If you focus on listening and talking to management and the board, with a thoughtful discussion of the situation, not only will your objectives be achieved but you will have credibility with them.
There are at least 8 essential components of compliance risk management programs. Risk management aims to reduce the likelihood that an organization will not achieve its goals and objectives. Compliance is the obligation to adhere to laws, regulations, contract terms, internal policies, and other requirements. Compliance risk management refers to the organizational procedures, processes and culture that reduce the likelihood of non-compliance.
While the cost of control is certainly something to consider, there are times (many, many times) when more risk should be taken because of the potential for increased reward.