Compliance management
Mix of policies, procedures, documentation, auditing, security controls, and technological enforcement, to ensure compliance with laws, regulation, and standards.
DESCRIPTION
Compliance management is the process which ensures that employees comply with a given set of rules. Compliance means that an organisation adheres to external or internal laws, regulations, guidelines and specifications or standard relevant to its business. Compliance management can take many forms. It can for instance be a mix of policies, procedures, documentation, internal auditing, security controls, and technological enforcement.1
PURPOSE & LINK TO INTEGRITY
The main aim of compliance is to avoid legal sanctions. Corrupt practices and other integrity-related illicit behaviours are generally punished by law. Therefore, compliance management is an important step towards improving an organisation’s level of integrity. In addition, organisations, which manage compliance can control material/financial losses or reputation defamation.
KEY REQUIREMENTS
- Does your organisation have a clear picture on what staff members should comply with?
- Are you aware of all relevant international and national regulations relevant to your organization?
HOW TO
Compliance management can include the development of compliance standards, education and training of staff and management, reduced discretionary power, auditing and controls, conduct investigations, and penalties in case of misconduct.2
In order for the compliance management to be effective, it is important that the organisation:3,4,5,6
- Identifies the applicable laws, regulations, standards, contracts, policies and procedures that should be complied with
- Understands regulation requirements
- Assesses the current state of compliance
- Assesses the risk and potential costs of non-compliance
- Shows way how to comply with these regulations
- Ensures employees have received, read and understood the identified applicable standards, regulations, policies and procedures
- Carefully monitors the staff
- Investigates root causes of occurring non-compliance
- Takes corrective action in case of non-compliance
- Establishes risk control measures
- Continuously monitors and revises the program in light of regulatory updates, changes in the organisation’s needs or services, or revisions to the policies and procedures of government
You might also consider getting ISO certification. The International Organization for Standardization (ISO) is a worldwide federation of national standards bodies. The following ISO standard is applicable for this tool:
ISO 19600:2014 Compliance management systems – Guidelines (http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?ics1=3&ics2=100&ics3=1&csnumber=62342ISO): 19600:2014 provides guidance for establishing, developing, implementing, evaluating, maintaining and improving an effective and responsive compliance management system within an organization.
KEY GUIDING DOCUMENTS
Sharp Paine, 1994, Managing for organizational integrity, Harvard Business Review
The Best Practice Network Guidelines, no year, Duties of a compliance officer, http://www.best-practice.com/compliance-best-practices/compliance-management/duties-of-a-compliance-officer/, accessed 28.10.2015
Fox, T. R., 2012, Five essentials of a chief compliance officer position, http://www.infosecisland.com/blogview/22769-Five-Essentials-of-a-Chief-Compliance-Officer-Position.html, accessed on 02.12.2015
FURTHER READINGS
Investopedia, no year, Compliance officer, Investopedia, http://www.investopedia.com/terms/c/compliance-officer.asp, accessed 28.10.2015
Fondation Geneve Place Financiere, 2006, Compliance officer, Fondation Geneve Place Financiere
ICA, no year, What is Compliance?, International Compliance Association (ICA)
Nordmann, 2013, Regulation: Catalyst for Better Governance and Enhanced Integrity in Water Utilities?, Water Integrity Brief, Water Integrity Network (WIN), Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH, Germany
FULL REFERENCES
- AuditShark, no year, What is Compliance Management, AuditShark, https://www.auditshark.com/Education/what-is-compliance-management.aspx, accessed 28.10.2015
- Sharp Paine, 1994, Managing for organizational integrity, Harvard Business Review
- The Best Practice Network Guidelines, no year, Duties of a compliance officer, http://www.best-practice.com/compliance-best-practices/compliance-management/duties-of-a-compliance-officer/, accessed 28.10.2015
- Fox, T. R., 2012a, Three keys to the role of a chief compliance officer
- Fox, T. R., 2012b, Five essentials of a chief compliance officer position, http://www.infosecisland.com/blogview/22769-Five-Essentials-of-a-Chief-Compliance-Officer-Position.html, accessed on 02.12.2015
- 1Consulting, no year, Compliance Officer role and responsibilities tip sheet, 1Consulting