Who should primarily provide direction on the impact of new regulatory requirements that may lead to major system changes?

The primary responsibility for providing direction on the impact of new regulatory requirements ultimately lies with key business process owners. These individuals have an in-depth understanding of the organization's operations, processes, and compliance obligations. They are responsible for ensuring that their area aligns with regulatory standards and that any changes to systems or processes reflect this alignment.

Key business process owners are typically positioned to assess how new regulations might affect the workflows and procedures within their respective domains. They can evaluate the operational implications, identify necessary adjustments to ensure compliance, and communicate these changes to the relevant stakeholders, including IT and legal teams.

While other options may play crucial roles in the process of compliance, such as internal audit conducting assessments, system developers/analysts implementing changes, and corporate legal counsel providing legal interpretations, it is the business process owners who have the closest tie to the operational impacts and practical implementation of regulatory changes. Their insights are essential for determining how best to respond to any regulatory shifts to maintain compliance while continuing to meet business objectives effectively.