Compliance Crisis Unveiled: 44% of Compliance Professionals Admit Unpreparedness for 2024 Challenges

Our latest survey has exposed a stark reality: 44% of compliance officers and managers feel unprepared for the compliance challenges that lie ahead in 2024. Only 7% feel fully confident in tackling the challenges in the year ahead, signalling a potential industry-wide gap in readiness to address the ever-changing regulatory landscape. 

The survey gathered 212 responses from industry leaders across the UK, USA, Spain and Germany, and gauged professionals’ confidence levels and preparedness in managing compliance issues. The findings underscore a critical need for robust compliance training programs as organisations navigate an increasingly complex regulatory environment. 

Beyond the headline unpreparedness, the survey explored various dimensions of compliance readiness:

1. Fraud Prevention Training

While 27% have implemented failure to prevent fraud training and an additional 27% are planning to do so, a concerning 46% revealed they have not yet rolled out failure to prevent fraud training, are undecided or have no plans to in the near future. This lack of preparation and preventive measures leaves businesses at an increased risk of fraudulent activities.

The new “failure to prevent fraud” offence comes into the UK as part of the Economic Crime and Corporate Transparency Act, which marks a significant shift in how businesses will be held accountable to combat corporate fraud and protect victims. Failure to provide adequate training can leave organisations susceptible to financial losses and reputational damage.

2. CSRD Compliance Preparedness

Only 2% of compliance professionals claimed to be fully prepared for Corporate Sustainability Reporting Directive (CSRD) compliance despite 50,000 companies worldwide being expected to be impacted by it. In comparison, almost half (47%) expressed uncertainty or deemed CSRD irrelevant to their operations.

As 2024 sees the first published reports from many large companies on their CSRD compliance, the global implications will ripple through supply chains, demanding a proactive approach.

3. Neurodiversity Training

In an era witnessing a quadrupling of neurodiversity discrimination cases from 2018-2022, compared to the number of cases from 2003-2017, organisations risk legal repercussions and employee well-being concerns without proactive measures for the fair treatment of neurodivergent employees to create a work environment that values and respects differences. 

Despite these figures, only 8% of businesses polled incorporate neurodiversity training into their yearly programs, and a notable 28% have no plans to do so, potentially hindering the creation of an inclusive work environment and causing an escalation of neurodiversity discrimination cases.

4. Gifts and Hospitality Registers

With 2023 witnessing a nearly quarter-billion pound fine against mining giant Glencore for flying suitcases stuffed with cash to local public officials, getting a handle on gifts and hospitality is crucial for businesses to get right in 2024. Worryingly, when questioned on the types of gift registers in place, 43% of compliance professionals admitted relying on outdated spreadsheets, while 18% admitted to not using any tools for this purpose at all, despite a legal requirement to implement procedures to prevent bribery.

Given the prevalence of digital solutions, the reliance on manual tools poses a risk to accurate and comprehensive compliance tracking. Organisations should consider investing in modern systems and technologies for more efficient and accurate compliance management.

5. Internal Policies on the Role of AI

Finally, the survey explored internal policies on the role of AI. While 23% have established policies, 37% have not considered AI policies in the workplace.

As AI integration becomes more commonplace, organisations must proactively develop and update policies to ensure responsible and ethical use. Neglecting this aspect may expose organisations to legal and moral concerns.

“As the compliance landscape undergoes rapid evolution with various regulations coming into force, this survey reveals a glaring gap in preparedness among compliance professionals,” said Nick Henderson-Mayo, Director of Learning and Content at VinciWorks. “The findings emphasise the critical need for proactive compliance procedures and new initiatives, including training. There are solutions out there for busy compliance professionals, including new technologies and automation. Being prepared is half the battle, and businesses can buffet against global headwinds by investing in proactive compliance and risk mitigation.”

To support compliance professionals in understanding the compliance challenges that lie ahead, VinciWorks is offering a free guide on Compliance Trends 2024.

In a recent study carried out by VinciWorks, a global compliance eLearning provider, 212 compliance professionals were surveyed on Compliance Trends 2024.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.