Banks are facing expanding compliance expectations that are pushing compliance programs to the brink (PWC, 2013). The scope and nature of compliance have evolved and it is no longer limited to rules-based banking regulations. Operational and compliance risks have become more complex and entwined, increasing the potential for failed processes that cause customer confusion and compliance control breakdowns. Without a new approach to compliance and operational risk management, many banks will continue to face high costs and losses in the form of escalating litigation, penalties, and staffing needs. This theory helps me comprehend the relationship between the bank’s operation and CRM system.
Because the arrays of potential compliance risks faced by an organization are typically very complex, any robust assessment should employ both a framework and methodology. The framework lays out the organization’s compliance risk landscape and organizes it into risk domains, while the methodology contemplates both objective and subjective ways to assess those risks (Deloitte , 2015).
The framework needs to be comprehensive, dynamic, and customizable, allowing the organization to identify and assess the categories of compliance risk to which it may be exposed (see Figure 2). Some compliance risks are specific to an industry or organization—for example, worker safety regulations for manufacturers or rules governing the behaviour of sales representatives in the pharmaceutical industry. Other compliance risks transcend industries or geographies, such as conflicts of interest, harassment, privacy, and document retention(Deloitte , 2015).