectthebusinessfromfinancialpenaltiesandnegativepublicopinion.Asmanyrisksaffectavarietyofdepartmentsandprocesseswithinanorganization,effectivecollaborationisvital.Thekeytocreatingtruevaluefromthesecross-functionalcollaborationsisacleardelineationofroles,settingoutwhichfunctionhasoverallownershipofaparticulararea,andwhichisresponsibleforeachpartoftheprocess.Theroleofthecompliancefunctioncanrangefromadvisortocentraloversight.Onereal-worldexamplewouldinvolvecompliancedepartmentscollaboratingcloselywiththeircolleaguesinsoftwareandproductdevelopmentduringagiledevelopmentphases,makingsurethattheyareinvolvedearlyintheprocessandachievingspeedtooutput.DATAPROTECTIONLAWMONEYLAUNDERING/TERRORISTFINANCINGCYBERSECURITYREGULATIONSINTERNALTHEFTANDFRAUDTRADELAW(IMPORT/EXPORT)SUSTAINABILITYOTHERCOMMERCIALCRIMINALLAWHUMANRIGHTSCORPORATEGOVERNANCERULESDIVERSITY&DISCRIMINATIONSTANDARDSEXTERNALTHEFTANDFRAUDBRIBERY/CORRUPTIONANTITRUSTLAWENVIRONMENTALLAWEMBEZZLEMENT1ComplianceMandate/2Geopolitics/3ESGCompliance/4Digitization/5Cybersecurity/6BusinessEthics/7Workforce94%93%89%87%79%75%74%66%65%64%62%56%54%52%49%06COMPLIANCEMANDATE:Emphasizingvaluecreation1.07SURVEYPARTICIPANTSMuchoftheeverydayworkofcompliancefunctionsiscurrentlytakenupwithrespondingtotherequirementsofeconomicandtradesanctionsduringgeopoliticaltensions,andwiththehandlingofglobalcrisessuchasthepandemic.Asthesanctionslandscapebecomesmorecomplexanddynamic,sanctionscompliancesystemsmustbecomemoresophisticatedinresponse,andmustinterfaceseamlesslywithbroadertradecompliancecapabilities.Resoluteconsensusamonggovernmentsisforcingcompaniestotakeapoliticalstance,willinglyornot.Thishasbecomeparticularlytruewitheconomicflowsbeingincreasinglyusedasastrategicweaponinforeignandsecuritypolicy.Companiesneedtobecarefulnottocircumventthegrowingnumberoffinancialandtradesanctions,includingtherecentwaveofexportcontrolsrelatedtohigh-endsemiconductors.Theyneedtodevelopacomprehensiveorganizationalstrategythatallowsthemtomonitorthedetailsofanavalancheofnewlyintroducedsanctionsandrespondaccordinglyinatimelymanner.Thelimitedambitionsimplytofollowruleswillnotbesufficientinaworldthatismovingsoquickly.Thisyear’ssurveyshowsthatsanctionsandtradecompliancehavebecomeevenmoreimportanttocomplianceorganizations,andnowranksamongthetopfivekeytopics.Thisisajumpof15placesfromourprevioussurveyin2021.Evenwithoutchangesinregulatoryorgovernmentalrequirements,anykindofupheavalcandestabilizetheenvironmentinwhichthecompaniesareoperating.Theglobalpandemicissuchanexample,anditshowshowdisruptionsinsupplychainscanposeamajorthreattomultinationalcompanies.Decisionshadtobetakeninashortertimespan,whilenewbusinesspartnershadtobeonboardedornewtraderoutesidentified.Regularprocesseshadtobeexpeditedanddifferentprocessesimplemented.Allthesechangesincreasedtheriskofinsufficientduediligenceorofoverlookingrequirements.Reactiontotheseglobalcrisesinmanycompanieshasoftenbeentooslow.Acompany’spreviousworktoestablishtransparencyontheserisksaswellasitspreventivemeasureswerebothcrucialduringthesetimesandhavecertainlypaidoff.Thereisclearlyaneedforcrisisresponseplanswhichfacilitateswiftdecisionmakinginrelationtovolatiledevelopmentsinsupplychainsandgovernmentsanctions,asnumerousjurisdictionscontinuetoimplementandenforcelocalregulations.Unsurprisingly,givendevelopmentsinEuropeoverrecentmonths,surveyparticipantsforthefirsttimerankgeopoliticaltensionsasakeytopicforcomplianceorganizations(itisrankedatnumber11).Thiscorrelatestotheupwardjumpinsanctionsandtradecompliance,asgeopoliticaltensionsleadtoexpandedtraderegulationsandretaliations.Arobustcomplianceoperatingmodelensuresresilienceagainstexternalshocksanduncertaintiesandstrengthenscrisismanagement.Themajorchallengeincrisismanagementissimultaneouslyhandlingamultitudeofissuesthatdemandabroadrangeofskillsandcapabilities.FIGURE3:KEYTOPICSFORCOMPLIANCEORGANIZATIONS1ComplianceMandate/2Geopolitics/3ESGCompliance/4Digitization/5Cybersecurity/6BusinessEthics/7Workforce08GEOPOLITICS:Respondingtoglobalevents2.09CYBERSECURITY(incl.Datasecurity)62%BUSINESSETHICS52%DIGITIZATION&DATAANALYTICS42%ESG(Environmental,socialandgovernance)42%SANCTIONS/TRADECOMPLIANCE36%DIVERSITY&RACIALEQUITY34%M&A(incl.duediligenceoftarget’sbusinesspartners)30%Newbusinessmodels26%Globalharmonizationofstandards/regulation23%EUDirectiveonCorporateSustainabilityDueDiligence,GermanSupplyChainDueDiligenceAct22%Needforefficiencygains20%GEOPOLITICALTENSIONS17%DigitalMarketsAct(DMA)16%EUWhistleblowerProtectionDirective(2019/1937)15%EUDigitalServicesAct(DSA)14%EUAMLActionPlan14%EUTaxonomyforsustainableactivities("Greentaxonomy")13%Adversemediacoverage(e.g.InfluencerMarketing)12%EUArtificialIntelligenceAct(Draft)10%Environmental,socialandgovernance(ESG)issueshavebecomeacriticalcomponentofmodernbusinesspractices.Thereasonsareclear–risingregulatoryexpectations,anincreasingawarenessofthethreatofglobalwarming,andmoreconcernabouttheimpactofcompanyoperationsontheworldaroundthem.Since2018,authoritiesworldwidehaveissuedmorethan170neworamendedESGregulations.GuidelinessuchastheEUCorporateSustainabilityReportingDirective(CSRD)aresettobefurthercodifiedbyclearstandardscurrentlybeingdevelopedbytheEuropeanFinancialReportingAdvisoryGroup(EFRAG)(seetherecentlypublishedBCGpaper“ESGCOMPLIANCEINANERAOFTIGHTERREGULATIONS”).CompaniesmusthandlechangingESGregulationsontopicssuchasclimatechange,humanrights,anddiversity.Giventhemajorgapbetweenexpectationsandcurrentreality,ESGcompliancehasplacedcompaniesunderconsiderablepressure.Whilecross-divisionalcollaborationcanhelptoaccelerateactionandmitigatetheriskofregulatoryenforcementorlosinginvestorsandclients,breachesofso-calledsocialcomplianceleadtosignificantreputationalrisks.TheincreasingimportanceofESGisclearlyreflectedinoursurveyresults,irrespectiveoftheparticularcompany’sregion,industryorsize.Asignificantproportion(43%)ofrespondentsselectedESGasoneofthetopfivetrendsortopicsthataremostrelevantfortheircomplianceorganization.Moreover,alargemajority(79%)reportedthattheircommitmenttoESGhasintensifiedoverthepasttwoyears.ThisisinpartbecausetheyseeanotableincreaseintheamountofESGregulation,andgreaterenforcementoftheseregulationsforcompanieswhichengageingreenwashingorhavenotimplementedtherequiredchangestotheirproducts,services,reportingmechanismsororganizationalstructure.Indeed,approximately60%ofrespondentssaythatregulatorsarehavingthegreatestimpactontheirESGefforts.Afterregulatorsintherankingcomecustomers(48%),andemployees(47%).Respondentsarefullyawarethatincreasingregulatorydemandsthreatenacompany’ssurvival.IfitspursuitofESGislessthancomprehensive,itwillbuckleundertheweightofsanctionsandaworseningreputation.DEEPDIVE:THENEEDFORANHOLISTICAPPROACHInFebruary2022,theEUCommissionadoptedaproposalforadirectiveoncorporatesustainabilityduediligence.Theaimofthisdirectiveistofostersustainableandresponsiblecorporatebehavior,andtoanchorhumanrightsandenvironmentalconsiderationsincompanies’operationsandcorporategovernance.ThedraftregulationrequireslargeEUcompanies,andsomenon-EuropeancompanieswithsignificantbusinessoperationsinEurope,toassesstheiractualandpotentialhumanrightsandenvironmentalimpactthroughouttheiroperationsandtheirsupplychains,andtotakeactiontoprevent,mitigate,andremedytheharmstohumanrightsandtheenvironmentthathavebeenidentified.Similarly,thesoon-to-be-implementedGermanSupplyChainDueDiligenceActisdesignedtoprotecthumanrightsandtheenvironmentinsupplychainoperations.Companiesneedtorespondwithaholisticratherthanasiloedapproach.Indeed,agovernancetriangleshouldbeformed:theprocurementfunctionshouldexaminevendorsindetail;thehumanresourcesfunctionshouldlookathowemployeesaretreatedinthesupplychain;andahumanrightsdepartmentcanbeintroducedtoconsolidatethecompany’soverallapproachandmanagereporting(seerecentlypublishedBCGpaper“MANAGINGSUPPLYCHAINRISK–ANUPDATEONLEGALANDSTRATEGICREQUIREMENTS”).Somejurisdictions,suchasAustralia,actuallyhavearegulatoryrequirementtonominateahumanrightsofficer.AholisticprocessisalsonecessaryforESGmeasurement,steeringandreporting,wheresimilarmethodologiesshouldbeusedthroughouttheorganization.Thesurveyrevealsthattheroleofthecompliancefunctiondiffersfromcompanytocompany.ItcanrangefromoversightoverallESGtopicstoresponsibilityforcertainselectedareas.TheroleofthecompliancefunctionforESGineachcompanyshouldbeappropriatefortherelevantbusiness,operatingmodelandESGfactors.However,giventhatESGspansseveralexistingriskcategoriesthattypicallyfallwithinthecompliancemandate,thecompliancefunctionusuallyplaysanimportantroleinESGmanagement.Inparticular,itsexperienceofriskmanagementsystemsshouldbesoughtwhensettingupgovernance,standardsandreportinglinessothatthecompliancefunctioncancreatethegreatestpossiblevalueinagivenarea.1ComplianceMandate/2Geopolitics/3ESGCompliance/4Digitization/5Cybersecurity/6BusinessEthics/7WorkforceFIGURE4:MAINDRIVERSFORESGEFFORTS020406022%26%47%48%58%10ENVIRONMENTAL,SOCIALANDGOVERNANCE(ESG):Meetingstakeholderexpectations3.11Dealingwithburgeoningregulationcaneasilyleadtospiralingcosts.Sohowthendocompaniesandtheircompliancefunctionsmanagetoinjectefficiencyintothisprocesswhilestilloperatinginthemosteffectivewaypossible?Digitizationisthemostcommonanswertothisquestion.However,itisimportanttohaveacleardefinitionofwhatthisentails.Companiesneedtounderstandwhattheirproblemsare,whatneedstobedoneandhowdigitizationcanhelptoreachtheseobjectives.Upgradingthefrontendwhiletheback-endprocessesarestillmanualandinefficientdoesnotadduptogenuinedigitization.Cross-divisionalcollaborationforrethinkingtheend-toendclientjourneysisnecessary,focusingatalltimesonwhatbenefitstheclientexperience.Inthatregard,digitizationcancertainlycontributegreatlytoraisingefficiency,forexamplebystreamlininglabor-intensiveprocessessuchasKnowYourCustomer(KYC),transactionmonitoring,screeningandriskassessments,makingcontrolsmoreautomatedanddata-driven,andreporting.Automateddocumentcaptureandread-outofrelevantdatasuchas“useofgoods”canreducethecostofcomplianceanderrorrates(see,forexample,theBCGLinkedInarticle“FUTUREPROOFINGCOMPLIANCEWITHTECHNOLOGY&DIGITAL”).Despitedigitization’spotential,manycompaniesarenotproperlypreparingtheiroperatingmodeltomeetfuturechallenges,andaremissingtheopportunitytoreducethecostofcompliance.Indeed,aTOMandanintegratedarchitecture(processes,data,applications,andtools)areoftenlacking,despitethefactthatdigitizationrequiresanoverarchingstrategyandclearobjectives.Forexample,universalbankshaveofteninvestedintoolswhichcomefromvarioussourcesandaredisconnectedfromeachother.Asaresult,businessesoftenlacksupportwhenitcomestodata,artificialintelligence,anti-financialcrimeandfraudefforts,andgettingaheadinthewarfortalent.Respondentstooursurveycertainlyseetheimportanceofdigitization.Theyciteddigitizationanddataanalyticsasoneofthetopfivetrendsincompliance,andonethirdofrespondentspointedtoitasakeychallengefortheircomplianceorganization.Moreover,theintegrationofbusinessanddigitalgoalsisseenasamajorchallengeamongtheparticipants.Morethanhalf(54%)claimtheyarewellorverywellpositionedtoadapttothedigitizationtrend.However,moredetailedquestionsondigitizationmaturityshowthereismuchworkstilltobedone.Althoughthemajoritysaytheyarewellorverywellpositionedtoadapttothedigitizationtrend,morethanhalfofrespondents(52%)statethattheyhavenotadvancedveryfaralongthisroad.Theyareonlyjuststartingtoairideasandintroducepilotsforone-offdigitalinitiativeswithinselectedpartsoftheircomplianceorganization,butarenotfullyawareofthedigitalusecasesthatexist.CompanieswithamoreadvancedComplianceTOMappeartohavestartedthedigitizationjourneyearlier.Theyaremoreawareoftheroledigitalcanplay,andunderstanddatastrategy.ThosewhosaytheyhavemadeconsiderableprogressattributetheirsuccesstomakingdigitalcompliancetheirtoppriorityandanintegralpartoftheCEOagenda.ThisfindingreaffirmsthehypothesesreachedintheBCGESG,COMPLIANCEANDRISKREPORT2021.Attheotherendofthescale,24%ofrespondentsadmittedtheyaredealingwiththedevelopmentofdigitalcompliancestrategyeitherpoorlyorverypoorly.Indeed,respondentsateverylevelofcompliancematuritysaidtheyarestillworkingonthedevelopmentofafullydigitizedcompliancefunction.FIGURE5:DIGITIZATIONREADINESSFIGURE6:DIGITIZATIONREADINESS1ComplianceMandate/2Geopolitics/3ESGCompliance/4Digitization/5Cybersecurity/6BusinessEthics/7Workforce6%35%31%10%0204018%020406012DIGITIZATION:Makingupforlosttime4.13Theeffectiveapplicationoftechnologyincompliancerequiresexcellentplanningandcarefulorchestrationofmanydifferentelements.Companiesneedtobeabletoanalyzethevendorlandscape,andensurethattheselectedcompliancetechnologyfitsneatlywithoperationalneeds.Thisinturnrequiresdeepknowledgeofdataprotectionregulationindifferentjurisdictions,andaninnovative,digitallyorientedmindset.Aswithcybersecurity,thecomplianceworkforcemustcompriseadiverserangeofsubjectmatterexpertsifitistoimplementasuccessfuldigitalcompliancestrategy.Thereisagrowingdemandforcyberriskprofessionals,whocanbringriskdomainexpertisetoaddresstheincreasingrisksofcyberattacksandcompromise.Indeed,theslowpaceofdigitizationwithinthecompliancefunctioncanbemainlyputdowntoalackofsufficientknow-howandtools.Manycompaniesarekeentotackletheknow-howgapbydevelopingacomprehensivepeoplestrategytoattracttalentwiththerequiredexpertisetoexploitthepotentialofdigitalacrossthecomplianceunit.Agoodexampleofsuchupskillingeffortswouldinvolvebuildingupahubteam,staffedwithdatascientistsandengineers,aswellasaspoketeam,comprisingdatascientistsandengineerswhoonlyworkwithcompliance-relatedprojectsandhencebuildsubjectmatterexpertise.AscompaniesdeploytransformativeArtificialIntelligence(AI)tools,theymustensurethattheyintroducethesesolutionsinaresponsibleway,mitigatinganypotentialriskstotheirbusinessandprotectingconsumers.WiththeimminentarrivaloftheEuropeanUnion’sAIAct,oneofthefirstbroad-rangingregulatoryframeworksonAI,thefailuretoimplementResponsibleAIsuccessfullywillleadtoseriousimplications(seeBCGpaper“RESPONSIBLEAIFORANERAOFTIGHTERREGULATIONS”).TohavepeoplewhoarecarefullyanddiligentlyworkingonandlearningfromthesetechnologiesisofcriticalimportancefororganizationsandforthepeoplewhowillsuffertheconsequencesofAIsystemsthatarenotequippedwithethicalguardrails.Increasingimpactsfromcyberandprivacyattackscontinuetoescalateinprominenceandfrequency.Ascompaniesoperateinanincreasinglydigitizedway,themoretheywillneedtoassessandenhancetheircyber-resilience.Whenaskedwhichtopicwasmostrelevantfortheircomplianceorganizations,theclearwinnerwascybersecurity.Indeed,thetopicwascitedby62%ofrespondents,10percentagepointsmorethanbusinessethics,thenextmostcitedtopic.Thiscomesasnosurprise,giventheconsiderablerisks—tothebusiness,customers,andreputation—inneglectingcybersecurity.Cyberthreatactorsarebecomingmoreaggressive,moresophisticated,morepersistentandmoresuccessful.Companieshavethereforebeenstrengtheningtheircommitmenttocybersecurity,especiallyamidheightenedgeopoliticaltensions.Manycompaniesdonotyethaveadequatecybersecuritycapabilities,managementandgovernanceprocesses,withinsufficientinvestmentinsecurity,resilienceandtesting.Theycurrentlylacktherightmonitoring,controlsandwarningindicatorstobothprevent,respondtoandrecoverfromcyberthreats.Lackofsecurityinvestment,resultinginafailuretokeeppacewithdigitalinvestment,canexactahighpriceatanunknownlaterdate.Regulationistighteninginthisspheretoo,forexamplewiththeCyberIncidentReportingforCriticalInfrastructureAct,signedintolawintheUnitedStatesin2022.ThelawsoughttoensurethatcriticalprivatesectorentitiesreportcyberincidentsandransomwarepaymentstotheUSgovernment.Itisthereforeencouragingthat73%ofrespondentssaytheyarealreadywellorverywellpositionedtoimproveperformanceinthisregard,thankslargelytothefactthattheircompliancemandatesincludecybersecurityregulationsanddataprotectionlaws.FIGURE7:CYBERSECURITYREADINESS1ComplianceMandate/2Geopolitics/3ESGCompliance/4Digitization/5Cybersecurity/6BusinessEthics/7Workforce1%3%23%43%30%02040601415CYBERSECURITY:Addressingcriticalgaps5.StrongcybersecurityalsorequiresgoodITinfrastructuremanagement.However,morethanathird(38%)ofrespondentssaythatadequateITinfrastructureremainsoneoftheirthreebiggestchallenges,and27%saytheyarenotwellequippedtodealwithit.Toovercomethesechallengesandrapidlyimprovecybersecurity,acommittedseniormanagementmustimplementatop-downstrategywithapersistentemphasisonidentifyingandprotectingtheirhighestriskassets,whilethecompliancedepartmentsshouldalwaysbecloselyinvolvedtoensurethatkeyregulatorydevelopmentsaremanagedandgovernedeffectively.Companieswillneedtointroducearangeofcross-functionalinitiatives,designedtoencouragecollaboration,andspreaddiversesubjectmatterexpertiseamongbusinessunitsandcorporatefunctions.Suchcollaborationiscritical,withthegoalofestablishingresilientcybersecurityprocessescomprisingvariouselements,suchasIT,operationalrisk,businesscontinuity,anti-fraudanddataprotection.Acriticalelementofcybersecurityiseffectivestaffeducationandawarenessoftherequiredcyberpractices.Stolencredentialsareresponsibleformorethanhalfofransomwareattacks,notleastbecausepasswordssuchas“123456”or“qwerty”arestillverycommonlyused.Enforcingpasswordrequirements,multi-factorauthenticationandapplyingsecuritypatchesareimportantcontributoryfactorstotheeffectivepreventionofattacks.Threatsandriskswillstillflourishifcompaniescontinuetooverlookthehumanelementofcybersecurity,nomatterhowsubstantialtheinvestmentinsecuritytoolsandnetworkdefense.Thefirst,andinthiscontextthelast,lineofdefenseagainstcyberattacksneedstobeenabledinordertoensuresecureoperations.Organizationsshouldprovideemployeeswithtime,education,andresourcestolearnmoreaboutcybersecurity,andtakeahuman-centricapproachtodesigningtraining,cyberpracticesandincidentresponsesintheeventofattacks.Aboveall,companiesneedtoknowwhatcyber-riskprofiletheyareaimingtoachieve,andwherethemostimportantgapsremain.Scenario-drivenexercisesthatsimulatecyberattacksassistteamstobuildanddevelopthecriticalskillsandexperienceneededforeffectiveincidentresponse.Acomprehensivecybersecuritystrategyisnecessary.Itshouldbesupportedbymanagementandreceivetherequiredlevelofinvestmenttomaintaintheorganization’scyber-riskprofilewithinitsriskappetite.Aninnovativeapproachwouldbetobringcustomersandotherstakeholdersonboardinstrivingtoboostcybersecurity.Atrendexistsatthemomenttoofferhackersabonus(bugbounties)iftheymanagetoentertherelevantcompany’ssystemandthenlogandreporttheiractivity.Moreover,thereisanincreasingfocusoncollaborationandinformationsharingbetweenorganizations,industrysectors,governmentsandconsumers.Cyberisacollectiveproblem,requiringacollectiveresponse.StrongcybersecurityalsorequiresgoodITinfrastructuremanagement.However,morethanathird(38%)ofrespondentssaythatadequateITinfrastructureremainsoneoftheirthreebiggestchallenges,and27%saytheyarenotwellequippedtodealwithit.Acultureofintegrity,whereemployeesactuallypracticewhatthecompanypreachesonethicalbusinessbehavior,nurturesprudentdecisionmakingindifficultsituationsandelevatescompliancedepartmentstothepositionofinfluentialandsought-afteradvisor.Theimportanceofthistopicwasclearlyreflectedinoursurvey.Morethanhalfofallrespondents-regardlessofindustryandregionormaturitystage-includedbusinessethicsamongthetopfivetopicsmostrelevanttotheircomplianceorganizations.Allrespondentssaidthatbusinessethicsisakeycomponentofpropergovernance.Giventhesignificanceattachedtothisarea,companiesarekeentopromoteethicalbehaviorintheirbusinesspractices.Ahighpercentage(79%)rankthemselvesaseitherwellorverywellpositionedinthisregard,whilejust4%saytheyarepoorlyorverypoorlyprepared.Respondentsgenerallyagreethattheirwrittencodesofconductarenowwellestablished,andhavebeenclearlycommunicatedtoallemployees(70%).Moreover,amajorityreportthattheircompliancemandatesincludespecificrisksrelatedtobusinessethics.FIGURE8:TRENDADAPTIONBUSINESSETHICSHowever,oursurveysuggeststhatmanycompaniesstillstruggletocreateeffectivewhistleblowingsystemsthatpromoteacultureofspeakingoutinresponsetonon-compliantbehavior.1ComplianceMandate/2Geopolitics/3ESGCompliance/4Digitization/5Cybersecurity/6BusinessEthics/7Workforce161%3%18%31%48%17BUSINESSETHICS:Establishingacultureofintegrity6.0204060Givenitsimportanceintheeffectivenessofwhistleblowing,itisperhapsnotsurprisingthatasignificantnumberofparticipants(30%)statethatcultureisoneoftheirtopfiveoverallcompliancechallenges.Asustainableethicalculturewithrobustcomplianceandastrongsenseofintegrityleadstothreemajorcommercialbenefits:itcreateseconomicadvantageforcompanies,preventssubstantialfinesandreputationaldamage,andhelpstoattractandretainkeytalent.Butwhatarethenecessaryelementsthatcombinetocreatesuchasustainablecomplianceculture?Oneimportantsuccessfactor,widelyacceptedinthecompliancecommunity,isclearleadershipbehavior.Thesuccessofanethicalculturegreatlydependsonexecutivessettingthetonefromthetop,actingasrolemodelsinlivinguptoculturalstandards.Onequarterofourrespondentssaythatestablishinga“senseofurgencyfromseniormanagement”isamongthetopfivechallengesfortheircomplianceorganization.Everyemployeeshouldbefullyawarethatcompliantbehaviorisvitallyimportantforthewholeorganizationandthatseniormanagementwillbeheldaccountableforanymisconduct.Companiescanfinditdifficulttoestablishacomplianceculturethatincentivizesemployeestoliveacultureofintegrityandindulgeintherightbehaviors.Makingguidelinessimplerforemployeeswouldcertainlyhelp.Anunwieldynumberofrulesthataredifficulttoputintopracticehinderseffectiveandsuccessfulcompliance.Makingtheprocessesuser-friendly,ontheotherhand,willboostcompliancewithstandardsandfosteranethicalculture.Thetargetcultureshouldbearticulatedclearly,providingenoughusecasestodemonstratetheconnectionbetweenconceptandbusinesspractice,sothatemployeesallimmediatelyrecognizewhatcorrectbehaviorlookslikeandcanreportthingstheybelievearenotright.Certainfactorsthatarevitalinbuildingtherightculture-thetonefromthetop,accountability,incentivesandcommunication-canbemeasuredandcontrolled.Indeed,dataandtechnologycanbeputtogoodusehere.Digitizationcancertainlyalsomakeitmorestraightforwardforemployeestobecompliantduetothegreatereaseofcommunicatingandfollowingdueprocess.SeealsotheBCGpublicationPERSPECTIVESONMONITORSHIPSANDSUCCESSFULCOMPLIANCETRANSFORMATION–ABCGCOMPLIANCEMAGAZINESPECIALISSUE.DEEP-DIVE:WHISTLEBLOWINGRecentregulatoryactionhasmadewhistleblowingaclearpriorityforallcompliancedepartments.In2019,forexample,theEuropeanUnion(EU)passedtheirWhistleblowerDirective,aimedatprotectingwhistleblowers.By2023,companieswithmorethan250employeesinscopeoftheGermanSupplyChainDueDiligenceActmustimplementasysteminwhichemployeesandexternalthirdpartiescanreportpotentialmisbehavior.In2019,theEUpassedtheEUWhistleblowerDirective,aimedattheprotectionofwhistleblowers.FromDecember2021,companieswithmorethan250employeeshaveneededtoimplementasystemwhereemployeesandthirdpartiescanreportpotentialmisbehaviorTheseorganizationsthereforeneedtoputinplaceacomplaintsmechanismwhereallpeople,regardlessoftheirconnectiontothecompany,canreportincidentsrelatingtoviolationofhumanrightsandcertainenvironmentalprotectionlaws.Whistleblowerscanchoosetoreporttheirconcernseitherinternallyortoexternalauthorities.Inspecificcircumstances,theycanevenreporttheirconcernspublicly,throughsocialmediaforexample,leadingtoreputationaldamage.Theidentityofwhistleblowersandanythirdpartiesmentionedmustalwaysremainconfidential.BecauseESG,riskandcompliancehavebecomemorecomplex,andthedemandsofagile,customizablecollaborationmodelshavegrown,thecomplianceteamneedstoincorporateamorediverseskillset,involvingarangeoftechnicalknow-how,subjectmatterexpertsandtakeonvariousroles.Thisincreaseindemandsforcomplianceworkforcecoincideswithatenselabormarketwherefindingcandidatesisachallengealready.QualifiedemployeeshavemoredemandsandexpectationstowardsethicsandESG.Morethananythingelse,itisnowthequalityoftheworkforcethatdeterminesthesuccessofacompany’scompliancemanagement.Astrongworkforcestrategy–involvingrecruitingnewpeopleandupskillingcurrentemployees-isthereforeessentialinunlockingthepotentialforcomplianceasacompetitiveadvantage.Ahumanresourcesdepartmentthateffectivelymanagesthisstrategyandmitigatesriskswillraiseacompany’sstandinginthemarket.Attractingnewtalent,devisinghiringstrategy,ensuringtheavailabilityandcapacityoftraining,andretainingemployeesinthemidstoftheEraofGreatResignation,areallissuesfacedbycompaniesacrossallindustriesinoursurvey.Whenaskedaboutthechallengestheyforesawfortheircomplianceorganization,almost70%ofrespondentspointedto“attractingtalent,”afarhigherproportionthanforanyotheroption.Moreover,thesurveyrevealsthatallcompaniesregardlessofindustryhaveyettofindtheidealstrategyinresponse,sayingthattheyaremerelyadequately,orevenpoorly,positionedforthischallenge.Moreover,attractingtalentisunlikelytogetanyeasier,giventhat68%ofrespondentssaytherequiredrangeofqualificationsforrolesintheircomplianceorganizations-comprisingskillsets,expertise,andtechnicalqualifications-isonlylikelytoexpand,andafurther18%sayitwillexpandsignificantly.Thegrowingimportanceofcybersecurityandthedigitizationofcomplianceactivitiesareamajorconcernamongrespondentswhenconsideringthefutureoftheworkforce.Subjectmatterexpertise,cross-functionalcollaboration,andanawarenessoftheever-growinginventivenessofhackersandcybercriminalswillbeessential.