Managing employee compliance training
September 2019 | FEATURE | RISK MANAGEMENT
Financier Worldwide Magazine
September 2019 Issue
It is impossible to overstate the importance of compliance training in today’s regulatory environment. Done properly, compliance training provides employees with a rounded understanding of the industry in which they operate and where the legal boundaries lie. It also explains the various legal requirements attached to their organisation and their daily role. Providing adequate employee compliance training could make the difference between a catastrophic breach of law and continuing normal operations.
There has been a concerted focus at the top of organisations in response to the evolving regulatory landscape. There have also been organisational changes to manage compliance strategy, which is now a central part of both business operations and wider corporate strategy. “More organisations now have chief compliance officers reporting to the board and demonstrating the shift in ensuring organisations are managing these risks affectively as opposed to leaving things to chance,” says Andy Nickolls, senior director of compliance solutions at Skillsoft EMEA.
Outdated boardroom attitudes to compliance are fading fast. In the past, boards have not always taken ownership of their responsibility for establishing a culture of compliance and ethics that extends to every employee, which caused problems. “Major corporate compliance incidents that have been previously reported in the media are either due to the failure by senior management to set the right tone in the company or the failure to have appropriate control and communications systems in place so that senior management knows what employees are doing,” says Theodore L. Banks, a partner at Scharf Banks Marmor LLC. “Ownership of companies needs to move away from a focus on short-term results, that encourage cutting compliance corners, and realise that long-term success requires a commitment to compliance and ethics.”
In addition to the board and senior management taking responsibility for compliance, when building an effective training programme, the key is to take a risk-based approach. Companies must understand where the risk lies in each area of their business, and tailor compliance training accordingly. “Different departments will have different levels of risk associated with them, so training needs to be specific to each employee,” says Mr Nickolls. “The right education needs to go to the right people at the right time. But like all learning, the impact needs to be measured and aligned directly to overall business objectives. A really effective compliance programme will be almost unnoticeable; it will be embedded directly into each learner’s daily workflow in a manageable and engaging way.”
While the compliance team is there to protect the business, they must also support the firm’s strategic aims. “It is important to know what regulation applies to your firm’s activities and how the specific requirements of these regulations arise in your firm’s activities,” says Jonathan Bowdler, head of regulatory compliance at the International Compliance Association. “These activities must then incorporate compliance systems and controls. Ownership of the compliance risk must stay with the area of the firm where the activity is carried out. Compliance is a facilitating function. A risk-based approach, through understanding what is important, will ensure resources are used as effectively and efficiently as possible.”
There are several fundamentals for achieving and maintaining effective compliance programmes. Those responsible for compliance must have sufficient seniority and support from the board and senior management to instil, promote and maintain a culture of compliance within the corporation. “It is not a one-off programme,” says David Grace, a consultant at Cooper Grace Ward Lawyers. “Compliance must be part of the corporate culture each day, throughout the whole of an organisation’s life. Leadership is essential for success, from the senior management team throughout. To be compliant, the corporation must be thoroughly aware of its regulatory environment, including, for transnational corporations, the regulations and political implications of what is done in each country in which operations are carried out. To ensure the culture is and remains one of compliance at all levels, there must be a clear identification of areas of individual responsibility to do what is required and to identify and rule out what does not comply. Furthermore, ongoing training is critical. It not only serves to remind personnel of key issues, but ensures personnel who progress in their roles are educated on the dangers or conduct that might impact upon them in that new role.”
There is no point in companies maintaining compliance training programmes unless they are up to date and effectively monitored and documented. Otherwise, they will prove nothing to a regulator and leave companies open to a breach. “The main benefit of effective compliance training is that it makes managing compliance risks much cheaper,” suggests Mr Bowdler. “Good compliance training means more activities are done correctly first time, and consequently far less time and money are required to both monitor the results and take corrective action. Any time spent re-doing work, or making corrections, is effectively an unnecessary cost. And, of course, it makes non-compliance less likely.”
© Financier Worldwide