Law & order
Seven Key Actions to Accelerate Your Ethics and
Compliance Program
We always hear (and
talk about) the rise in the compliance profession. Yes, there is increased
demand for CCOs and compliance officers. More lawyers are transitioning into
the compliance profession.
Out in the real world,
however, there are CCOs who are under the gun – they are being asked to do the
impossible. CCOs are being hired and asked to take over a non-existent or
minimal compliance program, and transform the compliance program into a
state-of-the-art program.
The situation is more
common than you think. A new CCO takes over a company after interviewing with
the Board and senior management. The CEO and the Board promise the CCO their
full support and sufficient resources to get the job done.
Unfortunately, when
the CCO arrives, the CCO quickly realizes that the ethics and compliance
program is a shambles. The CCO begins to question his or her judgment and the
representations made by the Board and senior managers.
What should the CCO
do?
Here are seven key
steps a CCO can take to jump-start the company’s compliance program.
1. Create an Ethics and
Compliance Committee – In the absence of compliance resources,
a CCO has to leverage resources and seek cooperation from other compliance
constituents, including Human Resources, Legal, Internal Audit, Information
Technology, and the Financial Office.
2. Conduct a Risk
Assessment –
A CCO (with the help of the Ethics and Compliance Committee) should review and
assess the company’s risks. There is no need to conduct a formal or expensive
risk assessment –interviews of key managers will identify the significant
compliance gaps. An informal risk assessment will provide valuable insights and
guidance for the overall compliance program.
3. Establish a Policy
Clearinghouse – In order to provide a basic structure, a CCO
should review and establish a basic set of compliance policies, including a
Code of Conduct, Global Anti-Corruption Compliance, Export Control/Sanctions,
Antitrust, Money Laundering, Data Privacy, and other applicable policies to the
company’s business.
4. Implement and Improve
Employee Reporting and Investigations Management – A CCO has to
create a system for reporting employee concerns. Such a system can be basic
initially and replaced with more sophisticated systems later. A basic system
for investigating employee concerns should also be established.
5. Promote Communications
and Training – A CCO can enlist the support of the CEO and
senior managers (and hopefully the Board) to communicate the message of
compliance. Such communications can be easily put together and disseminated at
little cost. To reinforce the compliance message, a CCO has to roll out a
comprehensive training program, starting with Code of Conduct training and then
moving to other topics based on risk.
6. Initiate Program
Assessment Tools – While not as high a priority in the beginning,
a CCO has to put in place systems to measure and monitor compliance program
elements.
7. Confirm a Board
Reporting Protocol – Board supervision of the
company’s compliance program is essential. A CCO has to establish a protocol
for meaningful Board reporting. Such a protocol should include allocation of
sufficient time for meaningful reports (at least 30 minutes) to the Board.
Read more: http://blog.volkovlaw.com/2014/12/seven-key-actions-accelerate-ethics-compliance-program/
No comments:
Post a Comment