Author: Tim Cummins
Is contract compliance about strategy, process, policies or individual obligations? Is it about specific performance or conformance with regulation? Is it focused on internal operations or external relationships? The answer, of course, is that it is all of those things. But an intelligent compliance system is also about ensuring understanding of when compliance must change, at what point must we switch our thinking.
For an example, I'll go back to my days in the world of computers and software. I'm talking about a time when pricing varied by country because sales were generally local and customers were organized by country or region, not globally. But networked technology rapidly drove a change in the customer view. They wanted to manage their purchases on a worldwide basis – and they started to demand harmonized pricing. I recall the Finance department fighting tooth and nail to resist those demands. They accused customers of 'gaming' and set up rigid control systems to prevent Sales deviating from standard country pricing.
The result was a sustained and fairly rapid loss of market share, especially in portable devices such as personal computers. Finance and Contract Management between them were remarkably successful at ensuring compliance – indeed, ultimately they had 100% compliance, because they ensured the collapse of that segment of the business.
So when we talk about compliance, we must be very careful to define its role – and the responsibilities of 'compliance managers' – very carefully. When I was asked recently about the job role, I tried to develop a high level description:
Contract compliance management can embrace many different aspects and phases of contract management. It is an important area of business performance which in theory will raise efficiency and reduce risks. However, while compliance monitoring is necessary, it is essential that there are processes which allow insight to the need or opportunities for change. Therefore best practice takes on two forms – one of which is ensuring that there are controls over non-compliance and the other is ensuring that the definitions of compliance are monitored and necessary adjustments are made for changing business or market conditions,
At a strategic level, it might be responsibility for things like:
At a transactional level, it might include:
At both levels, it might include:
I'd welcome your thoughts and experiences on how this role is best defined and performed – recognizing, of course, the increasing role that software plays in compliance management.