“Compliance” is a huge blocker for improving how organization do software. You see it as a top bottleneck in every survey about “digital transformation.”
This McKinsey piece layers out a plan:
Banks looking to transform risk management should, in our view, focus on four mutually reinforcing areas: organization, governance, processes, and digitization and advanced analytics. While enhancements isolated in each area can boost both effectiveness and efficiency, the true potential comes from tackling them in sequential order. Organizational optimization facilitates governance rationalization, which facilitates effective streamlining of processes, which enables digitization and advanced analytics to yield maximal benefit.
Handling compliance is like any other problem. It’s not impossible, you just need to understand what’s actually needed, stop doing wasteful dumb stuff, involve the stakeholders (convert them from chickens to pigs, “bring them onboard”), and keep trying to solve the problem, learning from what didn’t work, until it’s solved.
In other words: it’s a lot of work.