2022年全球ESG合规与风险报告(英文版)-波士顿咨询VIP专享VIP免费

2022 GLOBAL ESG,
COMPLIANCE &
RISK REPORT
Value creation amid rising global uncertainty
JEANNE KWONG BICKFORD
MANAGING DIRECTOR AND
SENIOR PARTNER

DR. KATHARINA HEFTER
MANAGING DIRECTOR
AND PARTNER

PIERRE ROUSSEL
MANAGING DIRECTOR
AND PARTNER

MATTEO COPPOLA
MANAGING DIRECTOR AND
SENIOR PARTNER

PAUL O’ROURKE
MANAGING DIRECTOR
AND PARTNER

JULIANE BUTTERS
PROJECT
LEADER

KEN CARLSTEDT
ASSOCIATE DIRECTOR,
GLOBAL TRADE & INVESTMENT

ELISABETH BENAZIR LIPPERT
SENIOR KNOWLEDGE
ANALYST

NICOLA NICOL
MANAGING DIRECTOR
AND PARTNER

LORENZO FANTINI
MANAGING DIRECTOR
AND PARTNER

HANJO SEIBERT
MANAGING DIRECTOR
AND PARTNER

DR. BERNHARD GEHRA
MANAGING DIRECTOR
AND SENIOR PARTNER

DR. JULIA GEBHARDT
MANAGING DIRECTOR
AND PARTNER

REI TANAKA
MANAGING DIRECTOR
AND PARTNER

TAD ROSELUND
MANAGING DIRECTOR AND
SENIOR PARTNER

JANNIK LEIENDECKER
PARTNER AND
ASSOCIATE DIRECTOR

0302
THE AUTHORS
The global regulatory environment has grown increasingly complex, and now spans a far broader range of issues than in the

such as sanctions and trade compliance and supply chain risks, as well as a general rise in regulation and regulatory
enforcement, especially in the environmental, social and governance (ESG) area. To compound matters further, the pace of
change will only accelerate in a highly networked and digitized world.
However, this new world should not only be seen as a challenge to overcome, but also as an opportunity to create value for
the company and forge ahead of rivals. As regulators raise the bar for all kinds of risks, the compliance function is set to play
a pivotal role in managing these regulatory developments successfully and steering organizations through crises. For example,
the proliferation of sanctions over the past year has shone a new light on the crucial role of compliance departments in all
industries. Similarly, headlines exposing greenwashing clearly demonstrate how important compliance departments are in


determine the role of their compliance function for these risks, and then optimize the function so that it lives up to the

risk. Companies that succeed in this endeavor will gain sustainable competitive advantage, boost customer loyalty and trust,
attract and retain talent, and enhance their reputation for acting responsibly in a testing business environment.
But exactly how are companies reacting to the changing compliance landscape in order to gain an advantage and get closer
RISK AND COMPLIANCE SURVEY FROM 2021, we repeated
the exercise in May and June 2022, this time with the goal of identifying and then analyzing the core issues relating to risk
and compliance. We interviewed 250 compliance professionals from companies across various industries around the world,


function, and how companies in general are coping with various types of risk and the myriad growing uncertainties in the
global landscape.
In a more complex world, simply writing policy guidelines and instructing employees to follow the rules will not be enough

circumstances, rules, regulations, and expectations develop. The goal of this study is to provide companies with the perspective
and tools they need to develop their compliance strategy, and then implement it successfully in the face of diverse and
evolving compliance risks.
COMPLIANCE MANDATE
The clearer the mandate of the compliance function, the more it can create value for the company.
GEOPOLITICS

to volatile developments in supply chains and sanctions, the company will prove more resilient during
times of geopolitical tension.
ESG COMPLIANCE
Taking concerted action to mitigate risk of ESG regulation enforcement only works if the gaps

