During the period when we were looking at a lot of QFE Adviser Business Statements one of the areas which gave the most difficulty for companies was the difference between management and governance. This was especially true for adviser businesses, and for sales teams, which are only really developing management systems right now - and governance is poor.
Over in the Finance and Accounting function the business knows clearly that tasks and people need to be managed, but additional, parallel structures need to be in place to ensure good governance. Audit functions bypass line management and have access to information and people at all levels to ensure that accuracy and generally accepted practices are being followed throughout the function. Sales management is poor in many businesses - even large ones - because in services the task and the people are difficult to monitor and manage.
But that is why Governance, Risk, and Compliance functions are convergent.
We argue that they are now so convergent as to be inseparable. In effect a new function exists in every business above a certain scale. It is an expansion of the role that perhaps would have been seen as the preserve of the audit committee, or part of Finance or Strategy.
Compliance is dependent on effective governance, and so often on risk-based assessments that it cannot be considered in isolation either. For most businesses, designed to be compliant day-to-day, if everything works fine, then business as usual systems operate in a fully compliant way. When they are tested is by events that are out of the ordinary: new products or services, new market conditions, a bad apple joins the sales team, tough times puts temptation in the way of a staff member - and so on. The characteristics of such events are that they need the skills of good risk management
The regular tasks required to ensure compliance must be subject to governance. Hence, we have our convergence.