The Compliance
Officer's Killer Application
By Martin Day
It used to be that only the largest multi-nationals needed a
Compliance
Officer. Today most practices, regardless of size, would be wise to
charge someone within their organization with the responsibility of
keeping abreast and managing the compliance process.
Take as an example European
employment
(labor) law that has been introduced over
the last few years that has changed the face of European businesses.
Small businesses in particular are finding that a casual and informal
approach to employment issues can now result in statutory fines that
have no bearing on the financial health of the individual company and
could, without as much as a by your leave, directly result in the demise
of a company.
Small to medium businesses do not often
have the luxury of employing a full time Compliance Officer and although
larger organizations can afford a dedicated person they are finding that
with compliance issues mushrooming the Compliance Officer now has a
team, a department and if not already, how long before compliance
becomes a division?
Regardless of size, the first step in compliance for any organization
requires them to identify the areas of compliance that are applicable to
them. Rules and regulations are being introduced monthly on a local,
regional, national and international level, covering everything from
data protection and freedom of information, anti-money laundering to
environmental waste control, race relations to health and safety; with
ignorance being no defense there is a requirement on the individual
businesses to know their responsibilities, and fines for those that wait
to be told.
Having identified the areas of compliance the company then needs to
understand what they need to do to ensure they comply. It is becoming
conceivable that with the shear volume of compliancy issues that
companies who can show a good faith effort in complying will, even when
they fall short, reduce the risks of fines.
Having identified and understood the compliance issues the Compliance
Officer needs to define and implement policy and disseminate the
information throughout the organization.
It is important for the Compliance Officer that they do not
inadvertently become the company's patsy. Senior managers are not averse
to ignoring the internal memos they receive advising them of their
responsibilities. Compliance Officers need to deliver their messages up
and down the corporate food chain and record that their advice and
directives have been received and more importantly understood.
The Compliance Officer has to avoid becoming the company scapegoat. This
won't happen by itself, a sales team that has a long history of success
though a relaxed attitude to selling is not going to willingly adopt
new, and what they will see as restrictive, practices without a fight.
'I didn't get the memo', 'I didn't understand it', 'I thought it meant
something else', 'I thought these were only guidelines' are likely to be
stock replies, along with the one or two old timers that didn't think
compliance issues applied to them. It used to be a safe bet to blame IT,
blame Compliance is rapidly taking its place.
One valuable tool in the Compliance Officer's tool box is the online
survey and questionnaire.
The online survey can deliver a message internally to the individual; it
can be informative like a memo and educational by referencing detailed
policy. Importantly it can become a valuable self registering record
that confirms that the information has been properly disseminated and
understood.
A single survey question can achieve all these objectives at the same
time.
Take an example:-
- Are you aware that section 45 of the Companies (Auditing and Accounting)
Act 2003 imposes an obligation on directors of certain companies to
prepare statements on their company's compliance with its relevant
obligations?
Yes
No
For those Directors that have not read the policy the survey will give
an opportunity to view the company's policy online (using an embedded
live HTML link). Should Directors answer 'No' the Compliance Officer
knows who to target.
The survey also records the manager's response and shifts the
responsibility away from the Compliance Officer to the individual
manager where the responsibility needs rest for a company to meet its
compliance obligations.
Using an online website such http://www.surveygalaxy.com where multiple
surveys can be managed, easily modified, updated and re-issued on a
periodic basis across an organization online surveys can be the
Compliance Officer's killer application.
Through the regular use of online surveys the Compliance Officer will be
in the driving seat, leading and not chasing compliance issues, not only
circulating the information on a one to one basis but also monitoring
and recording the level of awareness throughout the organization.
The Compliance Officer's role is a difficult one, like a parent keeping
a wayward child on the straight and narrow, most employers, let alone
their employees, often do not fully understand the true consequence of
their, often innocent, minor discretions. Assigning a Compliance Officer
is a start but enabling them to fulfill their remit will be the
difference between a company being fully compliant and one that risks
suffering the consequences for having let compliance take a back seat. |