DIGITIZATION

the opportunity to reduce the cost of compliance.
CYBERSECURITY


business performance and lead to an erosion of customer trust.
BUSINESS ETHICS

a sustainable compliance awareness across the organization.
WORKFORCE
A strong workforce strategy, involving carefully considered recruitment, training, and retention,
is essential in unleashing the potential for compliance as a competitive advantage.
04
INTRODUCTION
05
Our analysis revealed the following seven core topics and conclusions:
1.
2.
3.
4.
5.
6.
7.
2022GLOBALESG,COMPLIANCE&RISKREPORTValuecreationamidrisingglobaluncertaintyJEANNEKWONGBICKFORDMANAGINGDIRECTORANDSENIORPARTNERBICKFORD.JEANNE@BCG.COMDR.KATHARINAHEFTERMANAGINGDIRECTORANDPARTNERHEFTER.KATHARINA@BCG.COMPIERREROUSSELMANAGINGDIRECTORANDPARTNERROUSSEL.PIERRE@BCG.COMMATTEOCOPPOLAMANAGINGDIRECTORANDSENIORPARTNERCOPPOLA.MATTEO@BCG.COMPAULO’ROURKEMANAGINGDIRECTORANDPARTNERO’ROURKE.PAUL@BCG.COMJULIANEBUTTERSPROJECTLEADERBUTTERS.JULIANE@BCG.COMKENCARLSTEDTASSOCIATEDIRECTOR,GLOBALTRADE&INVESTMENTCARLSTEDT.KEN@BCG.COMELISABETHBENAZIRLIPPERTSENIORKNOWLEDGEANALYSTLIPPERT.ELISABETH@BCG.COMNICOLANICOLMANAGINGDIRECTORANDPARTNERNICOL.NICOLA@BCG.COMLORENZOFANTINIMANAGINGDIRECTORANDPARTNERFANTINI.LORENZO@BCG.COMHANJOSEIBERTMANAGINGDIRECTORANDPARTNERSEIBERT.HANJO@BCG.COMDR.BERNHARDGEHRAMANAGINGDIRECTORANDSENIORPARTNERGEHRA.BERNHARD@BCG.COMDR.JULIAGEBHARDTMANAGINGDIRECTORANDPARTNERGEBHARDT.JULIA@BCG.COMREITANAKAMANAGINGDIRECTORANDPARTNERTANAKA.REI@BCG.COMTADROSELUNDMANAGINGDIRECTORANDSENIORPARTNERROSELUND.TAD@BCG.COMJANNIKLEIENDECKERPARTNERANDASSOCIATEDIRECTORLEIENDECKER.JANNIK@BCG.COM0302THEAUTHORSTheglobalregulatoryenvironmenthasgrownincreasinglycomplex,andnowspansafarbroaderrangeofissuesthaninthepast.Compliancefunctionshavebeenheavilyaffectedasaconsequence.Theymustdealwithmultiplegrowingchallenges,suchassanctionsandtradecomplianceandsupplychainrisks,aswellasageneralriseinregulationandregulatoryenforcement,especiallyintheenvironmental,socialandgovernance(ESG)area.Tocompoundmattersfurther,thepaceofchangewillonlyaccelerateinahighlynetworkedanddigitizedworld.However,thisnewworldshouldnotonlybeseenasachallengetoovercome,butalsoasanopportunitytocreatevalueforthecompanyandforgeaheadofrivals.Asregulatorsraisethebarforallkindsofrisks,thecompliancefunctionissettoplayapivotalroleinmanagingtheseregulatorydevelopmentssuccessfullyandsteeringorganizationsthroughcrises.Forexample,theproliferationofsanctionsoverthepastyearhasshoneanewlightonthecrucialroleofcompliancedepartmentsinallindustries.Similarly,headlinesexposinggreenwashingclearlydemonstratehowimportantcompliancedepartmentsareinguidingimplementationoftherelevantrequirements.Inthesedemandingconditions,companiesneedtodefinethetermsoftheircompliancemandatefortheirrelevantrisks,determinetheroleoftheircompliancefunctionfortheserisks,andthenoptimizethefunctionsothatitlivesuptothemandate.Tocreatevalue,thecompliancefunctionneedstofulfilldifferentroles,accordingtotheparticulartopicandspecificrisk.Companiesthatsucceedinthisendeavorwillgainsustainablecompetitiveadvantage,boostcustomerloyaltyandtrust,attractandretaintalent,andenhancetheirreputationforactingresponsiblyinatestingbusinessenvironment.ButexactlyhowarecompaniesreactingtothechangingcompliancelandscapeinordertogainanadvantageandgetclosertotheirTargetOperatingModel(TOM)?FollowingourfirstRISKANDCOMPLIANCESURVEYFROM2021,werepeatedtheexerciseinMayandJune2022,thistimewiththegoalofidentifyingandthenanalyzingthecoreissuesrelatingtoriskandcompliance.Weinterviewed250complianceprofessionalsfromcompaniesacrossvariousindustriesaroundtheworld,andaskedthemtonametheforemostissuesandchallengesfacedbycomplianceorganizations,andhowaretheyfulfillingtheircompliancemandates.Inaskingthesequestions,wewantedtobuildacompletepictureoftheriskandcompliancefunction,andhowcompaniesingeneralarecopingwithvarioustypesofriskandthemyriadgrowinguncertaintiesinthegloballandscape.Inamorecomplexworld,simplywritingpolicyguidelinesandinstructingemployeestofollowtheruleswillnotbeenoughtostayaheadofthegame.Everycompanyneedsastrategynotjusttomanagecurrentrisksbutalsotoadaptquicklyascircumstances,rules,regulations,andexpectationsdevelop.Thegoalofthisstudyistoprovidecompanieswiththeperspectiveandtoolstheyneedtodeveloptheircompliancestrategy,andthenimplementitsuccessfullyinthefaceofdiverseandevolvingcompliancerisks.COMPLIANCEMANDATETheclearerthemandateofthecompliancefunction,themoreitcancreatevalueforthecompany.GEOPOLITICSIfacompanyisequippedwithcrisisresponseplans,andwithproceduresforswiftactioninresponsetovolatiledevelopmentsinsupplychainsandsanctions,thecompanywillprovemoreresilientduringtimesofgeopoliticaltension.ESGCOMPLIANCETakingconcertedactiontomitigateriskofESGregulationenforcementonlyworksifthegapsbetweenESGexpectationsandtherealityaresignificantlynarrowed.DIGITIZATIONAdequateoperatingmodelsenablecompaniestomeetfuturechallengesandseizetheopportunitytoreducethecostofcompliance.CYBERSECURITYInsufficientinvestmentincybersecurity,resilienceandtesting,resultinginafailuretokeeppacewithdigitizationorrespondtoescalatingcyberthreats,couldhaveasignificantimpactonbusinessperformanceandleadtoanerosionofcustomertrust.BUSINESSETHICSConsequentimplementationofadefinedethicalcultureisthecrucialsteptoestablishasustainablecomplianceawarenessacrosstheorganization.WORKFORCEAstrongworkforcestrategy,involvingcarefullyconsideredrecruitment,training,andretention,isessentialinunleashingthepotentialforcomplianceasacompetitiveadvantage.04INTRODUCTION05Ouranalysisrevealedthefollowingsevencoretopicsandconclusions:1.2.3.4.5.6.7.Againstabackgroundofdiverseandevolvingcompliancerisksandrisinguncertainties,settingoutthecompliancemandateandtheroleofthecompliancefunctionfordifferenttypesofriskiscritical.Thesurveyrevealsthatcomplianceorganizationsarealreadydealingwithawiderangeofriskcategories:fraudandfinancialcrimerisk,competitionrisk,informationsecurity/informationtechnologyrisk,corporateandcapitalmarketrisk,andemployeerisk.Interestingly,ouranalysisrevealsthatkeyESG-relatedtopics,suchassustainability,environmentallawandhumanrights,areonaverageonlyincludedinthecompliancemandatesofaroundhalftotwothirdsoforganizations.FIGURE1:OURFINDINGSAREBASEDONFEEDBACKFROM250COMPANIES…INDUSTRIESCOMPANYSIZE(#FTE)PARTICIPANTSCOMPANYREVENUE32%5%13%33%17%REGIONSFIGURE2:KEYRISKSUNDERCOMPLIANCEMANDATE(IN%)Thispointhighlightsacrucialthemewhenitcomestothevaluecreationambitionsofacompliancefunction-theimportanceofcross-collaborationinESG,riskandcompliancemanagement.Themanagementofriskisnotthesolepreserveofthecomplianceandriskfunctions.Individualdepartmentshaveinthepastoftenusedtheirownpiecemealriskmanagementmethodstokeepupwithregulations.Onefrequentexampleistheprocurementdepartment.Thissiloedresponsefailstoprotectthebusinessfromfinancialpenaltiesandnegativepublicopinion.Asmanyrisksaffectavarietyofdepartmentsandprocesseswithinanorganization,effectivecollaborationisvital.Thekeytocreatingtruevaluefromthesecross-functionalcollaborationsisacleardelineationofroles,settingoutwhichfunctionhasoverallownershipofaparticulararea,andwhichisresponsibleforeachpartoftheprocess.Theroleofthecompliancefunctioncanrangefromadvisortocentraloversight.Onereal-worldexamplewouldinvolvecompliancedepartmentscollaboratingcloselywiththeircolleaguesinsoftwareandproductdevelopmentduringagiledevelopmentphases,makingsurethattheyareinvolvedearlyintheprocessandachievingspeedtooutput.DATAPROTECTIONLAWMONEYLAUNDERING/TERRORISTFINANCINGCYBERSECURITYREGULATIONSINTERNALTHEFTANDFRAUDTRADELAW(IMPORT/EXPORT)SUSTAINABILITYOTHERCOMMERCIALCRIMINALLAWHUMANRIGHTSCORPORATEGOVERNANCERULESDIVERSITY&DISCRIMINATIONSTANDARDSEXTERNALTHEFTANDFRAUDBRIBERY/CORRUPTIONANTITRUSTLAWENVIRONMENTALLAWEMBEZZLEMENT1ComplianceMandate/2Geopolitics/3ESGCompliance/4Digitization/5Cybersecurity/6BusinessEthics/7Workforce94%93%89%87%79%75%74%66%65%64%62%56%54%52%49%06COMPLIANCEMANDATE:Emphasizingvaluecreation1.07SURVEYPARTICIPANTSMuchoftheeverydayworkofcompliancefunctionsiscurrentlytakenupwithrespondingtotherequirementsofeconomicandtradesanctionsduringgeopoliticaltensions,andwiththehandlingofglobalcrisessuchasthepandemic.Asthesanctionslandscapebecomesmorecomplexanddynamic,sanctionscompliancesystemsmustbecomemoresophisticatedinresponse,andmustinterfaceseamlesslywithbroadertradecompliancecapabilities.Resoluteconsensusamonggovernmentsisforcingcompaniestotakeapoliticalstance,willinglyornot.Thishasbecomeparticularlytruewitheconomicflowsbeingincreasinglyusedasastrategicweaponinforeignandsecuritypolicy.Companiesneedtobecarefulnottocircumventthegrowingnumberoffinancialandtradesanctions,includingtherecentwaveofexportcontrolsrelatedtohigh-endsemiconductors.Theyneedtodevelopacomprehensiveorganizationalstrategythatallowsthemtomonitorthedetailsofanavalancheofnewlyintroducedsanctionsandrespondaccordinglyinatimelymanner.Thelimitedambitionsimplytofollowruleswillnotbesufficientinaworldthatismovingsoquickly.Thisyear’ssurveyshowsthatsanctionsandtradecompliancehavebecomeevenmoreimportanttocomplianceorganizations,andnowranksamongthetopfivekeytopics.Thisisajumpof15placesfromourprevioussurveyin2021.Evenwithoutchangesinregulatoryorgovernmentalrequirements,anykindofupheavalcandestabilizetheenvironmentinwhichthecompaniesareoperating.Theglobalpandemicissuchanexample,anditshowshowdisruptionsinsupplychainscanposeamajorthreattomultinationalcompanies.Decisionshadtobetakeninashortertimespan,whilenewbusinesspartnershadtobeonboardedornewtraderoutesidentified.Regularprocesseshadtobeexpeditedanddifferentprocessesimplemented.Allthesechangesincreasedtheriskofinsufficientduediligenceorofoverlookingrequirements.Reactiontotheseglobalcrisesinmanycompanieshasoftenbeentooslow.Acompany’spreviousworktoestablishtransparencyontheserisksaswellasitspreventivemeasureswerebothcrucialduringthesetimesandhavecertainlypaidoff.Thereisclearlyaneedforcrisisresponseplanswhichfacilitateswiftdecisionmakinginrelationtovolatiledevelopmentsinsupplychainsandgovernmentsanctions,asnumerousjurisdictionscontinuetoimplementandenforcelocalregulations.Unsurprisingly,givendevelopmentsinEuropeoverrecentmonths,surveyparticipantsforthefirsttimerankgeopoliticaltensionsasakeytopicforcomplianceorganizations(itisrankedatnumber11).Thiscorrelatestotheupwardjumpinsanctionsandtradecompliance,asgeopoliticaltensionsleadtoexpandedtraderegulationsandretaliations.Arobustcomplianceoperatingmodelensuresresilienceagainstexternalshocksanduncertaintiesandstrengthenscrisismanagement.Themajorchallengeincrisismanagementissimultaneouslyhandlingamultitudeofissuesthatdemandabroadrangeofskillsandcapabilities.FIGURE3:KEYTOPICSFORCOMPLIANCEORGANIZATIONS1ComplianceMandate/2Geopolitics/3ESGCompliance/4Digitization/5Cybersecurity/6BusinessEthics/7Workforce08GEOPOLITICS:Respondingtoglobalevents2.09CYBERSECURITY(incl.Datasecurity)62%BUSINESSETHICS52%DIGITIZATION&DATAANALYTICS42%ESG(Environmental,socialandgovernance)42%SANCTIONS/TRADECOMPLIANCE36%DIVERSITY&RACIALEQUITY34%M&A(incl.duediligenceoftarget’sbusinesspartners)30%Newbusinessmodels26%Globalharmonizationofstandards/regulation23%EUDirectiveonCorporateSustainabilityDueDiligence,GermanSupplyChainDueDiligenceAct22%Needforefficiencygains20%GEOPOLITICALTENSIONS17%DigitalMarketsAct(DMA)16%EUWhistleblowerProtectionDirective(2019/1937)15%EUDigitalServicesAct(DSA)14%EUAMLActionPlan14%EUTaxonomyforsustainableactivities("Greentaxonomy")13%Adversemediacoverage(e.g.InfluencerMarketing)12%EUArtificialIntelligenceAct(Draft)10%Environmental,socialandgovernance(ESG)issueshavebecomeacriticalcomponentofmodernbusinesspractices.Thereasonsareclear–risingregulatoryexpectations,anincreasingawarenessofthethreatofglobalwarming,andmoreconcernabouttheimpactofcompanyoperationsontheworldaroundthem.Since2018,authoritiesworldwidehaveissuedmorethan170neworamendedESGregulations.GuidelinessuchastheEUCorporateSustainabilityReportingDirective(CSRD)aresettobefurthercodifiedbyclearstandardscurrentlybeingdevelopedbytheEuropeanFinancialReportingAdvisoryGroup(EFRAG)(seetherecentlypublishedBCGpaper“ESGCOMPLIANCEINANERAOFTIGHTERREGULATIONS”).CompaniesmusthandlechangingESGregulationsontopicssuchasclimatechange,humanrights,anddiversity.Giventhemajorgapbetweenexpectationsandcurrentreality,ESGcompliancehasplacedcompaniesunderconsiderablepressure.Whilecross-divisionalcollaborationcanhelptoaccelerateactionandmitigatetheriskofregulatoryenforcementorlosinginvestorsandclients,breachesofso-calledsocialcomplianceleadtosignificantreputationalrisks.TheincreasingimportanceofESGisclearlyreflectedinoursurveyresults,irrespectiveoftheparticularcompany’sregion,industryorsize.Asignificantproportion(43%)ofrespondentsselectedESGasoneofthetopfivetrendsortopicsthataremostrelevantfortheircomplianceorganization.Moreover,alargemajority(79%)reportedthattheircommitmenttoESGhasintensifiedoverthepasttwoyears.ThisisinpartbecausetheyseeanotableincreaseintheamountofESGregulation,andgreaterenforcementoftheseregulationsforcompanieswhichengageingreenwashingorhavenotimplementedtherequiredchangestotheirproducts,services,reportingmechanismsororganizationalstructure.Indeed,approximately60%ofrespondentssaythatregulatorsarehavingthegreatestimpactontheirESGefforts.Afterregulatorsintherankingcomecustomers(48%),andemployees(47%).Respondentsarefullyawarethatincreasingregulatorydemandsthreatenacompany’ssurvival.IfitspursuitofESGislessthancomprehensive,itwillbuckleundertheweightofsanctionsandaworseningreputation.DEEPDIVE:THENEEDFORANHOLISTICAPPROACHInFebruary2022,theEUCommissionadoptedaproposalforadirectiveoncorporatesustainabilityduediligence.Theaimofthisdirectiveistofostersustainableandresponsiblecorporatebehavior,andtoanchorhumanrightsandenvironmentalconsiderationsincompanies’operationsandcorporategovernance.ThedraftregulationrequireslargeEUcompanies,andsomenon-EuropeancompanieswithsignificantbusinessoperationsinEurope,toassesstheiractualandpotentialhumanrightsandenvironmentalimpactthroughouttheiroperationsandtheirsupplychains,andtotakeactiontoprevent,mitigate,andremedytheharmstohumanrightsandtheenvironmentthathavebeenidentified.Similarly,thesoon-to-be-implementedGermanSupplyChainDueDiligenceActisdesignedtoprotecthumanrightsandtheenvironmentinsupplychainoperations.Companiesneedtorespondwithaholisticratherthanasiloedapproach.Indeed,agovernancetriangleshouldbeformed:theprocurementfunctionshouldexaminevendorsindetail;thehumanresourcesfunctionshouldlookathowemployeesaretreatedinthesupplychain;andahumanrightsdepartmentcanbeintroducedtoconsolidatethecompany’soverallapproachandmanagereporting(seerecentlypublishedBCGpaper“MANAGINGSUPPLYCHAINRISK–ANUPDATEONLEGALANDSTRATEGICREQUIREMENTS”).Somejurisdictions,suchasAustralia,actuallyhavearegulatoryrequirementtonominateahumanrightsofficer.AholisticprocessisalsonecessaryforESGmeasurement,steeringandreporting,wheresimilarmethodologiesshouldbeusedthroughouttheorganization.Thesurveyrevealsthattheroleofthecompliancefunctiondiffersfromcompanytocompany.ItcanrangefromoversightoverallESGtopicstoresponsibilityforcertainselectedareas.TheroleofthecompliancefunctionforESGineachcompanyshouldbeappropriatefortherelevantbusiness,operatingmodelandESGfactors.However,giventhatESGspansseveralexistingriskcategoriesthattypicallyfallwithinthecompliancemandate,thecompliancefunctionusuallyplaysanimportantroleinESGmanagement.Inparticular,itsexperienceofriskmanagementsystemsshouldbesoughtwhensettingupgovernance,standardsandreportinglinessothatthecompliancefunctioncancreatethegreatestpossiblevalueinagivenarea.1ComplianceMandate/2Geopolitics/3ESGCompliance/4Digitization/5Cybersecurity/6BusinessEthics/7WorkforceFIGURE4:MAINDRIVERSFORESGEFFORTS020406022%26%47%48%58%10ENVIRONMENTAL,SOCIALANDGOVERNANCE(ESG):Meetingstakeholderexpectations3.11Dealingwithburgeoningregulationcaneasilyleadtospiralingcosts.Sohowthendocompaniesandtheircompliancefunctionsmanagetoinjectefficiencyintothisprocesswhilestilloperatinginthemosteffectivewaypossible?Digitizationisthemostcommonanswertothisquestion.However,itisimportanttohaveacleardefinitionofwhatthisentails.Companiesneedtounderstandwhattheirproblemsare,whatneedstobedoneandhowdigitizationcanhelptoreachtheseobjectives.Upgradingthefrontendwhiletheback-endprocessesarestillmanualandinefficientdoesnotadduptogenuinedigitization.Cross-divisionalcollaborationforrethinkingtheend-toendclientjourneysisnecessary,focusingatalltimesonwhatbenefitstheclientexperience.Inthatregard,digitizationcancertainlycontributegreatlytoraisingefficiency,forexamplebystreamlininglabor-intensiveprocessessuchasKnowYourCustomer(KYC),transactionmonitoring,screeningandriskassessments,makingcontrolsmoreautomatedanddata-driven,andreporting.Automateddocumentcaptureandread-outofrelevantdatasuchas“useofgoods”canreducethecostofcomplianceanderrorrates(see,forexample,theBCGLinkedInarticle“FUTUREPROOFINGCOMPLIANCEWITHTECHNOLOGY&DIGITAL”).Despitedigitization’spotential,manycompaniesarenotproperlypreparingtheiroperatingmodeltomeetfuturechallenges,andaremissingtheopportunitytoreducethecostofcompliance.Indeed,aTOMandanintegratedarchitecture(processes,data,applications,andtools)areoftenlacking,despitethefactthatdigitizationrequiresanoverarchingstrategyandclearobjectives.Forexample,universalbankshaveofteninvestedintoolswhichcomefromvarioussourcesandaredisconnectedfromeachother.Asaresult,businessesoftenlacksupportwhenitcomestodata,artificialintelligence,anti-financialcrimeandfraudefforts,andgettingaheadinthewarfortalent.Respondentstooursurveycertainlyseetheimportanceofdigitization.Theyciteddigitizationanddataanalyticsasoneofthetopfivetrendsincompliance,andonethirdofrespondentspointedtoitasakeychallengefortheircomplianceorganization.Moreover,theintegrationofbusinessanddigitalgoalsisseenasamajorchallengeamongtheparticipants.Morethanhalf(54%)claimtheyarewellorverywellpositionedtoadapttothedigitizationtrend.However,moredetailedquestionsondigitizationmaturityshowthereismuchworkstilltobedone.Althoughthemajoritysaytheyarewellorverywellpositionedtoadapttothedigitizationtrend,morethanhalfofrespondents(52%)statethattheyhavenotadvancedveryfaralongthisroad.Theyareonlyjuststartingtoairideasandintroducepilotsforone-offdigitalinitiativeswithinselectedpartsoftheircomplianceorganization,butarenotfullyawareofthedigitalusecasesthatexist.CompanieswithamoreadvancedComplianceTOMappeartohavestartedthedigitizationjourneyearlier.Theyaremoreawareoftheroledigitalcanplay,andunderstanddatastrategy.ThosewhosaytheyhavemadeconsiderableprogressattributetheirsuccesstomakingdigitalcompliancetheirtoppriorityandanintegralpartoftheCEOagenda.ThisfindingreaffirmsthehypothesesreachedintheBCGESG,COMPLIANCEANDRISKREPORT2021.Attheotherendofthescale,24%ofrespondentsadmittedtheyaredealingwiththedevelopmentofdigitalcompliancestrategyeitherpoorlyorverypoorly.Indeed,respondentsateverylevelofcompliancematuritysaidtheyarestillworkingonthedevelopmentofafullydigitizedcompliancefunction.FIGURE5:DIGITIZATIONREADINESSFIGURE6:DIGITIZATIONREADINESS1ComplianceMandate/2Geopolitics/3ESGCompliance/4Digitization/5Cybersecurity/6BusinessEthics/7Workforce6%35%31%10%0204018%020406012DIGITIZATION:Makingupforlosttime4.13Theeffectiveapplicationoftechnologyincompliancerequiresexcellentplanningandcarefulorchestrationofmanydifferentelements.Companiesneedtobeabletoanalyzethevendorlandscape,andensurethattheselectedcompliancetechnologyfitsneatlywithoperationalneeds.Thisinturnrequiresdeepknowledgeofdataprotectionregulationindifferentjurisdictions,andaninnovative,digitallyorientedmindset.Aswithcybersecurity,thecomplianceworkforcemustcompriseadiverserangeofsubjectmatterexpertsifitistoimplementasuccessfuldigitalcompliancestrategy.Thereisagrowingdemandforcyberriskprofessionals,whocanbringriskdomainexpertisetoaddresstheincreasingrisksofcyberattacksandcompromise.Indeed,theslowpaceofdigitizationwithinthecompliancefunctioncanbemainlyputdowntoalackofsufficientknow-howandtools.Manycompaniesarekeentotackletheknow-howgapbydevelopingacomprehensivepeoplestrategytoattracttalentwiththerequiredexpertisetoexploitthepotentialofdigitalacrossthecomplianceunit.Agoodexampleofsuchupskillingeffortswouldinvolvebuildingupahubteam,staffedwithdatascientistsandengineers,aswellasaspoketeam,comprisingdatascientistsandengineerswhoonlyworkwithcompliance-relatedprojectsandhencebuildsubjectmatterexpertise.AscompaniesdeploytransformativeArtificialIntelligence(AI)tools,theymustensurethattheyintroducethesesolutionsinaresponsibleway,mitigatinganypotentialriskstotheirbusinessandprotectingconsumers.WiththeimminentarrivaloftheEuropeanUnion’sAIAct,oneofthefirstbroad-rangingregulatoryframeworksonAI,thefailuretoimplementResponsibleAIsuccessfullywillleadtoseriousimplications(seeBCGpaper“RESPONSIBLEAIFORANERAOFTIGHTERREGULATIONS”).TohavepeoplewhoarecarefullyanddiligentlyworkingonandlearningfromthesetechnologiesisofcriticalimportancefororganizationsandforthepeoplewhowillsuffertheconsequencesofAIsystemsthatarenotequippedwithethicalguardrails.Increasingimpactsfromcyberandprivacyattackscontinuetoescalateinprominenceandfrequency.Ascompaniesoperateinanincreasinglydigitizedway,themoretheywillneedtoassessandenhancetheircyber-resilience.Whenaskedwhichtopicwasmostrelevantfortheircomplianceorganizations,theclearwinnerwascybersecurity.Indeed,thetopicwascitedby62%ofrespondents,10percentagepointsmorethanbusinessethics,thenextmostcitedtopic.Thiscomesasnosurprise,giventheconsiderablerisks—tothebusiness,customers,andreputation—inneglectingcybersecurity.Cyberthreatactorsarebecomingmoreaggressive,moresophisticated,morepersistentandmoresuccessful.Companieshavethereforebeenstrengtheningtheircommitmenttocybersecurity,especiallyamidheightenedgeopoliticaltensions.Manycompaniesdonotyethaveadequatecybersecuritycapabilities,managementandgovernanceprocesses,withinsufficientinvestmentinsecurity,resilienceandtesting.Theycurrentlylacktherightmonitoring,controlsandwarningindicatorstobothprevent,respondtoandrecoverfromcyberthreats.Lackofsecurityinvestment,resultinginafailuretokeeppacewithdigitalinvestment,canexactahighpriceatanunknownlaterdate.Regulationistighteninginthisspheretoo,forexamplewiththeCyberIncidentReportingforCriticalInfrastructureAct,signedintolawintheUnitedStatesin2022.ThelawsoughttoensurethatcriticalprivatesectorentitiesreportcyberincidentsandransomwarepaymentstotheUSgovernment.Itisthereforeencouragingthat73%ofrespondentssaytheyarealreadywellorverywellpositionedtoimproveperformanceinthisregard,thankslargelytothefactthattheircompliancemandatesincludecybersecurityregulationsanddataprotectionlaws.FIGURE7:CYBERSECURITYREADINESS1ComplianceMandate/2Geopolitics/3ESGCompliance/4Digitization/5Cybersecurity/6BusinessEthics/7Workforce1%3%23%43%30%02040601415CYBERSECURITY:Addressingcriticalgaps5.StrongcybersecurityalsorequiresgoodITinfrastructuremanagement.However,morethanathird(38%)ofrespondentssaythatadequateITinfrastructureremainsoneoftheirthreebiggestchallenges,and27%saytheyarenotwellequippedtodealwithit.Toovercomethesechallengesandrapidlyimprovecybersecurity,acommittedseniormanagementmustimplementatop-downstrategywithapersistentemphasisonidentifyingandprotectingtheirhighestriskassets,whilethecompliancedepartmentsshouldalwaysbecloselyinvolvedtoensurethatkeyregulatorydevelopmentsaremanagedandgovernedeffectively.Companieswillneedtointroducearangeofcross-functionalinitiatives,designedtoencouragecollaboration,andspreaddiversesubjectmatterexpertiseamongbusinessunitsandcorporatefunctions.Suchcollaborationiscritical,withthegoalofestablishingresilientcybersecurityprocessescomprisingvariouselements,suchasIT,operationalrisk,businesscontinuity,anti-fraudanddataprotection.Acriticalelementofcybersecurityiseffectivestaffeducationandawarenessoftherequiredcyberpractices.Stolencredentialsareresponsibleformorethanhalfofransomwareattacks,notleastbecausepasswordssuchas“123456”or“qwerty”arestillverycommonlyused.Enforcingpasswordrequirements,multi-factorauthenticationandapplyingsecuritypatchesareimportantcontributoryfactorstotheeffectivepreventionofattacks.Threatsandriskswillstillflourishifcompaniescontinuetooverlookthehumanelementofcybersecurity,nomatterhowsubstantialtheinvestmentinsecuritytoolsandnetworkdefense.Thefirst,andinthiscontextthelast,lineofdefenseagainstcyberattacksneedstobeenabledinordertoensuresecureoperations.Organizationsshouldprovideemployeeswithtime,education,andresourcestolearnmoreaboutcybersecurity,andtakeahuman-centricapproachtodesigningtraining,cyberpracticesandincidentresponsesintheeventofattacks.Aboveall,companiesneedtoknowwhatcyber-riskprofiletheyareaimingtoachieve,andwherethemostimportantgapsremain.Scenario-drivenexercisesthatsimulatecyberattacksassistteamstobuildanddevelopthecriticalskillsandexperienceneededforeffectiveincidentresponse.Acomprehensivecybersecuritystrategyisnecessary.Itshouldbesupportedbymanagementandreceivetherequiredlevelofinvestmenttomaintaintheorganization’scyber-riskprofilewithinitsriskappetite.Aninnovativeapproachwouldbetobringcustomersandotherstakeholdersonboardinstrivingtoboostcybersecurity.Atrendexistsatthemomenttoofferhackersabonus(bugbounties)iftheymanagetoentertherelevantcompany’ssystemandthenlogandreporttheiractivity.Moreover,thereisanincreasingfocusoncollaborationandinformationsharingbetweenorganizations,industrysectors,governmentsandconsumers.Cyberisacollectiveproblem,requiringacollectiveresponse.StrongcybersecurityalsorequiresgoodITinfrastructuremanagement.However,morethanathird(38%)ofrespondentssaythatadequateITinfrastructureremainsoneoftheirthreebiggestchallenges,and27%saytheyarenotwellequippedtodealwithit.Acultureofintegrity,whereemployeesactuallypracticewhatthecompanypreachesonethicalbusinessbehavior,nurturesprudentdecisionmakingindifficultsituationsandelevatescompliancedepartmentstothepositionofinfluentialandsought-afteradvisor.Theimportanceofthistopicwasclearlyreflectedinoursurvey.Morethanhalfofallrespondents-regardlessofindustryandregionormaturitystage-includedbusinessethicsamongthetopfivetopicsmostrelevanttotheircomplianceorganizations.Allrespondentssaidthatbusinessethicsisakeycomponentofpropergovernance.Giventhesignificanceattachedtothisarea,companiesarekeentopromoteethicalbehaviorintheirbusinesspractices.Ahighpercentage(79%)rankthemselvesaseitherwellorverywellpositionedinthisregard,whilejust4%saytheyarepoorlyorverypoorlyprepared.Respondentsgenerallyagreethattheirwrittencodesofconductarenowwellestablished,andhavebeenclearlycommunicatedtoallemployees(70%).Moreover,amajorityreportthattheircompliancemandatesincludespecificrisksrelatedtobusinessethics.FIGURE8:TRENDADAPTIONBUSINESSETHICSHowever,oursurveysuggeststhatmanycompaniesstillstruggletocreateeffectivewhistleblowingsystemsthatpromoteacultureofspeakingoutinresponsetonon-compliantbehavior.1ComplianceMandate/2Geopolitics/3ESGCompliance/4Digitization/5Cybersecurity/6BusinessEthics/7Workforce161%3%18%31%48%17BUSINESSETHICS:Establishingacultureofintegrity6.0204060Givenitsimportanceintheeffectivenessofwhistleblowing,itisperhapsnotsurprisingthatasignificantnumberofparticipants(30%)statethatcultureisoneoftheirtopfiveoverallcompliancechallenges.Asustainableethicalculturewithrobustcomplianceandastrongsenseofintegrityleadstothreemajorcommercialbenefits:itcreateseconomicadvantageforcompanies,preventssubstantialfinesandreputationaldamage,andhelpstoattractandretainkeytalent.Butwhatarethenecessaryelementsthatcombinetocreatesuchasustainablecomplianceculture?Oneimportantsuccessfactor,widelyacceptedinthecompliancecommunity,isclearleadershipbehavior.Thesuccessofanethicalculturegreatlydependsonexecutivessettingthetonefromthetop,actingasrolemodelsinlivinguptoculturalstandards.Onequarterofourrespondentssaythatestablishinga“senseofurgencyfromseniormanagement”isamongthetopfivechallengesfortheircomplianceorganization.Everyemployeeshouldbefullyawarethatcompliantbehaviorisvitallyimportantforthewholeorganizationandthatseniormanagementwillbeheldaccountableforanymisconduct.Companiescanfinditdifficulttoestablishacomplianceculturethatincentivizesemployeestoliveacultureofintegrityandindulgeintherightbehaviors.Makingguidelinessimplerforemployeeswouldcertainlyhelp.Anunwieldynumberofrulesthataredifficulttoputintopracticehinderseffectiveandsuccessfulcompliance.Makingtheprocessesuser-friendly,ontheotherhand,willboostcompliancewithstandardsandfosteranethicalculture.Thetargetcultureshouldbearticulatedclearly,providingenoughusecasestodemonstratetheconnectionbetweenconceptandbusinesspractice,sothatemployeesallimmediatelyrecognizewhatcorrectbehaviorlookslikeandcanreportthingstheybelievearenotright.Certainfactorsthatarevitalinbuildingtherightculture-thetonefromthetop,accountability,incentivesandcommunication-canbemeasuredandcontrolled.Indeed,dataandtechnologycanbeputtogoodusehere.Digitizationcancertainlyalsomakeitmorestraightforwardforemployeestobecompliantduetothegreatereaseofcommunicatingandfollowingdueprocess.SeealsotheBCGpublicationPERSPECTIVESONMONITORSHIPSANDSUCCESSFULCOMPLIANCETRANSFORMATION–ABCGCOMPLIANCEMAGAZINESPECIALISSUE.DEEP-DIVE:WHISTLEBLOWINGRecentregulatoryactionhasmadewhistleblowingaclearpriorityforallcompliancedepartments.In2019,forexample,theEuropeanUnion(EU)passedtheirWhistleblowerDirective,aimedatprotectingwhistleblowers.By2023,companieswithmorethan250employeesinscopeoftheGermanSupplyChainDueDiligenceActmustimplementasysteminwhichemployeesandexternalthirdpartiescanreportpotentialmisbehavior.In2019,theEUpassedtheEUWhistleblowerDirective,aimedattheprotectionofwhistleblowers.FromDecember2021,companieswithmorethan250employeeshaveneededtoimplementasystemwhereemployeesandthirdpartiescanreportpotentialmisbehaviorTheseorganizationsthereforeneedtoputinplaceacomplaintsmechanismwhereallpeople,regardlessoftheirconnectiontothecompany,canreportincidentsrelatingtoviolationofhumanrightsandcertainenvironmentalprotectionlaws.Whistleblowerscanchoosetoreporttheirconcernseitherinternallyortoexternalauthorities.Inspecificcircumstances,theycanevenreporttheirconcernspublicly,throughsocialmediaforexample,leadingtoreputationaldamage.Theidentityofwhistleblowersandanythirdpartiesmentionedmustalwaysremainconfidential.BecauseESG,riskandcompliancehavebecomemorecomplex,andthedemandsofagile,customizablecollaborationmodelshavegrown,thecomplianceteamneedstoincorporateamorediverseskillset,involvingarangeoftechnicalknow-how,subjectmatterexpertsandtakeonvariousroles.Thisincreaseindemandsforcomplianceworkforcecoincideswithatenselabormarketwherefindingcandidatesisachallengealready.QualifiedemployeeshavemoredemandsandexpectationstowardsethicsandESG.Morethananythingelse,itisnowthequalityoftheworkforcethatdeterminesthesuccessofacompany’scompliancemanagement.Astrongworkforcestrategy–involvingrecruitingnewpeopleandupskillingcurrentemployees-isthereforeessentialinunlockingthepotentialforcomplianceasacompetitiveadvantage.Ahumanresourcesdepartmentthateffectivelymanagesthisstrategyandmitigatesriskswillraiseacompany’sstandinginthemarket.Attractingnewtalent,devisinghiringstrategy,ensuringtheavailabilityandcapacityoftraining,andretainingemployeesinthemidstoftheEraofGreatResignation,areallissuesfacedbycompaniesacrossallindustriesinoursurvey.Whenaskedaboutthechallengestheyforesawfortheircomplianceorganization,almost70%ofrespondentspointedto“attractingtalent,”afarhigherproportionthanforanyotheroption.Moreover,thesurveyrevealsthatallcompaniesregardlessofindustryhaveyettofindtheidealstrategyinresponse,sayingthattheyaremerelyadequately,orevenpoorly,positionedforthischallenge.Moreover,attractingtalentisunlikelytogetanyeasier,giventhat68%ofrespondentssaytherequiredrangeofqualificationsforrolesintheircomplianceorganizations-comprisingskillsets,expertise,andtechnicalqualifications-isonlylikelytoexpand,andafurther18%sayitwillexpandsignificantly.Thegrowingimportanceofcybersecurityandthedigitizationofcomplianceactivitiesareamajorconcernamongrespondentswhenconsideringthefutureoftheworkforce.Subjectmatterexpertise,cross-functionalcollaboration,andanawarenessoftheever-growinginventivenessofhackersandcybercriminalswillbeessential.Theworkforceofthefuturewillneedtostayuptodatetechnologicallyandadaptquicklytochangingrisksandregulations.Aswasreflectedinrespondents’concerns,therequirementsforthefutureworkforceextendwellbeyondtechnicalknow-how.Astheriskandcomplianceenvironmentgrowsincreasinglycomplex,theemphasisonstrongbusinessethicswillonlyincrease,encouragingemployeestomaketheirownethicalassessmentsofwhatisrightandwrong.Simplytickingboxesindicatingcompliancewithvariousregulationswillnolongersuffice.ThegrowingemphasisonESGandothertopicsobligesthecomplianceworkforcetokeepabreastofdevelopments,seethebiggerpicture,applytheirexpertisetonewareasandthinkalongmoregloballines,whilekeepingpacewiththerequirednewcollaborationmodeltomanageriskcross-departments.AsthesocialcomponentofESGgrowsinimportance,companieswillneedtobesensitivetothehumanrightsrisksthatflowfromworkingwithmultiplesuppliersandglobalsources.1ComplianceMandate/2Geopolitics/3ESGCompliance/4Digitization/5Cybersecurity/6BusinessEthics/7Workforce1819WORKFORCE:Securingtherightskills7.FIGURE9:CORECHALLENGESFORCOMPLIANCEORGANIZATIONSINTHEFUTUREPoliticalissuesareencroachingmorethaneverontheglobaleconomy.Complianceprofessionalsmustthereforebeabletoidentifyandanalyzecomplexscenarios,andconsiderbothpoliticalandeconomicfactors.Thiswillhelptoensurethattheircompany’scompliancestrategies,andhowtheyareimplemented,areflexibleenoughnotjusttoreacttoeventsbuttoanticipatethemandprepareaccordingly.Theattitudesofemployeesarealsochanging,andcompaniesmustadaptaccordinglytoattractthemandkeepthemonboard.MembersofGenerationZinparticular—thosebornbetween1995and2010—saytheywanttheirworktoaddvaluetosociety,andcaremoreaboutESGwhenchoosingtheiremployer.Moreover,newemployeesexpectcompaniestoallowforremoteworkingandofferstate-of-the-artdigitaltechnologiesandworkprocesses.Asthetalentwarintensifies,companiesthereforeneedtomanagetheirESG-relatedreputationswithcare,andthinkdifferentlyabouttheirworkingpracticesandtheirimpactonriskandcompliance.Insomesectorsinparticular,companiesareheavilyburdenedbytheeffortrequiredtopreventESGviolationsandimplementsocialcompliancethroughouttheirsupplychains,andbytheconstantthreatofregulatoryretaliationandreputationaldamage.Thisisparticularlytrueforindustrialgoodsandhealthcarecompanies.Theimplementationofduediligencein3TG(tin,tungsten,tantalumandgold)supplychainsenablesresponsiblesourcingof3TGfromcountrieslikeNigeria.Newregulationsandcampaignsagainstbriberyandcorruptioninmanycountrieshaveraisedthebarforsupplychaincomplianceriskmanagementinallindustries.Thegeneralpopulationsetshigherstandardsforpublicorprivatesectorentitiesinhealthcareinparticular.Manyoftheseorganizationsneedtomakesignificantenhancementstothecurrentrelevantsupplychainandbusinesspartnerduediligenceprocesses,e.g.byraisingthelevelofautomation.Inthisway,theycanavoidregulatoryscrutiny,negativeheadlinesandlossoffacewiththeirownworkforce.Simplyadvertisingforapositionwillnotachievetherequisiteresults.Companiesneedtobemoreimaginativeintheirtalentstrategies,moreawareofdiversityandinclusion,andreadytorespondtothedemandforamoreflexibleworkplace.Theyalsoneedtobecarefulthattherapidexpansionofcomplianceorganizations-57%expectthemtoincreaseinsize–doesnotdamageeffortstoestablishtherightculture,giventhedifficultyoftransmittingcompanyvaluestomanynewjoinersatthesametime.Recruitingnewpeoplealonewillnotbesufficientinbuildingtherightworkforce.Astechnologyadvancesandworkplacestrategiesevolve,existingemployeeswillneedtobetrainedinrelevantnewknowledgeandskills.Trainingcapacity,includingsubstantialrampingupofrelevantITcapabilities,shouldthereforebegreatlyexpanded.Indeed,companiesneedtodevelopaclearandcomprehensiveworkforcestrategythatdoesnotleavethecompanyvulnerabletoskillsdeficienciesatanygiventime.Oursurveymakesclearthatcomplianceorganizationsshouldbeequippedwithadiverseskillsetthatcandealwithallrelevanttypesandareasofrisk,andcanfulfillthevariousrolesrequiredwithinflexiblecollaborationmodels.Inamorecompetitiveworld,companiesshouldpinpointexactlywhatskillstheymostneed,wheretheycanbefoundandhowtheycanbedeveloped.Itisnotfeasibletofightfortalentonallfronts,andcompaniesmustthereforefocusontheirpriorityareas.ATTRACTINGTALENT68%ORGANIZATIONALCOMPLEXITY(e.g.betweenbusinessunits)43%SufficientIT-infrastructure38%Overallrisingcostsforcompliance37%Risingregulatoryscrutiny36%Sufficientworkforcecapacityforimplementation33%Developmentofadigitalcompliancestrategy32%Supportiveoverallculture32%Sufficientbudgetforimplementation32%Costcutting30%Leveraginginternalknowledge28%Integratingbusinessgoalsanddigitizationgoals26%"Senseofurgency"fromseniormanagement25%Improvingefficiencyoffirstlineofdefense25%Leveragingexternalknowledge15%2021BostonConsultingGroup(BCG)partnerswithleadersinbusinessandsocietytotackletheirmostimportantchallengesandcapturetheirgreatestopportunities.BCGwasthepioneerinbusinessstrategywhenitwasfoundedin1963.Today,weworkcloselywithclientstoembraceatransformationalapproachaimedatbenefitingallstakeholders—empoweringorganizationstogrow,buildsustainablecompetitiveadvantage,anddrivepositivesocietalimpact.Ourdiverse,globalteamsarepassionateaboutunlockingpotentialandmakingchangehappen,deliveringintegratedsolutionsthroughleading-edgemanagementconsulting,technologyanddesign,andcorporateanddigitalventures.Whetheryouwanttoadvanceanidea,acapability,ortheworldatlarge,BCGiswithyoueverystepoftheway.Weexcelinthebusinessofhumanpotential,andbelieveinitspowertoshapestrategic,organizational,economic,andsocietalchange.—Companiesneedtotakeactioninvariousareasinordermaximizethevaluecreationoftheircomplianceorganizations.Theyneedtodefinetheprecisemandateofthecompliancefunctionforeachtypeofrisk,defineanadequateapproachofitsroletoaddressthedifferentdemands,andclearlyallocateotherrelevantresponsibilitiesacrossdifferentdepartments.Plansforswifterandnimblercrisisresponsecanminimizetheimpactofmajorgeopoliticaleventsthathavebedeviledbusinessesinrecentyears.Onenvironmental,socialandgovernanceissues,theyhavetobridgethegapbetweentheircommunicatedambitionandtheoftenmuchmoremodestreality.Manycompanieshavefallendangerouslybehindinthedigitizationjourney.Astheyhurrytorectifythissituation,theyneedtomaintaintheirfocusonwhattheclientswantandwhattheirbusinessneeds.Oncybersecuritytoo,theyoftenhavemuchgroundtomakeup,andseniormanagementshouldurgentlyimplementacomprehensivevalue-for-moneystrategyandarangeofcross-functionalinitiatives.Tofosterethicalbehavior,companiesmusttakethenecessarystepstochangetheculture,andmakeitsimplerforemployeestovoiceanyconcerns.Regulators,investors,customersandemployeesareprobingthisgapwithincreasingenergyandconcern.Butofallthefactorsthatmakeforasuccessfulcomplianceorganization,therightworkforceisessential.Nosuchorganizationcanprosper,therefore,withoutaprudentworkforcestrategythatconsidershowbesttoattract,retain,motivate,andtraintheirpeople.Giventheclearneedforamorediverseskillsetaddressingthefunctionaldemandaswellastheroleflexibility,thedefinitionofanappropriatepeoplestrategyiskey.FORFURTHERCONTACTIfyouwouldliketodiscussthisreport,pleasecontactoneoftheauthors.Forinformationorpermissiontoreprint,pleasecontactBCGatpermissions@bcg.com.Seebcg.comforBCG’slatestcontent.There,youcanalsoregistertoreceivee‑alertsaboutthisorothertopics.FollowBostonConsultingGrouponFacebookandTwitter.©BostonConsultingGroup2021.Allrightsreserved.11/2022CONCLUSIONABOUTBCGBostonConsultingGroup(BCG)partnerswithleadersinbusinessandsocietytotackletheirmostimportantchallengesandcapturetheirgreatestopportunities.BCGwasthepioneerinbusinessstrategywhenitwasfoundedin1963.Today,weworkcloselywithclientstoembraceatransformationalapproachaimedatbenefitingallstakeholders—empoweringorganizationstogrow,buildsustainablecompetitiveadvantage,anddrivepositivesocietalimpact.Ourdiverse,globalteamsarepassionateaboutunlockingpotentialandmakingchangehappen,deliveringintegratedsolutionsthroughleading-edgemanagementconsulting,technologyanddesign,andcorporateanddigitalventures.Whetheryouwanttoadvanceanidea,acapability,ortheworldatlarge,BCGiswithyoueverystepoftheway.Weexcelinthebusinessofhumanpotential,andbelieveinitspowertoshapestrategic,organizational,economic,andsocietalchange.—ABOUTBCGwww.bcg.com

1、当您付费下载文档后,您只拥有了使用权限,并不意味着购买了版权,文档只能用于自身使用,不得用于其他商业用途(如 [转卖]进行直接盈利或[编辑后售卖]进行间接盈利)。
2、本站所有内容均由合作方或网友上传,本站不对文档的完整性、权威性及其观点立场正确性做任何保证或承诺!文档内容仅供研究参考,付费前请自行鉴别。
3、如文档内容存在违规,或者侵犯商业秘密、侵犯著作权等,请点击“违规举报”。

碎片内容

碳中和
已认证
内容提供者

碳中和

确认删除?
回到顶部
微信客服
  • 管理员微信
QQ客服
  • QQ客服点击这里给我发消息
客服邮箱