Professional Documents
Culture Documents
Regulatory Risk Differentiation
Regulatory Risk Differentiation
law.^[4] <#cite_note-4>
Compliance continuum[edit
</w/index.php?title=Regulatory_risk_differentiation&action=edit§ion=3>
]
It is a significant improvement to shift to a *compliance continuum* (or
spectrum), where the regulator reacts to a spectrum of compliance
behaviours. The Australian Customs Office applies a compliance
continuum.^[5] <#cite_note-5> ^[6] <#cite_note-6> ^[7] <#cite_note-7>
Compliance pyramid[edit
</w/index.php?title=Regulatory_risk_differentiation&action=edit§ion=4>
]
When the reaction of the regulator is tied to the behaviour, it is known
as a *responsive compliance model*. The responsive compliance model was
suggested by Ian Ayres </wiki/Ian_Ayres> and John Braithwaite
</wiki/John_Braithwaite_(academic)> in their book "Responsive
Regulation: Transcending the deregulation debate"^[8] <#cite_note-8>
which built on earlier work by John Scholz </wiki/John_Scholz>.^[9]
<#cite_note-9>
The Ayres and Braithwaite compliance model was elegantly represented as
a *compliance pyramid*.^[10] <#cite_note-10>
Alternative compliance models
</wiki/File:Alternative_compliance_models.png>
</wiki/File:Alternative_compliance_models.png>
The shape of the compliance pyramid indicates:
* the number of clients that might be found at each level in the model,
* the hierarchical and escalating nature of regulatory engagement, and
* the increasing focus towards the apex on the small minority who
appear to deliberately seek to contravene the system.
The choice of remedy (e.g. financial penalties, criminal imprisonment)
imposed by the regulator becomes increasingly severe higher up the
pyramid with the view of creating an incentive for entities to move
towards more compliant behaviours. The Australian Taxation Office (ATO)
uses a compliance pyramid.^[11] <#cite_note-11>
In the mid-1990s the ATO's Cash Economy Project further developed their
compliance pyramid. An entity's apparent motivation for compliance or
non-compliance, based on evidence (known as their motivational posture),
was explicitly coupled to a suggested response.^[12] <#cite_note-12>
Compliance model used by ATO </wiki/File:ATO_Compliance_Model.jpg>
</wiki/File:ATO_Compliance_Model.jpg>
The ATO Compliance Model
In this version of the compliance pyramid, four broad categories of
client (called archetypes) were defined by their underlying motivational
postures:
* The disengaged clients who have decided not to comply,
* The resistant clients who don't want to comply,
* The captured clients who try to comply, but don't always succeed, and
* The accommodating clients who are willing to do the right thing.
This approach has been widely adopted, particularly within Australia.
Several other regulators have similar approaches. It is also described
as the Enforcement Pyramid by some regulators although enforcement is
only one of the compliance strategies implicit in the model.^[13]
<#cite_note-13>
The strength of the model is the regulator being seen to apply the right
remedy to the right situation, by taking an entity's apparent motivation
(including their efforts to comply) into account. See for example Julia
Black's paper: "'Chancer', 'Failure' or 'Trier'? Regulatory
Conversations and the Construction of Identities" July 2008^[14]
<#cite_note-14> or "The ATO Compliance Model in Action: A Case Study of
Building and Construction by Neal Shover, Jenny Job and Anne
Carroll"^[15] <#cite_note-15> and "Reducing the risk of policy failure:
challenges for regulatory compliance"^[16] <#cite_note-16>
In the OECD paper "Reducing the Risk to Policy Failure: Challenges for
Regulatory Compliance"^[17] <#cite_note-17> the regulatory responses
were distilled down to ensuring that clients were *ready, willing and
able* to comply.
