Monday, February 18, 2008

European & U.S. Companies Should Consider Regulatory & Reputational Risks Posed to their Key Business Assets and Operations

http://www.dlapiper.com/global/media/detail.aspx?news=2360

News

--------------------------------------------------------------------------------

15 Mar 2007

European companies fail to deal with regulation threats

Press Release

--------------------------------------------------------------------------------
Major companies throughout Europe are increasingly worried about the threat from regulators - so much so that 40% believe they will be investigated within the next 12 months.


The findings, from a survey of 250 leading European firms for the global legal services organisation DLA Piper, show that companies consider regulatory risk management important to their business strategy, but are failing to manage the risk effectively.


The survey also shows that a large number are failing to put adequate measures in place to protect themselves. Companies also have a huge blind spot when it comes to putting in place mechanisms to protect their reputations in the event of investigation.


In a business climate where high profile investigations into European companies have become commonplace, the survey examines the approach to risk management and compliance, the powers and sanctions of domestic and international regulators, and crisis management among leading European companies operating internationally .


Offences for which companies face investigation by regulators (such as the Financial Services Authority, Serious Fraud Office, Office of Fair Trading, Health and Safety Executive and others) include corruption, price-fixing, abuse of dominant market position, tax and accounting irregularities.


The survey was carried out for DLA Piper by the international market research organisation TNS.


The findings include:


40% of respondents believe their own company will be investigated by a regulator over the next 12 months 57% believe that their industry is "likely" to be investigated in the next year 75% of the companies surveyed believe that company directors’ personal exposure to the punitive consequences of regulatory breaches is likely to grow over the next five years 76% of respondents believe that the risk of criminal penalties for regulatory breaches will continue to grow over the next five years 25% of the major European companies surveyed do not have any procedures at all in place to deal with a regulatory investigation.

Contrary to companies' beliefs that they are managing their risk, the survey reveals substantial gaps in European companies’ understanding of the powers of regulators.


For example:


67% of respondents are not aware that their competition regulator has the power to enter by force 63% of respondents do not know that their competition regulator can suspend or cease their company trading at will.


European companies are behind their US-listed counterparts when it comes to managing their regulatory risk, but US-listed companies are also falling short of the mark since only 52% can claim to have a structured compliance plan in place and only 71% can effectively deal with a regulatory crisis, meaning 29% would be unable to cope if investigated or raided.


Whether listed in the US or not, when it comes to the long arm of the US regulator, 32% of respondents are not aware of the US Sarbanes-Oxley Act (which deals with US accounting irregularities post-Enron), and 61% have not heard of the Foreign Corrupt Practices Act (which deals with bribery and corruption in relation to government officials). This is surprising since both pieces of legislation have set the standard against which companies are being measured.


Neil Gerrard, Global Head of the Regulatory and Government Affairs Group at DLA Piper, said: "Regulation is on the increase and the consequences are more real than ever before. Companies are facing huge fines. Directors are facing extradition, imprisonment and/or fines. Companies need to be aware of and manage this risk. They owe it to themselves and their shareholders.


"It is clear that businesses are starting to take the threat they face from regulators more seriously. However, they are still largely unprepared for the consequences of serious regulatory breaches.


"Companies need to be able to manage and respond to domestic and EU regulation and, increasingly, the long-arm of the US authorities. However, our survey clearly shows that they are failing to put in place a comprehensive response to managing these risks. They are putting themselves in grave danger by failing to address these problems."


Businesses across Europe recognize the danger to their brand. However, they are failing to put in place the means to protect it. Less than 30% of those drawing up a risk management plan consult a communications specialist.


The survey further shows that where companies have crisis management plans they are not comprehensive and do not deal with the wide range of risks that corporates face.


The survey shows that 51% of the companies surveyed have no crisis management plan at all and 47% of respondents with crisis management plans in place do not include procedures to deal with a Competition Authority investigation.


Neil Gerrard added: "The statistics on the lack of crisis management plans are shocking. An investigation by a competition authority, for example, can result in fines worth 10% of a company's turnover. The company can also be forced to sell off parts of its business. Such events can, without careful handling, irreparably damage a company's reputation and financial position.


"Firms across Europe need to address all potential areas of risk in order to manage that risk as effectively as possible.


"Breaches are inevitable. The best run companies will, from time to time, get it wrong. What is important is having good compliance programmes and managing the breaches as and when they occur.


"Our survey reveals that European businesses must work harder to ensure they have the key elements in place to ensure effective regulatory risk management: dedicated teams, compliance programmes, investigation procedures and crisis management plans that are regularly tested."

No comments: