The Five Stages of Creating a Compliance Culture
1. The Bare Compliance Policy
|
You have a code of conduct that includes:
- A statement from CEO and/or board of directors on the company's values and principles
- CSR commitments
- Ethics guidelines with examples of ethical and unethical behaviour
- Specific rules of conduct
- Information on performance evaluation
|
2. Tailored Compliance Policy |
You have created a compliance programme relevant to your business by:
- Conducting regular and thorough assessments of specific risk and enforcement areas
- Ensuring the compliance programme is endorsed by senior management
- Giving the code of conduct teeth
- Preparing focused guidelines for at-risk employees
Useful Resources
|
3. Instilling a Culture of Compliance |
You have dedicated resources to ensure an effective roll-out by:
- Conducting in-person training led by internal/external counsel or compliance managers that have the full backing of senior management
- Making sure the training is regular, relevant, interactive and backed up with the appropriate online training
- Using practical examples and Q&A-based materials with separate guidance for specific functions and issues
Useful Resource
|
4. Testing Compliance |
You monitor your company's preparedness by:
- Preparing checklists and protocol for government investigations such as dawn raids and subpoenas
- Including mock raids in compliance training
- Conducting random investigations and audits on subsidiaries and functions to test the practical application of your procedures
Useful Resource
|
5. Detecting of non-compliance |
You give employees the opportunity to report noncompliance by:
- Setting up hotlines (subject to legislation)
- Investigating whistle-blower claims using the appropriate internal or external investigation team
- Introducing internal amnesty programmes in high risk areas such as fraud and competition breaches
|
Useful Resources
We welcome the opportunity to discuss how we can help.