* Ready > Clients who know what compliance is > Knowledge constraint >
Educate and Exemplify
* Willing > Clients who want to comply > Attitudinal constraint >
Engage, Encourage, Enforce
* Able > Clients who are able to comply > Capability contraint >
Enable and Empower
A similar framework is used in the UK Pension Regulator approach.^[18]
<#cite_note-18>
Risk bow-tie diagram[edit
</w/index.php?title=Regulatory_risk_differentiation&action=edit§ion=5>
]
Another way of looking at this is as a risk *bow-tie*. See bow tie
diagrams in risk management </wiki/Risk_management>
Generic Tax Compliance Risk Bow-Tie developed by Stuart Hamilton from
the ATO </wiki/File:Regulatory_Compliance_Risk_Bow-Tie.png>
</wiki/File:Regulatory_Compliance_Risk_Bow-Tie.png>
Generic Tax Compliance Risk Bow-Tie used by the ATO
.
Organisations in oil and gas, mining, aviation, industrials and finance
have had success using bowties.^[19] <#cite_note-19> ^[20] <#cite_note-20>
These compliance enhancement strategies fit into a standard structure:
* deter, (educate, exemplify, engage, encourage, enable, empower)
* detect, (using quantitative and qualitative intelligence) and
* deal with (educate, exemplify, engage, encourage, enable, empower,
enforce)^[21] <#cite_note-21> ^[22] <#cite_note-22>
</wiki/File:Risk_matrix_with_simple_quadrant_strategy.jpg>
ATO risk matrix
In this example, The ATO links its strategies to the likelihood and/or
consequences of entities not complying with a law. The ATO risk matrix
to the left shows how the ATO divides its clients into four categories,
and allocates appropriate detection strategies to each category.
These strategies are proactive and continuous for higher consequence,
reactive and periodic for lower consequence. The strategies are
reviewing for taxpayers more likely to break the law, and only
monitoring for those less likely.
The same overlay with more detail </wiki/File:Quadrant_Framework.jpg>
</wiki/File:Quadrant_Framework.jpg>
Detailed ATO risk matrix
The diagram to the left provides more detail, giving names to each
category of client, providing all of the strategies - deter, detect and
deal with strategies, and the strategies' associated activities.
It is important to note that the boundaries between category are able to
be moved to allocate more or fewer clients to each category. It is
normal to see fewer higher likelihood and/or consequence clients rather
than 50% of the population or 50% of the assessed likelihood or
consequence. In other words, the boundary is shifted so there can be a
strong focus on the few assessed to be higher risk.
This allows more resources to be allocated to more intensive strategies
focusing on higher risk entities, providing an incentive to entities to
want to be seen to be compliant. The robustness of the risk assessments,
and the quality of the data on which the assessments rely, are therefore
very important.
The diagram below shows how end to end risk management steps (from ISO
31000 </wiki/ISO_31000>) align with risk differentiation and the risk
bow-tie.
Bowtie approachAligning risk management steps with the bow-tie and risk
differentiation </wiki/File:ISO_3100_-_bow_tie_approach.png>
</wiki/File:ISO_3100_-_bow_tie_approach.png>
Use of the regulatory risk differentiation approach, including
awards[edit
</w/index.php?title=Regulatory_risk_differentiation&action=edit§ion=8>]
In September 2009 the UK Pension Regulator, which uses this approach,
was shortlisted for a Better Regulation </wiki/Better_regulation>
Award^[33] <#cite_note-33>
The above approach was discussed in the ATO Commissioners speech "Do you
see what I see" given to the Australian Tax Teachers Association in
January 2010.^[34] <#cite_note-34> In June 2010 the ATO released its
revised "Large Business and Tax Compliance" booklet that detailed its
approach to risk differentiation in the Large Market^[35] <#cite_note-35>
In January 2011 the risk differentiation approach was also 'highly