Theworkforceofthefuturewillneedtostayuptodatetechnologicallyandadaptquicklytochangingrisksandregulations.Aswasreflectedinrespondents’concerns,therequirementsforthefutureworkforceextendwellbeyondtechnicalknow-how.Astheriskandcomplianceenvironmentgrowsincreasinglycomplex,theemphasisonstrongbusinessethicswillonlyincrease,encouragingemployeestomaketheirownethicalassessmentsofwhatisrightandwrong.Simplytickingboxesindicatingcompliancewithvariousregulationswillnolongersuffice.ThegrowingemphasisonESGandothertopicsobligesthecomplianceworkforcetokeepabreastofdevelopments,seethebiggerpicture,applytheirexpertisetonewareasandthinkalongmoregloballines,whilekeepingpacewiththerequirednewcollaborationmodeltomanageriskcross-departments.AsthesocialcomponentofESGgrowsinimportance,companieswillneedtobesensitivetothehumanrightsrisksthatflowfromworkingwithmultiplesuppliersandglobalsources.1ComplianceMandate/2Geopolitics/3ESGCompliance/4Digitization/5Cybersecurity/6BusinessEthics/7Workforce1819WORKFORCE:Securingtherightskills7.FIGURE9:CORECHALLENGESFORCOMPLIANCEORGANIZATIONSINTHEFUTUREPoliticalissuesareencroachingmorethaneverontheglobaleconomy.Complianceprofessionalsmustthereforebeabletoidentifyandanalyzecomplexscenarios,andconsiderbothpoliticalandeconomicfactors.Thiswillhelptoensurethattheircompany’scompliancestrategies,andhowtheyareimplemented,areflexibleenoughnotjusttoreacttoeventsbuttoanticipatethemandprepareaccordingly.Theattitudesofemployeesarealsochanging,andcompaniesmustadaptaccordinglytoattractthemandkeepthemonboard.MembersofGenerationZinparticular—thosebornbetween1995and2010—saytheywanttheirworktoaddvaluetosociety,andcaremoreaboutESGwhenchoosingtheiremployer.Moreover,newemployeesexpectcompaniestoallowforremoteworkingandofferstate-of-the-artdigitaltechnologiesandworkprocesses.Asthetalentwarintensifies,companiesthereforeneedtomanagetheirESG-relatedreputationswithcare,andthinkdifferentlyabouttheirworkingpracticesandtheirimpactonriskandcompliance.Insomesectorsinparticular,companiesareheavilyburdenedbytheeffortrequiredtopreventESGviolationsandimplementsocialcompliancethroughouttheirsupplychains,andbytheconstantthreatofregulatoryretaliationandreputationaldamage.Thisisparticularlytrueforindustrialgoodsandhealthcarecompanies.Theimplementationofduediligencein3TG(tin,tungsten,tantalumandgold)supplychainsenablesresponsiblesourcingof3TGfromcountrieslikeNigeria.Newregulationsandcampaignsagainstbriberyandcorruptioninmanycountrieshaveraisedthebarforsupplychaincomplianceriskmanagementinallindustries.Thegeneralpopulationsetshigherstandardsforpublicorprivatesectorentitiesinhealthcareinparticular.Manyoftheseorganizationsneedtomakesignificantenhancementstothecurrentrelevantsupplychainandbusinesspartnerduediligenceprocesses,e.g.byraisingthelevelofautomation.Inthisway,theycanavoidregulatoryscrutiny,negativeheadlinesandlossoffacewiththeirownworkforce.Simplyadvertisingforapositionwillnotachievetherequisiteresults.Companiesneedtobemoreimaginativeintheirtalentstrategies,moreawareofdiversityandinclusion,andreadytorespondtothedemandforamoreflexibleworkplace.Theyalsoneedtobecarefulthattherapidexpansionofcomplianceorganizations-57%expectthemtoincreaseinsize–doesnotdamageeffortstoestablishtherightculture,giventhedifficultyoftransmittingcompanyvaluestomanynewjoinersatthesametime.Recruitingnewpeoplealonewillnotbesufficientinbuildingtherightworkforce.Astechnologyadvancesandworkplacestrategiesevolve,existingemployeeswillneedtobetrainedinrelevantnewknowledgeandskills.Trainingcapacity,includingsubstantialrampingupofrelevantITcapabilities,shouldthereforebegreatlyexpanded.Indeed,companiesneedtodevelopaclearandcomprehensiveworkforcestrategythatdoesnotleavethecompanyvulnerabletoskillsdeficienciesatanygiventime.Oursurveymakesclearthatcomplianceorganizationsshouldbeequippedwithadiverseskillsetthatcandealwithallrelevanttypesandareasofrisk,andcanfulfillthevariousrolesrequiredwithinflexiblecollaborationmodels.Inamorecompetitiveworld,companiesshouldpinpointexactlywhatskillstheymostneed,wheretheycanbefoundandhowtheycanbedeveloped.Itisnotfeasibletofightfortalentonallfronts,andcompaniesmustthereforefocusontheirpriorityareas.ATTRACTINGTALENT68%ORGANIZATIONALCOMPLEXITY(e.g.betweenbusinessunits)43%SufficientIT-infrastructure38%Overallrisingcostsforcompliance37%Risingregulatoryscrutiny36%Sufficientworkforcecapacityforimplementation33%Developmentofadigitalcompliancestrategy32%Supportiveoverallculture32%Sufficientbudgetforimplementation32%Costcutting30%Leveraginginternalknowledge28%Integratingbusinessgoalsanddigitizationgoals26%"Senseofurgency"fromseniormanagement25%Improvingefficiencyoffirstlineofdefense25%Leveragingexternalknowledge15%2021BostonConsultingGroup(BCG)partnerswithleadersinbusinessandsocietytotackletheirmostimportantchallengesandcapturetheirgreatestopportunities.BCGwasthepioneerinbusinessstrategywhenitwasfoundedin1963.Today,weworkcloselywithclientstoembraceatransformationalapproachaimedatbenefitingallstakeholders—empoweringorganizationstogrow,buildsustainablecompetitiveadvantage,anddrivepositivesocietalimpact.Ourdiverse,globalteamsarepassionateaboutunlockingpotentialandmakingchangehappen,deliveringintegratedsolutionsthroughleading-edgemanagementconsulting,technologyanddesign,andcorporateanddigitalventures.Whetheryouwanttoadvanceanidea,acapability,ortheworldatlarge,BCGiswithyoueverystepoftheway.Weexcelinthebusinessofhumanpotential,andbelieveinitspowertoshapestrategic,organizational,economic,andsocietalchange.—Companiesneedtotakeactioninvariousareasinordermaximizethevaluecreationoftheircomplianceorganizations.Theyneedtodefinetheprecisemandateofthecompliancefunctionforeachtypeofrisk,defineanadequateapproachofitsroletoaddressthedifferentdemands,andclearlyallocateotherrelevantresponsibilitiesacrossdifferentdepartments.Plansforswifterandnimblercrisisresponsecanminimizetheimpactofmajorgeopoliticaleventsthathavebedeviledbusinessesinrecentyears.Onenvironmental,socialandgovernanceissues,theyhavetobridgethegapbetweentheircommunicatedambitionandtheoftenmuchmoremodestreality.Manycompanieshavefallendangerouslybehindinthedigitizationjourney.Astheyhurrytorectifythissituation,theyneedtomaintaintheirfocusonwhattheclientswantandwhattheirbusinessneeds.Oncybersecuritytoo,theyoftenhavemuchgroundtomakeup,andseniormanagementshouldurgentlyimplementacomprehensivevalue-for-moneystrategyandarangeofcross-functionalinitiatives.Tofosterethicalbehavior,companiesmusttakethenecessarystepstochangetheculture,andmakeitsimplerforemployeestovoiceanyconcerns.Regulators,investors,customersandemployeesareprobingthisgapwithincreasingenergyandconcern.Butofallthefactorsthatmakeforasuccessfulcomplianceorganization,therightworkforceisessential.Nosuchorganizationcanprosper,therefore,withoutaprudentworkforcestrategythatconsidershowbesttoattract,retain,motivate,andtraintheirpeople.Giventheclearneedforamorediverseskillsetaddressingthefunctionaldemandaswellastheroleflexibility,thedefinitionofanappropriatepeoplestrategyiskey.FORFURTHERCONTACTIfyouwouldliketodiscussthisreport,pleasecontactoneoftheauthors.Forinformationorpermissiontoreprint,pleasecontactBCGatpermissions@bcg.com.Seebcg.comforBCG’slatestcontent.There,youcanalsoregistertoreceivee‑alertsaboutthisorothertopics.FollowBostonConsultingGrouponFacebookandTwitter.©BostonConsultingGroup2021.Allrightsreserved.11/2022CONCLUSIONABOUTBCGBostonConsultingGroup(BCG)partnerswithleadersinbusinessandsocietytotackletheirmostimportantchallengesandcapturetheirgreatestopportunities.BCGwasthepioneerinbusinessstrategywhenitwasfoundedin1963.Today,weworkcloselywithclientstoembraceatransformationalapproachaimedatbenefitingallstakeholders—empoweringorganizationstogrow,buildsustainablecompetitiveadvantage,anddrivepositivesocietalimpact.Ourdiverse,globalteamsarepassionateaboutunlockingpotentialandmakingchangehappen,deliveringintegratedsolutionsthroughleading-edgemanagementconsulting,technologyanddesign,andcorporateanddigitalventures.Whetheryouwanttoadvanceanidea,acapability,ortheworldatlarge,BCGiswithyoueverystepoftheway.Weexcelinthebusinessofhumanpotential,andbelieveinitspowertoshapestrategic,organizational,economic,andsocietalchange.—ABOUTBCGwww.bcg.com

1、当您付费下载文档后，您只拥有了使用权限，并不意味着购买了版权，文档只能用于自身使用，不得用于其他商业用途（如 [转卖]进行直接盈利或[编辑后售卖]进行间接盈利）。
2、本站所有内容均由合作方或网友上传，本站不对文档的完整性、权威性及其观点立场正确性做任何保证或承诺！文档内容仅供研究参考，付费前请自行鉴别。
3、如文档内容存在违规，或者侵犯商业秘密、侵犯著作权等，请点击“违规举报”。

碎片内容

碳中和的最新文档