We’re halfway through 2018, and let’s face it … if you are like most CCO’s you spent that first half of 2018 battening down the hatches for the launch of GDPR.  And like most CCO’s, your efforts and attention paid off. You are  ready to deal with privacy and data issues to be GDPR compliant once May 25th came and went.

There was a lot of cost in these measures – for some it meant new systems that offered a higher level of compliance and conformity to new standards.  For others, it meant more headcount in hiring Chief Security Officers, or new compliance professionals in the EU when, previously, compliance programs were managed from the US or elsewhere outside the EU.

But there was one other cost that should not be ignored, and that is lost opportunity cost.  Every year, CCO’s and senior executives focus on their top initiatives for the year.  Since GDPR consumed nearly half the year, at ETHIX360, we wanted to drop the traditional Top 10 list to a Top 5 that’s manageable for the balance of 2018.

Issue #1 – Analytics driven training

At ETHIX360, we do annual reviews with each client, and an important part of this process is to summarize all issues raised in the prior year by allegation and sub allegation.  We look for two things primarily when we do this – are the top allegation/ sub allegation combinations something that is relatively  preventable.  For example, in the case of a recent client meeting, we were able to present their data back to them differently than they had viewed it in the past. It was quickly obvious to them that 1/3 of all issues raised were related to sexual harassment, specifically a hostile work environment.  Since typically those issues are under management’s control, they will be addressing it by training so that their managers and supervisors are more aware of what constitutes a hostile work environment and how to prevent it.

Issue #2 – Increased employee access  

At ETHIX360, we see a range of employee usage largely based on demographics and industry.  Because of this, we can help our clients benchmark themselves against their peers.  One of the opportunities that is often been uncovered has been system usage by millennials – or rather the lack of reports.  In organizations with declining usage we have found that the largest driver has been cultural – millennials just don’t like to call or even use websites to report.  They tend to prefer apps or for most, texting.   By expanding access to reporting tools to include apps and texting, you will engage this millennial community in a positive way.

Issue #3 – Global collaboration

More and more companies have a global footprint, whether it is their own employees and locations, or their supply chain partners.  Even by expanding the use of your system to support multiple languages, you can make great strides.  But it should not stop there!  Multi-language support should be part of the back end of your system as well – case management.  The application can then support your global footprint and usage. 

Issue #4 – Third party exit interviews

Although most companies have an exit interview process, the majority of the times these processes are conducted by internal staff, likely HR.  Studies have consistently shown that in exit interviews conducted internally, however, the departing employees tend not to reveal their true reason for leaving for fear of a bad reference in the future and instead “take the high road… i.e. I found a job closer to home, better hours, higher pay, etc.  Rather than say they had been threatened by a co-worker and feared workplace violence, or that their supervisor had made unwanted advances.  Consistently, 3rd party exit interviews, which allow the employee to remain anonymous, reveal up to 20% more issues.  More critically, they reveal issues that caused people to leave the company and inflate turnover and associated costs.

Issue #5 – Marketing your program

Often at the initial launch of a hotline, it is broadly publicized throughout an organization.  You might have printed posters, sent emails or even had leadership broadcast messages about it.  But, what about the ongoing marketing of the program?  Since that launch have you continued to market the program?  After all, if for no other reason you have had turnover.  More so, employees need to be reminded.  A 3rd party hotline program should have positive benefits for your organization and be a demonstration to your employees that you want to make your company operate in a responsible, ethical and transparent manner.

 These priorities may sit on your list along with a few others  as well!  We’d love to hear about your other top priorities you have for the second half of 2018.

Managing an ethics and compliance program is challenging enough without the extra stress and resource drain that GDPR has brought to the equation.  With limited time and limited resources, it is clear that the task at hand for compliance officers is not an easy one. Luckily it can be done!  Focus on what’s most important. Focus on the top five elements of compliance programs that will have the greatest impact on your organization's culture while mitigating risk.   Using your data to make educated decisions is easier than you think. Leveraging your compliance data, analytics and benchmarking will help you make good choices for your compliance program.  You won’t waste your precious resources training and creating policy awareness campaigns on departments that are low risk or not experiencing any issues.  By knowing what to focus on you’ll be able to get the most bang for your buck allowing you to stretch those compliance resources just a little bit further. 


J Rollins is the co-founder and CEO of ETHIX360.  At ETHIX360, our goal is simple, to provide an affordable, flexible and comprehensive answer to employee communication and case management on issues related to corporate ethics, code of conduct, fraud, bribery, EH&S and workplace violence.  To learn more about ETHIX360, please visit www.ethix360.com, or follow us on twitter @ethix360.