It used to be that only the largest multi-nationals needed a Compliance Officer. Today most practices, regardless of size, would be wise to charge someone within their organization with the responsibility of keeping abreast and managing the compliance process.
Take as an example European employment law that has been introduced over the last few years that has changed the face of European businesses. Small businesses in particular are finding that a casual and informal approach to employment issues can now result in statutory fines that have no bearing on the financial health of the individual company and could, without as much as a by your leave, directly result in the demise of a company.
Small to medium businesses do not often have the luxury of employing a full time Compliance Officer and although larger organizations can afford a dedicated person they are finding that with compliance issues mushrooming the Compliance Officer now has a team, a department and if not already, how long before compliance becomes a division?
Regardless of size, the first step in compliance for any organization requires them to identify the areas of compliance that are applicable to them. Rules and regulations are being introduced monthly on a local, regional, national and international level, covering everything from data protection and freedom of information, anti-money laundering to environmental waste control, race relations to health and safety; with ignorance being no defense there is a requirement on the individual businesses to know their responsibilities, and fines for those that wait to be told.
Having identified the areas of compliance the company then needs to understand what they need to do to ensure they comply. It is becoming conceivable that with the shear volume of compliancy issues that companies who can show a good faith effort in complying will, even when they fall short, reduce the risks of fines.
Having identified and understood the compliance issues the Compliance Officer needs to define and implement policy and disseminate the information throughout the organization.
It is important for the Compliance Officer that they do not inadvertently become the company’s patsy. Senior managers are not averse to ignoring the internal memos they receive advising them of their responsibilities. Compliance Officers need to deliver their messages up and down the corporate food chain and record that their advice and directives have been received and more importantly understood.
The Compliance Officer has to avoid becoming the company scapegoat. This won’t happen by itself, a sales team that has a long history of success though a relaxed attitude to selling is not going to willingly adopt new, and what they will see as restrictive, practices without a fight. ‘I didn’t get the memo’, ‘I didn’t understand it’, ‘I thought it meant something else’, ‘I thought these were only guidelines’ are likely to be stock replies, along with the one or two old timers that didn’t think compliance issues applied to them. It used to be a safe bet to blame IT, blame Compliance is rapidly taking its place.
One valuable tool in the Compliance Officer’s tool box is the online survey and questionnaire.
The online survey can deliver a message internally to the individual; it can be informative like a memo and educational by referencing detailed policy. Importantly it can become a valuable self registering record that confirms that the information has been properly disseminated and understood.
A single survey question can achieve all these objectives at the same time.
Take an example:
Are you aware that section 45 of the Companies (Auditing and Accounting) Act 2003 imposes an obligation on directors of certain companies to prepare statements on their company’s compliance with its relevant obligations? (Click here for a summary of Company’s Policy on Compliance Reporting Obligations)
For those Directors that have not read the policy the survey will give an opportunity to view the company’s policy online (using an embedded live HTML link). Should Directors answer ‘No’ the Compliance Officer knows who to target.
The survey also records the manager’s response and shifts the responsibility away from the Compliance Officer to the individual manager where the responsibility needs rest for a company to meet its compliance obligations.
Using an online website such as http://www.surveygalaxy.com where multiple surveys can be managed, easily modified, updated and re-issued on a periodic basis across an organization online surveys can be the Compliance Officer’s killer application.
Through the regular use of online surveys the Compliance Officer will be in the driving seat, leading and not chasing compliance issues, not only circulating the information on a one to one basis but also monitoring and recording the level of awareness throughout the organization.
The Compliance Officer’s role is a difficult one, like a parent keeping a wayward child on the straight and narrow, most employers, let alone their employees, often do not fully understand the true consequence of their, often innocent, minor discretions. Assigning a Compliance Officer is a start but enabling them to fulfill their remit will be the difference between a company being fully compliant and one that risks suffering the consequences for having let compliance take a back seat.
Martin Day is a Director of Survey Galaxy Ltd a web site that allows anyone to create, design and publish online surveys. Martin has provided survey consultancy for a number of Compliance Officers to help develop internal compliance awareness programmes. For more information please visit http://www.surveygalaxy.com