top of page


Press releases, industry insights and all the latest news from the Profectus team

News | Profectus Group: Audit, Compliance and Rebate Deal Management

Compliance is the new black

What used to be a boring task carried out by bean-counters is now a critical function in all organisations, supporting a smooth path to growth


It’s a story you see every day in the business media – a company has hit major problems caused by not knowing what is going on in its own organisation. A small problem gets investigated and turns out to be the tip of the iceberg. The company starts to crack like the Titanic as more and more issues are revealed – their bottom line takes a hit, their reputation is shaken, and their shareholders sell out like the proverbial rats deserting a sinking ship.

This kind of damage takes years to turn around. Why, then, are so many companies reluctant to put the time, effort and investment into compliance?

We think there are three reasons:

  1. It’s hard. Compliance should be forward-looking, but it is frequently backwards-looking, addressing things that could become problems in the future. It requires a broad and continuously updated knowledge of domestic and international compliance requirements. If you get it wrong, the consequences can bring a company to its knees.

  2. It’s not ‘sexy’. There aren’t any slick advertising campaigns involved in compliance. People generally don’t get bonuses or awards for effective compliance (though we think they definitely should!). It involves a lot of cross-company data crunching, deep investigation, comparison, technical knowledge across law, technology, and business regulation, and telling people internally what they should be doing. People think of the compliance function as the ‘corporate police’.

  3. It’s an investment in something NOT happening, rather than an investment in a tangible outcome. (though NOT ending up in court or in front of a business regulator could be considered a tangible outcome). Effective corporate compliance means a company can pursue its objectives

Why companies fail to invest in compliance | Profectus Group

It doesn’t have to be that way. Done right, compliance is the ‘new black’ – a valued and high-profile function that is given the recognition it deserves. And that becomes, maybe, even fun!

What our data tells us

Manual processing is fraught with danger

Any process that requires manual input of data has the potential to introduce undetected errors that can multiply over the steps of an end-to-end process.

Importance of Compliance | Profectus Group

Our data shows that at least 3.5 errors occur in every 10,000 accounts payable transactions, and in retail businesses, one in every 50 trade deals negotiated is calculated and claimed incorrectly.

Just as alarming, our real-time invoice audit has consistently found that 1 in every 5 invoices has an error within the invoice line items. This data is based on a 5-year review of $11 billion of expenditure.

Across a retail business that has hundreds of suppliers and thousands of products, this adds up to a significant loss of income every year; income that would go straight to the bottom line and could be reinvested back in the business.

And these are just the beginning. Are you compliant with your taxation requirements? Your human resources and occupational health and safety areas? Environmental reporting? The list gets longer every year, and the consequences for not complying get more serious.

Supplier compliance is a minefield

Being overcharged in contracted arrangements is not uncommon in any company, as most do not have the right systems and controls in place to check what is being charged. In a lot of cases, from our experience, companies do not even realise they are being overcharged, or under-supplied.

Importance of Compliance | Profectus Group

In complex environments, it can be very difficult to check that suppliers are complying with negotiated terms. Overcharging can be in the vicinity of 0.25% to 1%, and service errors are often in the range of 0.25% to 2.5%.

Take the example of one of our clients, a major bank that was using a bicycle courier company for metropolitan deliveries to branches but was being charged a fuel levy. Fuel for bicycles? Seems like an obvious error, but when included on invoices with hundreds of line items it was missed. We put an easy a quarter of a million dollars straight back into the bank’s EBIT (operating profit).

Similarly, another smaller bank was paying for services and network connections to premises that no longer existed. These line items in the invoices would have been impossible to discover without in-depth interrogation of all the details – something few Accounts Payable functions have the capacity to do. Result? An error worth a cool half a million dollars that we identified, missing from their EBIT.

Staying abreast of compliance changes is becoming increasingly difficult

Compliance is getting harder and faster, due to the impact of external factors like new tech, geopolitical conflicts, and changing business models. It’s not easy for your internal compliance function to keep up, and it becomes increasingly unrealistic for businesses to ask their compliance specialists to stay across all the possible threats AND do the time-consuming crunching that finds where you’re vulnerable or where your business is not successfully addressing issues.

There’s also the issue of dispersed compliance across the organisation, sitting in silos and focusing on discrete business operations, without an end-to-end view of what’s going on.

We see it all the time in large organisations.

