While at this happy time there’s not much we need to learn from the Aussies on the rugby or cricket pitches, it’s a different story when it comes to governing legal compliance and conduct risk.

The Australia Banking Royal Commission’s report was released recently. The New Zealand Institute of Directors has pointed out that the Commission’s findings and recommendations are relevant to all boards and directors in New Zealand.

The Royal Commission’s report comes hot on the heels of the Prudential Inquiry into the Commonwealth Bank of Australia last year, which also highlighted compliance and conduct risk failings and made similar recommendations.

Both inquiries had common themes – the failure of leadership, despite financial success, to properly govern and manage non-financial risks, particularly legal compliance and conduct risk.

The inquiries were well resourced and researched best practice standards globally to inform their findings and recommendations. These standards will be how New Zealand courts, legal and of public opinion, judge our business leaders in the future.

Useful questions for New Zealand boards

So what does best practice look like? The Royal Commission suggests that boards ask the following questions:

  • Is there adequate oversight and challenge by the board and its gatekeeper committees of emerging non‑financial risks?
  • Is it clear who is accountable for risks and how they are to be held accountable?
  • Are issues, incidents and risks identified quickly, referred up the management chain, and then managed and resolved urgently?
  • Is enough attention being given to compliance? Is it working in practice? Or is it just ‘box-ticking’?
  • Do compensation, incentive or remuneration practices recognise and penalise poor conduct? How does the remuneration framework apply when there are poor risk outcomes or there are poor customer outcomes? Do senior managers and above feel the sting?

Helping our customers put best practice into action

Most New Zealand businesses don’t have clarity about what legislation applies to them, let alone what’s specifically required under each relevant law or who is responsible for compliance with those obligations. Happily, ComplyWith users have that challenge sorted already.

We’ve listened to board members, particularly those on audit and risk committees. We’ve heard that they want to have informed discussions about legal compliance risk, rather than just tick boxing on process. We’ve used these insights to design our new board reporting module, which we’re aiming to release in March.

We’ve received feedback that ComplyWith’s new corrective actions module is helping businesses to ensure compliance is happening in practice – risks are being resolved, not simply identified.

A strong theme from the Australian inquiries was that leadership on compliance needs to come from the top. We encourage businesses to use the new ComplyWith welcome screen to present a message from the CEO or board that communicates the importance and value of doing things right while achieving business goals.

We’re also fast-tracking the development of a new Conduct Risk module aimed at helping businesses better govern conduct risk. More about this shortly.

Parting shot

There’s been some discussion in the media about whether the findings of the Australian inquiries are unique to the Australian financial services context or not. We believe the more important question is what can New Zealand business leaders learn from them? As Warren Buffett says:

It’s good to learn from your mistakes. It’s better to learn from other people’s mistakes.


ComplyWith is a legal compliance and conduct risk cloud platform used by over 120 businesses and government departments in New Zealand. Find out who we’re already helping here, or contact us for more information. 


BIG C Background Image