commended' in the annual Australian Comcover Risk awards^[36]
<#cite_note-36> The entire approach is mapped out in the UNSW ATAX 2012
<https://web.archive.org/web/20110605223338/http://www.cardiff.ac.uk/chri/re
search/cnic/J%20Black%20CNIC%20Paper.doc>
June 5, 2011 at the Wayback Machine </wiki/Wayback_Machine>
15. *Jump up ^ <#cite_ref-15>*
http://demgov.anu.edu.au/papers/ShoverEtal2003TD(8).pdf
16. *Jump up ^ <#cite_ref-16>* OECD 2000,
http://www.oecd.org/dataoecd/48/54/1910833.pdf
17. *Jump up ^ <#cite_ref-17>* See Box 2 page 12 in "Reducing the Risk
to Policy Failure: Challenges for Regulatory Compliance," OECD, 2000
@ http://www.oecd.org/dataoecd/48/54/1910833.pdf
18. *Jump up ^ <#cite_ref-18>* See pages 8 onward in the 2012-15
Corporate Plan @
http://www.thepensionsregulator.gov.uk/docs/corporate-plan-2012-2015.pdf
19. *Jump up ^ <#cite_ref-19>* RPS HSE & Risk Management - BowtieXP
<http://www.bowtiexp.com.au/bowtiexp.asp#aboutBowTies>
20. *Jump up ^ <#cite_ref-20>* Risk Bow Ties: Originally conceived of in
the late 1970s by the University of Queensland and then brought to
the fore by Shell after the Piper Alpha disaster. Now a widespread
risk approach the 'bow-tie' usefully shows the 'paths' by which a
risk event can occur, where preventative or deterrent controls are
used, the event itself and detective controls and the consequence
paths and restorative controls.
http://www.bowtiepro.com/bowtie_history.asp
21. *Jump up ^ <#cite_ref-21>* See for example page 47 of "Development
of risk and intelligence systems" @
http://www.itdweb.org/documents/SGATAR-NZ-Risk%20and%20Intel%20v1.0%20061102
.ppt
22. *Jump up ^ <#cite_ref-22>* See for example page 23 of "Large
Business and tax compliance" @
http://ato.gov.au/content/downloads/bus33802nat8675062010.pdf and
the Commissioners Speech "Do you see what I see" @
http://ato.gov.au/corporate/content.asp?doc=/content/00228656.htm
23. *Jump up ^ <#cite_ref-23>* See for example: Mark Burton's detailed
paper "Responsive Regulation and the Uncertainty of Tax Law
</wiki/Tax_law> Time to Reconsider the Commissioner's Model of
Cooperative Compliance?" @
http://www.atax.unsw.edu.au/ejtr/content/issues/previous/paper4_v5n1.pdf,
eJournal of Tax Research, Volume 5, Number 1 July 2007
24. *Jump up ^ <#cite_ref-24>* See for example the Large business and
tax compliance booklet @
http://www.ato.gov.au/corporate/content.aspx?doc=/content/33802.htm
25. *Jump up ^ <#cite_ref-25>* See for example "Supervisory Oversight
And Response System" @
http://www.apra.gov.au/adi/Documents/cfdocs/SOARS_112010_ex.pdf
26. *Jump up ^ <#cite_ref-26>* See for example "Developing an enhanced
relationship achieving voluntary compliance
</wiki/Voluntary_compliance> and minimising costs to clients" @
http://www.ato.gov.au/taxprofessionals/content.asp?doc=/content/00187285.htm
&pc=001/001/001/002/002&mnu=4068&mfp=001/005&st=&cy=1
27. *Jump up ^ <#cite_ref-27>* See for example pages 8 on in the UK
Pension Regulator 2012-15 Corporate plan @
http://www.thepensionsregulator.gov.uk/docs/corporate-plan-2012-2015.pdf
28. *Jump up ^ <#cite_ref-28>* The UK Statutory Code of Practice for
Regulators is available @ http://www.berr.gov.uk/files/file45019.pdf
29. *Jump up ^ <#cite_ref-29>* The Hampton report is available @
http://www.berr.gov.uk/files/file22988.pdf
30. *Jump up ^ <#cite_ref-30>* The Macrory Review is available @
http://www.bis.gov.uk/files/file44593.pdf
31. *Jump up ^ <#cite_ref-31>* The UK Regulatory Enforcement and
Sanctions Act 2008 is available @
http://www.legislation.gov.uk/ukpga/2008/13/pdfs/ukpga_20080013_en.pdf
32. *Jump up ^ <#cite_ref-32>* See for example "Power laws, Pareto
distributions and Zipf's law" by M. Newman, 2006 @
http://arxiv.org/abs/cond-mat/0412004v3
33. *Jump up ^ <#cite_ref-33>* http://www.thepensionsregulator.gov.uk note that the page is cached so you will need to search on the site
for 'better regulation award 2011'
34. *Jump up ^ <#cite_ref-34>* Do you see what I see?
