Compliance risk is exposure to legal penalties, financial forfeiture and material loss an organization faces when it fails to act in accordance with industry laws and regulations, internal policies or prescribed best practices.
Compliance risk is also sometimes known as integrity risk. Many compliance regulations are enacted to ensure that organizations operate fairly and ethically. For that reason, compliance risk is also known as integrity risk.
Compliance risk management is part of the collective governance, risk management and compliance (GRC) discipline. The three fields frequently overlap in the areas of incident management, internal auditing, operational risk assessment, and compliance with regulations such as the Sarbanes-Oxley Act. Penalties for compliance violations include payments for damages, fines and voided contracts, which can lead to the organization's loss of reputation and business opportunities, as well as the devaluation of its franchises.