Effective compliance is an essential part of a well-run company. An effective corporate compliance program can keep your business running smoothly and reduce the time you spend fixing problems. It can also protect you from heavy-hitting risks like bankruptcy, corporate lawsuits, and regulatory agency investigations.
What Is Corporate Compliance?
Corporate Compliance is getting large numbers of people in your organization to behave in accordance with predetermined standards.
Successful corporate compliance programs ensure that companies comply with all applicable regulations and laws that apply to it.
Strong corporate compliance programs also reduce the risk of regulatory enforcement and financial losses that can result when a compliance program is insufficient, ineffective or just plain neglected.
What Are Compliance Risks?
Regulators make rules that affect companies in a wide variety of areas. Companies need programs to ensure that they are in compliance with those rules. Below are some common risks that may take place without a functional compliance program:
- Corruption risks: Companies must guard against bid-rigging, bribery, and other illegal business dealings.
- Reporting risks: Required financial statements and reports must be submitted in predetermined formats to regulatory agencies when due.
- Data risks: Companies are bound to maintain the integrity of customer and employee personal data. Security breaches must be reported promptly in accordance with predetermined deadlines.
- Health, safety and environmental risks: Companies must remain compliant with rules regarding worker safety, health and pollution.
- Employment risks: Ethical workplace practices include employee compensation and benefits issues as well as protecting workers from harassment and discrimination on the job.
- Information risks: In order to be compliant, a company must first understand in full which regulatory requirements apply to it.
- Inadequate compliance program risks: Even if you fully understand your obligations, your existing program may not be able to meet those demands.
Implementing an Effective Compliance Program
Policies and procedures to ensure compliance with all applicable regulations must be developed, adopted and implemented. Policies should relate to what the company must do to comply with the regulations. Procedures should relate to how the policies are enforced.
To ensure that compliance programs run properly, companies must regularly assess their performance. These assessments might include auditing employee adherence to company policies and procedures.
Risk assessments should be conducted regularly. They should include determinations about which regulations apply to your business and how effectively your existing program complies with those regulations.
Experts have determined that effective compliance programs are based on ethics, risk and compliance. The US Department of Justice (DOJ) offers clear guidance for corporate compliance programs.
The DOJ guidance asks companies to answer three questions to determine the effectiveness of their compliance programs:
- How well is the program designed?
- How effectively is the program implemented?
- How well does the program work in practice?
While the first two questions are important, the third question carries the most weight. Are your program elements having a positive effect within the company? Is behavior changing throughout the company?
Develop a Stakeholder Satisfaction Survey
The most effective compliance programs all rate high on stakeholder engagement.
Taking a heavy-handed approach to compliance might seem to make sense at first glance. However, a well-designed program that everyone is eager to engage with will be infinitely more attractive and effective. It should encourage stakeholder engagement and elicit stakeholder input.
A brief customer satisfaction survey should be sent to every stakeholder who engages with the compliance program. The information stakeholders provide can then be used to make the engagement process more enjoyable.
Engaging compliance programs should be user-friendly, understandable, easy to work with and tailored to the needs of the stakeholders.
Besides employees, stakeholders include suppliers, distributors and business partners. All of these people are a company’s “customers.” As such, they should have significant input into the compliance process. The information they provide helps companies to meet and even exceed stakeholder expectations.
A regression analysis performed on survey data can reveal which populations you are successfully engaging with. It can also alert you to any changes that you might need to make. The best compliance programs are based on data, and survey data is no exception.
Ensure That Stakeholders Understand Company Policies
Many people will just skim a compliance policy. Others may pay little or no attention during e-learning sessions. If stakeholders aren’t engaged in the learning process, they’re not likely to get a thorough understanding of your policies.
To counteract this, randomly test stakeholders via email or other interactive surveys a few weeks after training to gauge their understanding of the policy. It’s a valuable tool you can use to evaluate the effectiveness of your program. The feedback you receive can reveal the degree to which your stakeholders understand your company’s principles and policies.
The email or interactive survey questionnaire should ask four or five pertinent questions and target a randomly selected array of stakeholders. Their tangible and real-time feedback can help you improve on policy deployment and refine your e-learning sessions. It will also help you to affect changes in behavior.
Question Stakeholders Directly
A monthly email can be directed to a small random sample of stakeholders. It can include questions about whether the stakeholder is aware of any company policy violations or lack of compliance with regulations or laws.
These emails can keep you informed about the overall stakeholder perception of company compliance. In cooperation with a preexisting whistleblower program, reaching out to stakeholders via personal email can encourage would-be whistleblowers to finally speak up.
A well-tuned program is not likely to uncover earth-shattering revelations. Rather, it provides a proactive system aimed at maintaining compliance among stakeholders.
These steps work best in conjunction with existing compliance programs and are not intended to replace them. The goal is to increase the effectiveness of an existing program and to ensure that the program evolves over time as needed.
What Are the Benefits of Constructive Compliance Programs?
- Legal protection. A compelling compliance program reduces the potential for lawsuits and other legal entanglements. Should an unintentional violation occur, a functional compliance program may work in your favor. It can mean reduced fines, shorten investigations and decrease legal fees.
- Enhanced company reputation. A constructive compliance program can maintain and strengthen your brand on social media. Today, with greater visibility into company operations, stakeholders are demanding that companies be held to a higher standard.
- Damage reduction. Poor compliance can result in canceled contracts, financial losses, bad publicity, boycotts and worse. A convincing compliance program can prevent these unpleasant outcomes. It can also heighten a company’s ethical position which, in turn, confers benefits that surpass those of merely avoiding punishment.
- Saves time. A functional compliance program can prevent a myriad of problems. Less time is spent on damage control and more time is spent on productive activities.
- A strong compliance program makes it possible for companies to see risks coming and take protective measures before suffering a direct hit.
- Effective compliance makes your company more attractive to other companies as a partner. The more compliant your company is, the less of a risk you pose for others.
Although a strong compliance program requires time and effort, it will give your company a powerful strategic advantage.
As a corporate lawyer on Mercer Island since 2002, Bryn Peterson provides experienced legal counsel on Washington compliance laws. Bryn served eight years as internal legal counsel for multimillion and multibillion dollar corporate giants like Green Giant Fresh, Tree Top and Darigold, Inc.