As 2019 comes to a close we get a chance to reflect on a year that has delivered copious uncertainty, a frustrating lack of tangible action on the challenges facing South Africa, and a populace that suffers bipolar swings between depths of despair triggered by economic uncertainty, world-leading crime rates, world-lagging education levels and rampant corruption, juxtaposed against the absolute heights of ecstasy experienced watching the Springboks clinch the Rugby World Cup, Trevor Noah selling out Madison Square Garden, Sho Madjozi dancing the John Cena with the man himself, and Western Cape dams rising to their highest levels in 5 years. To say we’re a country with ups and downs is a prodigious understatement. Living in South Africa is a rollercoaster ride, and it’s your choice – feel the terror and scream at the top of your lungs, buckle up and enjoy the ride, or leave the carnival for more sedate pastures.
Good governance, ethical leadership, accountability and compliance are topics that are widely discussed and generously scattered throughout financial statements, shareholder agreements, codes of practice, frameworks, guidelines and manuals. Every corporate and public sector event trumpets the need to “do the right thing”, the rewards being success, sustainability and the ability to sleep at night without pharmaceutical intervention. Being an eternal optimist, I am I am fairly confident that the vast majority of organizations out there are towing the line on the right side of ethical behaviour, but our newsfeeds are still inundated with examples of bad corporate or public sector behaviour involving entities we might once have viewed as beyond reproach. Over the last year, some of our most popular website blogs have been on the topic of good corporate governance.
In June last year we first published an article on the effect of the General Data Protection Regulation (GDPR) on South Africa. At the time quite a few of you would have started receiving a surprisingly large amount of emails informing you of new privacy policies from websites and service providers that communicate with you and store your data. The GDPR, a regulation in European Union (EU) law is similar to South Africa’s Protection of Personal Information Act (POPIA) and makes organizations accountable for personal data protection. We revisited this topic recently, and found that there is still quite a lot of confusion and misunderstanding of how citizen’s data is used. The imposing of fines has also disappointed in relation to its original iron-fisted intentions. 11,468 cases were opened in the UK for data breaches and only 29 resulted in a fine. On the plus side though, the number of data breach notifications and complaints has increased dramatically, which is valuable information in understanding the root causes. You can read both these articles in the links below, as well as some insight on something that directly effecting us all, the POPI Act:
Although published last year, another popular blog on our website touched on the Integrated Governance, Risk and Compliance (IGRC) Framework developed by EOH. The simplicity and practicality of this framework makes it an easy-to-follow guide to assist in advancing GRC beyond the realms of compliance, with the goal of getting an organization’s people to see GRC as a way of generating value that equips the business to more ethically and sustainably achieve its objectives. The framework provides a three step approach to the practical implementation of GRC, namely horizontal integration (cross functional), vertical integration (aggregation) and dimensional integration (cultural). The link is below, and I couldn’t resist including a link to by far our most clicked-on article on the website unpacking King IV.
Whether you are afraid of a Terminator like future, break out in a cold sweat at the thought of losing your job to machines, or lay awake at night contemplating disruption to your business, the fourth industrial revolution, artificial intelligence, and the growing impact of disruptive technologies is a reality we can no longer afford to ignore. These factors will impact every aspect of our private, public and corporate lives, and we can cower in fear as they rumble over us, or we can embrace the benefits of these changes, ensure we future proof our lives and our organizations, and lay a strong platform of readiness to take advantage of the abundant upside that 4IR, AI and robotics brings. Change is disruptive and exponential, which necessitates disruptive and exponential thinking. In the age of business unusual, you need to be in charge of your own disruption. For more on these topics, feel free to explore the following insights:
A massive thank you to all of our contributors (if you haven’t already browsed through these blogs, I’d certainly recommend clicking on http://www.barnowl.co.za/insights/). We are grateful to have developed a powerful network of industry professionals and we are proud of our positioning as a thought leader in the fields of governance, risk management, compliance and internal audit. As we reflect back on 2019, may the experiences gained serve us well on the exciting road that lays ahead. I’d also like to take this opportunity to extend abundant gratitude to all of our current and potential customers, suppliers, colleagues and friends, and wish you all of the best for 2020 and beyond.
Author – Paul van der Struys