The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
Make compliance your domain
1. Make compliance your domain
GREGG BARRETT
THE CGF Research Institute (www.cgfresearchinstitute.com) will be releasing its report on
contract management and its role in Governance, Risk Management and Compliance (GRC)
soon.
Having done the “Peer Review” for the report, I can say that it should be a useful strategic
overview on the topic for senior executives – and hopefully, a wake-up call to many.
The report has been spurred by market demand and I am pleased that CGF has drafted the
report. CGF‟s chief executive Terry Booysen is passionate about GRC matters and is
extremely knowledgeable about the topic.
Judging by the recent headlines that crossed my computer screen, the report could not have
come at a more appropriate time. Some headlines include: “Sita bungles smart ID card
tender”, “Controversy hits R153m Cipro tender”, “Telkom defends tender actions” and
“Transnet corruption damages rail deal”.
I covered the topic of governance in the context of procurement in an earlier article and
thought it would be wise to delve into what compliance means in the context of
organisational contracts and agreements. I would like to refer to the book, Enterprise Contract
Management (ECM): A Practical Guide to Successfully Implementing an ECM Solution by
Anuj Saxena. Co-sponsored by the International Association for Contract and Commercial
Management (IACCM), it arguably serves as the de facto guide on the topic.
In the book, Saxena says: “Compliance involves an organisation‟s behaviour in its
relationships – with its employees, shareholders, customers, suppliers and the public. Since
the terms of such relationships are documented in a spectrum of contracts (including
legislation, agreement, resolutions and the like), enterprise contract management is an
essential compliance function.”
Myths and illusions
Before I deal with the compliance domains relevant to organisational contracts, I would like
to highlight a few of the myths and illusions many organisations live by and, in so doing,
expose themselves to substantial risk. The myths and illusions are from my colleague, Brian
Henry, at Caridon Business Solutions and are the comments he has received from the
marketplace over the years. I can identify with each of these points – some of them I have
heard verbatim. They are:
) “Contracts are easy to manage – I sent all mine to legal.”
) “There‟s a lot of paper here. Better look into getting a proper document management
system.”
2. ) “IT must get their act together and up their systems. It‟s time we put in SAP.”
) “All are signed and therefore under control.”
) “To be avoided – safer not to enter into contracts.”
) “Should never sign if you can help it. Let someone else sign.”
) “Contracts are legal issues and nothing to do with me.”
) “Something to do with procurement and suppliers, not my department.”
) “Responsibility of „the boss‟. ”
) “Kept centrally by someone in head office.”
Such thinking has disastrous consequences and corrective action should be taken as a matter
of urgency, I suggest that you should at least get your hands on the CGF report.
The compliance domains
There are three major ones in an enterprise. They are the:
) Regulatory compliance domain (governmental and legislation)
) Procedural/operational compliance domain (in an organisation‟s business functions)
) Contractual compliance domain (between an organisation and other entities)
When people talk about “compliance”, it must be determined what domain they are referring
to because different domains have different actions and outcomes. For example, if people talk
of Accounts Payable or Accounts Receivable, this is “transactional compliance” and is part of
the procedural/operational domain.
Demystifying each domain
Regulatory compliance domain:
Regulatory compliance is defined as the compliance to mandates imposed by outside
organisations or government. Contractual management must address regulatory compliance
in detail as the consequences of not meeting such regulations is grave and results in costly
penalties or a cessation of business opportunities.
Procedural/operational compliance:
Saxena says this is an organisation‟s attempt to self-govern and impose guidelines so that
each transaction is in line with the boundaries it has created to ensure success. Such
procedures govern the type of sales an organisation conducts, the type of vendors it procures
3. goods and services from and the type of communication it makes available to inside and
outside audiences.
Contractual compliance domain:
Contracts have life terms and stipulations that must be heeded to make the contract effective.
This includes proper payment, reporting and renewal. As contracts continue to determine
issues that include employment, sales, vendors, grants, loans and supplies, they must be
monitored so that the organisation and the party to which it binds fulfil their responsibilities
for mutual profitability.
Contracts must also remain visible while remaining secure against unlawful access or
changes.
The real world
You may be saying this sounds good but that a real-world example is needed. I wrote about
the rail company Burlington Northern and Santa Fé (BNSF) Railway previously so let‟s
check there.
BNSF says its contract management initiative allowed the organisation to better define and
enforce many corporate policies and business processes – something that sparked the start of
its corporate governance initiative. This allows BNSF to track and audit these processes and
the responsibility of the people participating in each step. This ensures proper diligence and
allows people to take personal responsibility for their actions. ¹
BNSF is just one example of many companies that understand the importance of contracting
and its impact on governance, risk management and compliance efforts.
The bottom line is that if you are not in control of your contracts, you are not in control of
your business and governance, risk management and compliance is nothing but a pipe dream.
¹ BNSF Railway presentation, NCMA (www.ncmahq.org)
) Gregg Barrett is a director at Cylon Technology – www.cylon.biz
) E-mail margaret.botha@media24.com with any queries or suggestions