Compliance Nightmares

Throughout history, human affairs have been governed by rules. They change and evolve with shifting needs and the emergence of new issues and challenges.

Today, we seem beset by increasingly vague and unreasonable regulations. It seems almost anyone – governments, suppliers – feels entitled to impose rules that protect some particular interest – and they feel no obligation to consider whether it is reasonable or enforceable. That is your problem.

I am talking about topics that range from corporate governance, through bribery and corruption, through export and import controls, to issues like software or license compliance. In recent months, I have heard story after story from business people who have no idea how they can ensure compliance with the rules being imposed upon them. In a story today, a US corporation that legitimately provided program access to its German subsidiary found itself in breach of export regulations because a Romanian employee (based in Germany) used the system.

We cannot do much about government regulations, excpet campaign against those that are clearly against the public interest (and IACCM will increasingly do that). But those who negotiate contracts must start pushing back on unreasonable obligations to monitor use. If they wish to protect their assets, suppliers have a duty to build protection into them or into the way they are distributed. It is not right to simply pass the burden of oversight to a customer, except in respect of fraudulent or deliberate misuse.

It is not only a question of reasonableness (though that is also an issue). The point is more that the organization subject to these rules is somehow meant to oversee their enforcement. In a digital world, that is incredibly difficult to achieve.