<http://www.ato.gov.au/corporate/content.asp?doc=/content/00228656.htm>
35. *Jump up ^ <#cite_ref-35>*
http://www.ato.gov.au/content/downloads/bus33802nat8675062010.pdf
36. *Jump up ^ <#cite_ref-36>* Comcover Awards for Excellence Department of Finance and Deregulation
<http://www.finance.gov.au/comcover/awards/awards-2010.html>
37. *Jump up ^ <#cite_ref-37>* [1]
<http://www.asb.unsw.edu.au/schools/taxationandbusinesslaw/newsandevents/con
ferencesandevents/Taxadmindocuments/S.%20Hamilton%20-%20New%20dimensions%20in%20
regulatory%20compliance%20%20building%20the%20bridge%20to%20better%20compliance.p
df>
Retrieved from
"http://en.wikipedia.org/w/index.php?title=Regulatory_risk_differentiation&oldid
=621231997"
Categories </wiki/Help:Category>:
* Regulatory compliance </wiki/Category:Regulatory_compliance>
Navigation menu
Personal tools
* Create account
</w/index.php?title=Special:UserLogin&returnto=Regulatory+risk+differentiati
on&type=signup>
* Log in
</w/index.php?title=Special:UserLogin&returnto=Regulatory+risk+differentiati
on>
Namespaces
* Article </wiki/Regulatory_risk_differentiation>
* Talk </wiki/Talk:Regulatory_risk_differentiation>
Variants<#>
Views
* Read </wiki/Regulatory_risk_differentiation>
* Edit </w/index.php?title=Regulatory_risk_differentiation&action=edit>
* View history
</w/index.php?title=Regulatory_risk_differentiation&action=history>
More<#>
Search
</wiki/Main_Page>
Navigation
*
*
*
*
*
*
Help </wiki/Help:Contents>
About Wikipedia </wiki/Wikipedia:About>
Community portal </wiki/Wikipedia:Community_portal>
Recent changes </wiki/Special:RecentChanges>
Contact page <//en.wikipedia.org/wiki/Wikipedia:Contact_us>
Tools
*
*
*
*
Deutsch <//de.wikipedia.org/wiki/Compliance_(BWL)>
Bahasa Indonesia <//id.wikipedia.org/wiki/Kepatuhan>
Nederlands <//nl.wikipedia.org/wiki/Compliance>
<//ja.wikipedia.org/wiki/%E3%82%B3%E3%83%B3%E3%83%97%E3%83%A9%E3%82%A4%E3%82
%A2%E3%83%B3%E3%82%B9>
* Portugus <//pt.wikipedia.org/wiki/Compliance>
* Svenska <//sv.wikipedia.org/wiki/Norms%C3%A4kring>
* <//zh.wikipedia.org/wiki/%E5%AE%88%E8%A7%84>
Edit links <//www.wikidata.org/wiki/Q17004757#sitelinks-wikipedia>
* This page was last modified on 14 August 2014 at 16:43.
* Text is available under the Creative Commons Attribution-ShareAlike
License
<//en.wikipedia.org/wiki/Wikipedia:Text_of_Creative_Commons_Attribution-Shar
eAlike_3.0_Unported_License><//creativecommons.org/licenses/by-sa/3.0/>;
additional terms may apply. By using this site, you agree to the
Terms of Use <//wikimediafoundation.org/wiki/Terms_of_Use> and
Privacy Policy <//wikimediafoundation.org/wiki/Privacy_policy>.
Wikipedia is a registered trademark of the Wikimedia Foundation,
Inc. <//www.wikimediafoundation.org/>, a non-profit organization.
*
*
*
*
*