Compliance is here and it’s become a heavy weight, so why do so many companies either ignore it or hide from it?
Here are 4 common examples present in almost every company, in one form or another where compliance is critical.
1. Human Resources
2. Workplace Safety
3. Financial Services
4. Data Security
Failure to address compliance in these areas may be fatal to the business, this may seem dramatic but you leave your self-open to the possibility of criminal charges, poor business reputation and impacting productivity.
Data Security is often ignored and may have the most impact here is an article written by Kate Bevan (Financial Times) on the 4th December last year.
There is so much fun and sexy stuff that goes into building a start-up: hiring smart people, chasing funding, developing an exciting marketing plan and business plan going to and hosting events, buying groovy furniture for your funky office in London’s Shoreditch or Berlin’s Friedrichshain. But however disruptive and exciting your venture, there is one area founders and young, fired-up entrepreneurs tend to forget about – compliance.
Compliance sounds like something for the grown-ups rather than the cool kids to worry about. It is a dull word and a complex subject — and one that can get you into serious trouble if you do not have as tight a grip on data protection and software licensing as you do on choosing the football table for that office. Data protection and hacking is perhaps the scariest aspect of all this. It sometimes feels like a day never goes by without another big data breach hitting the headlines.
There have been some huge breaches during 2016. Dropbox revealed in September 2016 that the login details of 68m users had been compromised in a hack that happened in 2012. In the same month, Yahoo told the world that some half a billion users’ details had been hacked and exposed.
When the focus is on large companies such as Dropbox or Yahoo, it might be tempting for the founder of a start-up to think that the complexities of data protection, security infrastructure and risk management are not something she or he needs to be concerned about. Rune Syversen, co-founder of Crayon, the software licensing company, says small companies tend not to think about the necessities of compliance “until it’s too late”. He points out, however, that the complexity of compliance tends to increase the longer a company is in business, so it is wise to build it in from the start rather than to add it as a bolt-on later.
Syversen is talking specifically about software asset management — keeping tabs on what software is being used in your organisation, how that is licensed and whether the licences are up to date. But the same concerns apply equally to data security. You need to have as tight a grip on software licensing as you do on choosing groovy furniture.
Data protection laws apply to individuals and all businesses, regardless of their size. A breach can lead to a fine; the maximum fine under existing UK data protection legislation is £500,000. That kind of sum might be small change for a big company but it could empty the coffers of a start-up relying on seed funding or early tranches of investment.