Compliance requirements for companies are growing, especially in the fields of ESG (Environmental, Social, and Corporate Governance) and data privacy. The phenomenon can be observed not only within the EU, but also many other areas of the world. Within the regulatory environment, fostering ESG practices has long since developed from a voluntary commitment to a “real” compliance issue which lawmakers are driving forward with serious sanctions and which courts are also shaping within the framework of the evolving laws. These laws are very complex, often unclear, and intrude deeply into the areas of risk analysis and risk management, which traditionally represent a core responsibility of companies. Many regulations emphasize development and implementation of internal processes within companies. This greatly reduces companies’ discretionary powers, since responsible use of leeway is a core area of entrepreneurial decision-making governed by the business judgment rule. Structurally, we are seeing increased legalization of risks, through which the legislator de facto takes away companies' leeway to make entrepreneurial decisions. Also, the threat of severe fines and uncertainty about the interpretation of legal terms makes it difficult for companies to decide what needs to be done to meet the laws’ requirements and to avoid risk. Looking at the char acter of the regulations, we see value-driven and symbolically-charged laws. However, these laws are anything but “dead letters” - they intervene deeply in companies’ risk management, aim at changing behavior, and have sharp “teeth” in the form of sanctions. The EU may be a particularly fertile source of symbolic legislation, which can serve to create political identity. Companies can, however, choose different ways to deal with these challenges, and they are free to find the right path. Even if lawmakers are increasingly intervening in the way companies carry out risk analyses and the priorities they set in that context, companies should defend their leeway and use it wisely. It is of utmost importance to know the real risks well and to use leeway responsibly. A diligent risk analysis, carefully aligned to a company’s circumstances and needs, is always a good starting point. Perfect knowledge of applicable laws and the company’s operations is a prerequisite for a professional risk assessment and building an effective Compliance Management System (CMS). There is always room for balanced decision-making regarding risk assessment and prioritization in accordance with the business judgment rule and entrepreneurial responsibility.
| Identifer | oai:union.ndltd.org:DRESDEN/oai:qucosa:de:qucosa:81946 |
| Date | 03 November 2022 |
| Creators | Trossbach, Stephanie |
| Source Sets | Hochschulschriftenserver (HSSS) der SLUB Dresden |
| Language | English |
| Detected Language | English |
| Type | info:eu-repo/semantics/publishedVersion, doc-type:article, info:eu-repo/semantics/article, doc-type:Text |
| Rights | info:eu-repo/semantics/openAccess |
| Relation | urn:nbn:de:bsz:15-qucosa2-819416, qucosa:81941 |
Page generated in 0.0016 seconds