Menu

Compliance

Conquering Cross-Border Complexity with Effective Risk Management

In a fragmented global economy, compliance with local rules and regulations is key to managing risk when expanding across borders.

Friday, November 8, 2024

By Aynsley Vaughan

Advertisement

International expansion enables companies to tap into new markets. However, navigating increasingly complex regulatory requirements can be challenging, with a myriad of risks emerging across the international business landscape.

There are many reasons why a business may decide to operate across multiple countries, including growth aspirations and the need to navigate geopolitical factors such as supply-chain disruptions.  Perhaps less obvious is the desire to access a wider pool of talent. The 2023 ManpowerGroup Talent Shortage Study indicated that 75% of employers worldwide are struggling to find the talent they need.

Such difficulties span multiple sectors, with accounting, financial services and investment roles in particular suffering pronounced shortages. By deciding to operate in different countries, a company gives itself a better chance to attract new talent that can help to sharpen its competitive edge.

However, expansion also comes with a range of challenges, including the need to carefully consider geopolitical risks as tensions grow in certain regions and long-standing conflicts persist.

The Double-Edged Sword of Compliance

Another risk faced by companies expanding into new markets is the financial and reputational damage associated with failing to comply with local rules and regulations, with penalties becoming more common and severe.

avaughan-318x371TMF Group’s Aynsley Vaughan

A majority of global jurisdictions (54%) predict global regulatory requirements will become increasingly complex in the next five years; the figure is up from 49% in 2023, according to TMF Group’s 2024 Global Business Complexity Index (GBCI) report focusing on Global Entity Management (GEM).

Many jurisdictions even identify difficulties in the regulatory environment as the predominant trend causing complexity for foreign investors. While there are certainly benefits associated with an increasingly transparent international system, the combination of an ever-expanding set of rules and regulations with more stringent penalties for non-compliance is driving this sense of complexity.

It’s a double-edged sword that is creating a need for adaptable and forward-looking compliance frameworks.

Balancing Global Considerations with Local Requirements

When creating such a framework, it’s important that businesses understand how the world is evolving. There are similarities emerging across different regions, but also sometimes subtle differences.

Looking at the similarities first, an obvious example is the European Union, which is pursuing harmonization across member states. This includes the new Digital Operational Resilience Act (DORA), which mandates that in-scope firms – such as banks, investment firms and fintechs – must implement robust measures to manage and mitigate operational and system risks by January 17, 2025.

DORA will leave it to the national supervisory authorities across the EU to determine the exact sanctions for non-compliance. In Germany, for example, the cabinet has initiated a new law (the Financial Market Digitalization Act) which designates the Federal Financial Supervisory Authority – and in some cases, the German Bundesbank – as the competent authorities in charge of supervising that financial entities comply with the new requirements.

While it may seem the world is working towards simplification in all fields – whether that’s digitalization, standardization of rules, or applications of new technology such as artificial intelligence – there are still often significant differences between markets that a business will need to understand. Here are some of the important areas to consider when putting together a comprehensive compliance framework that addresses the broad spectrum of risks.

  • Inconsistent standardization of international rules

Certain types of reports are becoming obligatory in an increasing number of countries. This includes an incremental rise in the necessity to register information related to Ultimate Beneficial Owner (UBO) and Person of Significant Control requirements. TMF Group’s research has highlighted that this requirement has increased from 68% in 2020 to 75% in 2024, underpinning a global move toward greater clarity on ownership structures and control. This reflects heightened efforts to prevent financial crimes and promote corporate accountability.

However, each country has a slightly different approach to UBO reporting, which can be misleading for expanding companies. There will be different definitions of what constitutes a UBO, what percentage of the company a UBO must hold, and to whom – and how often – the company needs to report. Local knowledge and expertise are therefore essential.

  • Opportunities and threats associated with easier access to information

More and more data points are being collected by today’s businesses. On one hand, this enhances transparency, but on the other, it creates new risks associated with data privacy and compliance with associated laws, such as the General Data Protection Regulation and new reporting obligations.

These obligations include compliance with Know Your Customer and Anti Money Laundering regulations, but there is also a growing focus on Environmental, Social and Governance reporting that covers everything from a company’s impact on the planet to the adherence to Diversity, Equity and Inclusion policies.

  • The complexities of AI

Artificial intelligence offers exciting new opportunities to the world’s businesses, but it also needs to be used with the appropriate due diligence and within certain limits.

The European Parliament recently approved the world’s first comprehensive framework for constraining the potential risks of AI in the EU AI Act. It will be interesting to see how other jurisdictions now react – the U.S. government has previously issued an executive order requiring AI developers to share safety results, while China has been introducing a patchwork of laws and guidelines in recent years. This means that depending on the exact location of registration in China, there may be different compliance obligations from other parts of the country.

As well as complying with local laws, businesses must ensure that they verify any content produced by AI. Responsible use of AI, regardless of jurisdiction, should still include human validation. Local experts who understand the market in question can verify the accuracy and interpretation of the sources used.

Ensuring Compliance While Focusing on Core Operations

In conclusion, despite numerous initiatives aimed at making doing business easier, the majority of the world’s jurisdictions are expecting the rules governing business activities to become more complicated.

The rapidly evolving landscape of regulatory complexities and heightened compliance measures has introduced new considerations, but it should also be noted that strong regulatory compliance offers both accountability and greater governance.

Four in ten (42%) jurisdictions now recommend that foreign investors seek legal and professional support to mitigate operational risks, TMF Group’s GBCI Report shows. Many organizations are harnessing global providers with local expertise and knowledge to manage their compliance requirements. Leveraging such services to manage compliance processes can help businesses minimize risks and maintain smooth operations as they expand across borders.

 

Aynsley Vaughan is Global Head of Global Entity Management and Accounting & Tax at administrative services provider TMF Group. With more than 125 offices worldwide, the company partners with clients to keep them on top of complex rules and regulations in the countries where they are active. Ms. Vaughan has over 22 years of experience in the financial services sector and has worked extensively across both onshore and offshore markets. For the past decade, she has specialized in corporate trusts, focusing on employee benefit and share ownership trusts, and related incentive structures for a variety of companies and their founders.




Advertisement

We are a not-for-profit organization and the leading globally recognized membership association for risk managers.

weChat QR code.
red QR code.

BylawsCode of ConductPrivacy NoticeTerms of Use © 2024 Global Association of Risk Professionals