Some Thoughts on Implementation of Compliance Programs
Last week, a large group of Finnish Compliance Officers and General Counsels had a lively discussion about the implementation of compliance programs in our annual General Counsel Round Table -event. The key element is, of course, the top management’s full commitment to this implementation. Today, this commitment is often easily achieved in international corporations. Their boards and CEOs understand that there is zero tolerance for criminal or non-ethical acts. For Compliance Officers and General Counsels the challenge lies in getting the middle management similarly committed. In large international corporations the CEOs of subsidiaries in different countries are also in a kay role.One of the most important elements to assess in the implementation of compliance programs is the corporate culture. In certain cases it is easier to get the program in effect and in others it needs more work. In international corporations, for example, the programs need to be translated to severallanguages and implemented in different cultures.
In the event, different ways and tools to commit the managers andemployees in general were discussed. It was suggested that perhaps the most effective way would beto tiethecompliance to teams or team leaders’ incentives. However, there seems to be little experience in this area. Method most used by different companies seems to involve an E-learning program. It was also discussed whether it should be obligatory for employees to complete the compliance program. Maybe sometimes the promise of benefits would be more effective. What seems clear, however, is that there is a need also for ‘face to face’ trainings. One way to get the compliance programs in company’s permanent processes would be to include them in the employee/manager discussions. The discussion in teams and business units are also important. Then, the results of these discussions need to be reported to upper managers and the Chief Compliance Officer, who in turn will report them to Board’s Audit Committee. Then, the training needs to be repeated at least once a year, the training needs to be in new employees training programs etc.: It is continuous work. Moreover, the proof of the training of employees and third party suppliers and distributors must be carefully filed and stored. This is the material the authorities are interested if your company should attract their attention in this regard.
It is important for the company that any case of non-compliance is reported as soon as possible. This can be achieved by upholding an internal reporting systems and enabling whistle blowing. Statistically, many times the reported incidents concern HR matters and are thus handled by HR management. However, the real non-compliance cases need to be investigated. With this regarded the company must have a clear guideline on what happens to an employee in case of verifiable non-compliance. Many times the internal investigation is enough – but not always. Unfortunately, sometimes the case has to be given to police.
Somebody might ask why all this work – in the dream world it is obvious that corporations act in an ethical way. However, thecorporations consist of people with different knowledge, background andcultures. There are a lot of differing regulations around the world and – the very strict – USregulationmaybe applicable also to companies located abroad. In case a company is find in breach theseregulations, it may face some severe penalties, itsreputation may be destroyed for good, and the share price falls. As mentioned above, there exists a zero tolerance and a lot of work for all Compliance Officers.