Even where an internal compliance function exists and has been actively working to detect and check transactions of all kinds, we still find significant errors and provide recoveries that fund our services, resulting in a net benefit to the organisation.

It's a much better investment to focus in-house audit staff on strategy and managing relationships with internal stakeholders and outsource the time-consuming data analysis.

Compliance puts your suppliers on notice

Guess what our clients tell us? When they implement Profectus compliance services, the invoices from their suppliers start to get more accurate. Why? Because the suppliers don’t want the hassle of having to refund incorrect charges. It’s an overhead for their business that they’d rather not have, so they put in the extra work to ensure it doesn’t happen. And that means less work for you.

What we say

Compliance is a state of mind

Compliance is not a one-off activity; in a mature organisation, it’s a state of mind and an integral part of core operations.

In practical terms, there are five steps that must be covered in effective compliance functions:

  1. Detect: Utilising Audit services, detect process and payment errors in your procure-to-pay process.

  2. Recover: Intelligently recover losses caused by the detected errors and highlight opportunities to mitigate future risk.

  3. Automate: Use recovered funds to automate processes, streamline workflows and minimise payment risks.

  4. Control: Implement detections and prevention controls to mitigate risk and ensure you remain compliant.

  5. Improve: Turn the data collected in steps 3 and 4 into insights to improve and optimise your compliance strategy.

Then repeat!

But there’s more. Compliance can be fun.

Corporate Compliance Roadmap | Profectus Group

Identifying issues and remedying them at the beginning of the issue, not only when it’s so large it can’t be missed, can be rewarding and fun. Working with a trusted supplier to help iron out those issues while you focus on something else – anything else, really – is fun. To be able to hand over an issue and trust it will get fixed or the source identified is incredibly fulfilling.

Smart use of technology is the only way to keep up

Technology is introducing complexity to compliance, but it’s also what makes it possible to carry out complex auditing to check compliance. With the right set-up, leveraging data-driven insights can equip an organisation to address new and updated rules and regulations. The pace of change in compliance and regulation means that you might be dealing with weekly changes in what your business needs to comply with – and that’s just the start of it. Changes in requirements can lead to changes in processes and systems.

The problem is, it’s a big ask for organisations to invest in their own technology (and associated human resources) to do this when they should be focused on leveraging technology for their core purpose. It makes much more sense to outsource to a company like Profectus, whose core business is compliance, and who can take away the pain of trying to keep up with your regulatory and compliance requirements.

Our technology combined with our deep know-how ensures we find compliance issues at micro and macro levels – from being charged for services you don’t receive or staff you don’t have, to entrenched errors in invoicing practices.

Not all audits are created equal

Before you go ahead and sign on the dotted line with a compliance audit provider, ask yourself this: are they finding all your mistakes and gaps then handing you an invoice?

Or are they finding your mistakes and gaps, then helping you recover the funds lost or missed by those mistakes and gaps?

We already know the answer. And that’s why we know our client-focussed approach to traditional audit providers is to ensure you get real financial value out of our services.

The Profectus Compliance Difference | Profectus Group

Compliance experts are critical business partners

Many companies are finding it easier to outsource their compliance to someone whose whole purpose is to stay on top of requirements. Increasing pressure on costs and overheads means it is becoming harder to justify an internal function that needs to keep growing and expanding its scope – it’s not just compliance with accounting standards anymore.

Our conversations with clients across many industries confirm what we believe – that it’s very difficult for compliance functions to keep pace with the rapid evolution of business models and regulatory expectations and to identify risks and advise the business appropriately.

With Profectus as your compliance partner, you’ll have the very latest in industry knowledge and experience, as well as insights leveraged from all the industries we work with.

As soon as something is likely to become a problem, we’ll be checking for it. And we never just skim the surface – we get to the nitty-gritty, something your internal compliance function doesn’t have the time or resources to do because we know that financial leakage can be ‘death by a thousand cuts’. Small things can (and do) add up to significant impacts on the bottom line. We’re so sure we’ll find something you’ve missed; we stake our fee on it. If we don’t find anything, you don’t pay anything.

The best way to keep up with, or ideally ahead of, compliance requirements is to engage the experts – Profectus Services.

Want to hear more from our clients like David Jones or Chemist Warehouse and ask them your questions about their compliance journey? Talk to us today!

Compliance is the new black
Download PDF • 2.60MB

Read more


bottom of page