On 30th January, 2020, World Health Organization (WHO) declared the outbreak of COVID-19 as a public health emergency of international concern and global pandemic. With this declaration, governments worldwide created new laws to fight this pandemic.
Governments in some countries suspended certain economic activities whereas other countries are in different phases of lockdown. With new laws created to fight this pandemic, it is increasingly becoming harder for companies to operate from the viewpoint of Governance, Risks, and Compliance (GRC).
But even during such crises, the governments won’t stop their investigations into activities like money laundering, tax evasion, drug trafficking, fraud, and most importantly on organizations not following the new rules regarding the pandemic. Amidst the prevailing uncertainties and challenges, it is recommended that the top management and the GRC department come up with a strategic plan to mitigate the risks.
Keeping the pandemic’s potential risks in mind, here are a few measures to strengthen a company’s GRC culture:
- Creating a crisis committee and reviewing the risk matrix.
- Keeping a track of changes in the work routines of employees, overall operations and legislative changes as a result of lockdown.
- Limiting travel and isolating affected employees.
- Tracking the activities of high-risk suppliers.
Other than these identified measures, the crisis committee should consider the following measures which we form the pillars of a GRC program:
- Helpline or the complaint channel – As companies around the globe face different crises like excessive increase in prices of raw materials, exposure of employees to pandemic, and changes in government policy, it becomes necessary for the company to set up a new helpline channel that receives, handles and routes complaints in an efficient manner.
The organizations need to take extra care of employees who cannot work remotely and whose work demands a physical presence. It is the management’s responsibility to oversee that no rules related to the COVID 19 are violated by the employees and they are provided with proper protection equipment.
- Assessing risk and control – Risk assessment in the times of crises is tough, but it is necessary. As governments worldwide implement new laws to fight COVID-19, risks that were not considered as a priority may arise as a top priority. The company’s GRC department may authorize a crisis committee to handle such risks and take necessary actions. It becomes the responsibility of this committee to assess potential risks related to the following areas and sketch out an action plan whenever necessary:
- Supply chain
- Communicating emergency plans – Only the efficient drafting of an emergency plan does not make its implementation successful. Its success also lies in the plan being efficiently communicated throughout the organization for employees to follow it. The crisis committee should create a separate channel to communicate and successfully implement this plan to a large audience that includes its employees, suppliers, third party-contractors, service providers, and its customers present worldwide.
As the world has come to a standstill, organizations throughout the world have joined hands with the governments to fight this deadly pandemic. A well-thought GRC strategy will not only help the organizations to fight the crisis efficiently but, will also help the organization in keeping momentum in business during these difficult times.