DEFINITION AND MEASUREMENT OF RISK IN COMPLIANCE MANAGEMENT

Abstract

The article is devoted to the problem of defining and measuring risk in compliance management - an important management function of a company aimed at complying with laws and ethical norms. A general definition of risk from the theory of probability and various approaches to understanding risk in the literature on risk management are considered, then the definition of compliance risk and ways to managing this risk in compliance management are explored. The problem of quantitative measurement of compliance risks and some methods of its solution are described. The authors analyze the approaches of several international companies (in the mining industry, oil and gas industry, mobile communications, FMCG) to measuring or assessing compliance risks, as well as organizing compliance risk management in practice (organizational structures, processes, etc.). The work also discussed the concept of risk appetite, that characterizes the willingness of an organization to take on a certain positive level of risk, while logically it is poorly compatible with the concept of compliance risk as a risk of violation of the legislation.