Failure to deal with governance, risk and compliance (GRC) regulations and directives is costing the UK economy more than £1.5bn a year, a study has revealed.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
The estimates are based on a study of 200 large-scale enterprises by GRC consultancy su53.
Fears concerning the protection of corporate reputation and complying with regulations currently lead to losses of £1.13m in revenue for the average UK company, the study found.
This is coupled with findings that highlight how each of these enterprises suffers 510 days in lost productivity each year owing to ineffective GRC controls.
The heart of the issue, according to su53, is a strategic failure to align corporate reputation management with the practice of GRC.
Ever since directives such as Basel II and Sarbanes Oxley came into force, businesses have been working hard to eliminate incidents of risk, such as corporate malpractice that affect company reputation, said Martyn Proctor, managing director at su53.
"Unfortunately, this has resulted in a climate of fear whereby the majority of controls implemented by enterprises are reactionary measures that create more problems than they address," he said.
According to the study, 74% of businesses are finding that regulations and fear of reputational damage are stifling innovation.
The study found that a large number of CIOs indicate that employees in their organisation will turn a blind eye to GRC to prevent a loss of productivity.
For example, in 69% of enterprises, workers will temporarily give their colleagues their computer log-in details without the approval of IT, thereby bypassing GRC controls.
Nearly half of the companies questioned also give third-party suppliers such as IT outsourcers responsibility for implementing GRC controls.
"Asking any such third-party provider to implement and operate GRC controls is like trusting prisoners to lock themselves up every night," said Proctor.
The major insight this study highlights, he said, is that corporate reputation and GRC strategies today are completely out of sync.
"Until both are effectively aligned there'll continue to be a gaping black hole in the balance sheet of UK companies, not to mention our economy," said Proctor.