We #StandWithUkraine, find out how to help here.
Last updated: 18.10.17

PwC state of compliance study report 2016

The PwC State of Compliance Study 2016 outlines compliance operations in relation to common industry practices. Over 800 executives participated in the survey, from all round the world, representing a diverse range of company sizes, industries and responsibilities. For many companies, compliance regulations are becoming increasingly complicated, especially with the impending introduction of the GDPR. This in itself causes issues for management to establish a culture of compliance within their organisation and ensure everyone complies with the necessary regulatory requirements.

PwC found that although 98% of respondents claimed that their senior leadership were committed to compliance, 55% said that management only provided ad hoc programs or delegated compliance oversight to others.

Therefore, without a strong focus of compliance within their business strategy, executives may struggle to integrate compliance into their business processes, as well as assess how effective their compliance efforts are.

PwC believe that there are three key areas executives should focus on in regards to aligning compliance as part of their business strategy:

  • Tone at the top: embedding a culture of compliance.
  • Risk assessment: identifying and addressing risks.
  • Oversight and responsibility: strategic involvement.

This is the top of the compliance and ethics framework triangle [Figure 1]. The below two sections of the triangle are further broken down into areas of focus for businesses to comply with:

  • Enforcement and discipline
  • Resource performance management
  • Auditing
  • Reporting
  • Monitoring, analysis and response
  • Communication
  • Training
  • Policies and procedures

Although this looks like a long list for executives and compliance officers to think about as part of a business strategy, there are many services available to help integrate these aspects into any organisation. Virtual College provide a learning management system (LMS), bespoke and off-the-shelf compliance training, as well as audit management software to help businesses implement and track compliance on a company-wide scale.

The importance of structure for compliance

Virtual College’s Enable LMS can help organisations to keep track of employee compliance through bespoke or off-the-shelf training accessed via the LMS. Reports can be pulled off to show how the workforce is up-to-date and training can be automatically allocated based on a specific time period or employees’ knowledge gaps. Policies and procedures can be assigned to all staff on their learner dashboards, allowing them to access them as and when needed. This all-in-one solution also provides an easy, quick and direct way for organisations to communicate with their workforce.


Communicating is crucial when constructing a culture of compliance, however, only 26% of senior executives speak of compliance and ethics as part of their everyday business communications. According to the report by PwC, the majority of senior leadership communicate with their staff regarding compliance and ethics on a quarterly basis, with 82% formally communicating this information via email.

This may not be the most effective way to ensure employees are reading the information and meeting compliance targets, as emails could be missed, lost in junk folders or opened at different times. Communicating via Virtual College’s LMS is simpler; allowing organisations to target specific people or groups, which could be linked to internal departments. Any important notices which need to be seen by the whole company can be sent as notifications, so executives can be reassured that their entire workforce has seen them straight away.

How auditing software can help

PwC also found that dedicated business unit compliance officers are keenly focused on monitoring activities, with 89% selecting compliance monitoring as a primary area of responsibility. Virtual College’s Enable Audit management software allows organisations to create their own audits, collect information from multiple users, and create detailed and comparative reports, meaning businesses can analyse their compliance progress and find areas in which they can improve.

With the GDPR deadline looming, it’s essential for organisations to start improving on compliance aspects within their business strategy. In fact, many respondents are already thinking about the introduction of more strict regulations, with 79% believing that overregulation is a major concern. However, although senior leadership is uneasy about increased regulations, the report shows that this still has yet to translate into widespread participation of compliance leaders in strategic planning; only 36% felt they were ‘inherently integrated’ or ‘played a part’ in their organisation’s strategic planning.

Despite these concerns and the fact more strict regulations are coming into force, in the form of the GDPR, organisations are disbanding their compliance committees, with only 52% of companies maintaining an in-house compliance committee compared to 64% in 2015 [Figure 9].

The report goes on to say that companies with effective compliance oversight and participating senior management have much more confidence in regulatory matters. In fact, this oversight becomes much more efficient if the compliance officer works in collaboration with multiple risk areas including legal, procurement and HR, in order to gain more oversight throughout all other departments and ensure they’re working within the same regulations.

For a more in-depth look at the PwC report, click here.

Related resources