The basic ingredients of a successful compliance program

Share on twitter
Twitter
Share on linkedin
LinkedIn
Share on facebook
Facebook

We have been operating Compliance Quarter for over three years now and one of the key components of our service offering is the outsourced Compliance Manager role that we provide to several businesses operating in highly regulated industries.

Providing the outsourced Compliance Manager role gives us the ability to benchmark businesses when it comes to compliance. The outsourced Compliance Manager role also helps us understand when a business is likely to face compliance issues into the future.

When it comes to determining whether a business will or will not be compliant, there are some very basic metrics that determine success.

What is a compliance culture?

The most critical aspect of compliance is a compliant culture. What this means is that an organisation’s staff must value compliant and ethical conduct.

Compliance and ethics must be baked into decision-making. Compliance must be rewarded, and non-compliance addressed. When designing processes and reward structures, compliance must be paramount. A common example of where this is not the case is where a sales representative is rewarded purely based on sales completed rather than compliant sales.

To embed compliance in decision making, the Organisation should firstly have a complete understanding of their regulatory obligations and secondly should consider the impact of their decision-making when it comes to compliance with regulatory obligations.

Compliance, like many other areas of business, risks being tied up with buzzwords and some of the most spectacular examples of non-compliance have been by businesses that have been given a false sense of security either by internal or external advisors.

When it comes to compliance culture, the easy way to measure success is to review the decisions that have been made by senior management over time and to consider whether those decisions included compliance as a key feature or as an afterthought.

Businesses which rely heavily on external advice for approval, particularly after the fact, rather than for guidance before making decisions are typically those at most risk.

Training, documentation, and systems and processes

All businesses must ensure that they have a compliance management process in place that is robust, documented, regularly updated, and, most importantly, implemented. What this means in practice is that businesses should document their compliance policies and procedures and ensure that all staff have been trained on compliance.

Training is not a one-off exercise, this is been clearly demonstrated when it comes to various organisations response to the coronavirus. Staff must be given the tools and resources they require to implement an effective compliance program. In areas of key risk, this means investment by an organisation and this means continual training.

If you are considering whether or not your compliance management program was effective, ask yourself when your staff most recently completed training on compliance and whether you can say, hand on heart, that all of your staff have completed appropriate training for their roles.

Some of the warning signs that you need to do more work on this area include policies and procedures that have not been updated in more than six months and staff that have not completed training.

Compliance example by senior management

It is critical that your business conduct monthly compliance committee meetings where you consider the effectiveness of your compliance program and consider any improvements can be made.

Within your compliance committee meetings, you should be looking at any new or proposed regulatory obligations, looking at the measures of compliance, and developing a work programme for the month ahead. Compliance committee meetings should be documented and records of agendas and minutes kept.

What is a outsourced Compliance Manager role?

An outsourced compliance manager takes control of your compliance program and ensures that you have a robust compliance management system in place.

Depending upon the terms of the engagement, this individual may be responsible for regulatory updates, for reviewing the adequacy of the controls you have in place, and for training staff.

The benefits of an outsourced compliance manager include: a) their independence from the business, b) their industry expertise and ability to benchmark your business against others, and c) the value that they can provide at a lower cost to your business.

More to explorer

AER’s Statement of Expectations

The AER has published its third statement of expectations of energy businesses during Covid 19. This statement of expectations applies from 1 November 2020 and will continue until 31 March 2021, and potentially beyond. In the new statement of expectations, the AER notes that the Covid 19 pandemic continues to have a significant impact on the Australian community with many people affected by dramatic changes to their lives, businesses, income, and working arrangements. The AER notes that Covid 19 continues

Victorian Embedded Networks: What’s the deal?

On 28 October 2020, we presented a webinar on the Victorian embedded network regulatory regime and changes under consideration. The webinar was recorded and you can watch it on-demand here by registering at this link: https://us02web.zoom.us/webinar/register/WN_G9mMl-BLQKmCohS27IBh1Q If you would like to learn more about embedded networks in Victoria, please get in touch.

Retailer Reconnection- Rule 121

Disconnection is a key area of risk for energy retailers. The process that must be followed by a retailer have been set out in other posts by Compliance Quarter. Today, we briefly look at the re-connection requirements. Retailers must comply with rule 121 of the National Energy Retail Rules. This is summarised below. Where a retailer has arranged for the de-energisation of a small customer’spremises and the customer has within 10 business days of the de-energisation: a. Rectified the matter

Leave a Reply

Your email address will not be published. Required fields are marked *