Say the word “compliance” and oftentimes it generates groans and eye rolls. Compliance is considered a necessary evil by many. It’s not that people are against doing the right thing. It’s because compliance is perceived as time consuming and costly in terms of non-billable resources. As the compliance manager for netlogx, a consulting services company with an emphasis on risk management, I prefer to look at it another way. Having an effective compliance program improves a company’s operational quality and can significantly reduce the risk of activities that may lead to massive fines, criminal prosecution, or suspension of the company’s right to do business. I think avoiding any of those outcomes is worth the extra time and effort that maintaining an effective compliance program entails.
Having a defined compliance program makes good business sense not just by reducing the risk of fines, it helps to build a reputation of excellence for a company, leading to customer satisfaction and attracting top talent. It also sets out expectations for employee behavior, helping to reduce errors and waste and lays a solid foundation for growth.
Regardless of industry, the type of business model, structure, size or management style a company chooses to follow in the United States, it will be directed by government regulations. In broad terms, these regulations cover labor laws (how businesses treat employees); tax laws (how a business must report its financial status to the government); regulatory laws (standards for how businesses operate in specific situations); and reporting laws (how businesses must report their finances to investors and the government).
For help in creating or evaluating a company’s compliance program to manage these various regulatory requirements, I recommend looking to section 8B2.1 of the Federal Sentencing Guidelines. This section provides a definition of what constitutes an effective compliance program that is generally accepted across all industries. In general, a program should include:
- Dedicated high level company personnel who exercise effective oversight and have direct reporting authority to the governing body
- Written policies and procedures
- Training and education
- Lines of communication
- Standards consistently enforced through well-publicized disciplinary guidelines and internal compliance monitoring
- Response to detected offenses (including remediation of harm caused by criminal conduct) and corrective action plans (including assessment and modification of the compliance and ethics program); and
- Periodic Risk Assessments
Developing an effective compliance program which exercises due diligence and promotes an organizational culture that encourages ethical conduct and a commitment to compliance with the law is well worth the effort in terms of time and resources.
Contact netlogx to learn how our consultants can assist companies with the management of compliance.
“If you think compliance is expensive – try non-compliance.”
–Former U.S. Deputy Attorney General Paul McNulty