HR & Management
Best practices for a successful ethics and corporate compliance programme
6 min read
14 September 2016
Ethics and compliance is one of today’s highest risk concerns for businesses. As such, Khushboo Sinha from MetricStream takes a look at five best practices for firms seeking to establish a successful ethics and corporate compliance programme.
Fraud is never far from the headlines. In 2015, one of the biggest incidents of corporate fraud that dominated the news was that of German automobile giant Volkswagen, which came under fire for inserting a “defeat device” in its diesel engines to cheat on emission tests. Today, the company is contending with potential regulatory fines and compensation cases from customers, as well as major reputational repercussions that have severely affected its market share.
Meanwhile, in another instance of fraud, electronics conglomerate, Toshiba was found to have overstated its earnings by nearly $2bn over seven years, more than four times its initial estimate. With scandals such as these in the limelight, attention to ethics in the workplace has gained momentum.
Every organisation needs to have a compliance strategy in place to determine potential risks, identify ways to mitigate them in time and outline a future course of action. These strategies need to extend to the department level where compliance violations and issues can often pose a threat to organisational reputation. Programmes, processes, and technologies need to be in place to identify, prioritise, investigate, and address compliance violations and risks before they morph into black swan events. Strong policies and processes are also important in mitigating these risks.
In fact, having a robust corporate compliance programme helps organisations maintain compliance with external regulations, as well as internal policies and processes. Training employees on policies also goes a long way towards ensuring an ethical environment. But building a successful compliance and ethics programme can often be challenging. So how can you be ready to deal with risks that you haven’t faced yet? Here are five best practices:
(1) Be proactive in managing compliance and ethics
An organisation’s readiness to handle a compliance issue is critical as it impacts brand value and profitability. To that end, successful businesses need to be proactive in terms of establishing controls and processes, defining accountability, and centrally managing compliance requirements so that they are easily accessible to all concerned departments.
Being proactive also requires the corporate compliance team to collaborate with other departments and regulatory compliance groups to manage their compliance processes, controls, templates, and timelines. This approach gives the corporate compliance team comprehensive visibility into organisational compliance, so that they can perform regular or ad-hoc assessments to minimise violations.
Continue reading to find out how compliance is a continuous process that requires businesses to keep setting new goals.
(2) Adopt and communicate an ethical profile
Ethics begins at home. The foundation of an effective ethics and corporate compliance programme is a strong and well-communicated code of ethics which can be best represented in terms of policies and procedures. These policies and procedures define the culture and expected behaviour of everyone working in or with the organisation. When there are multiple subsidiaries spread out across different geographies, policy creation needs to take into consideration various factors such as subsidiary location and industry.
The key to policy creation is to ensure that policies are applicable globally as well as locally. This helps ensure that there are no gaps or loopholes in compliance. Automated tools can add further value by simplifying the process of policy management.
(3) Train employees on compliance policies
No organisation can fully comply with regulations if its employees do not follow organisational policies and procedures. Investing in employee training is always a smart move. Employees need to understand the organisation’s culture and its ethical boundaries. Technology can play an important role here in the form of learning or training management systems that make it easy to conduct and track multiple training programmes.
(4) Integrate hotlines with the corporate compliance programme
Many organisations have found it useful to have hotline numbers for employees to anonymously report issues of bribery, fraud, ethical violations, discrimination, and other incidents of misconduct at the workplace. Integrating hotlines with the company’s corporate compliance programme can be effective as it helps in tracking each issue from creation to closure.
(5) Adopt a risk-based approach to compliance management
A risk-based approach to compliance and ethics management involves identifying the high risk areas within the organisation, and then prioritising, managing, and monitoring those risks. Compliance risks can be measured and scored from different perspectives such as per business unit, process, and geography. Based on the risk rating, organisations can effectively plan control testing. Issues can be also prioritised based on rating, impact, likelihood, or type.
No organisation can comply with rules and regulations overnight. Compliance is a continuous process that requires businesses to keep setting new goals, leverage technology to achieve these goals, assess the results, and again work towards improving the results by setting new objectives. This continuous process will help corporate compliance become an integral part of the business.
Khushboo Sinha is a senior associate at MetricStream.
The digital age has made consumers grow weary about what happens to their data. As such, we talked with experts from Striata to find out which steps businesses can take to establish a relationship of trust.