A Culture of Compliance
The simplest definition of compliance is “following a rule or order.” In fact, Merriam-Webster defines compliance as “the act or process of doing what you have been asked or ordered to do.” For a word that can invoke complexity, if properly instituted, a culture of compliance can help you move compliance from daunting to deliberate. At ETHIX360, we aim to help our clients do just that.
When you think about the center of compliance, it is essentially a set of policies that define employee conduct and behavior necessary to make the company conform to laws, regulations, and corporate conduct standards. Of course, just having policies is not enough; you must communicate them effectively to employees if you expect them to be followed. Even sharing them is still not enough; you must make certain that employees understand them and agree to abide by them. Finally, inevitably policies will be violated, and the last leg of the stool is a mechanism to allow employees and others to share information about violations so that you can investigate the allegations and determine if indeed a policy was violated.
Cultivating a Culture of Compliance
In a culture of compliance, this really becomes a closed loop rather than a linear process. Attention is paid to determine what policies are required, authoring them in a way that is relevant and can be consumed by the employees of the company. Then, an annual process makes sure they are updated and attested to by relevant employees. These annual updates restart the loop, returning attention to making policies consumable. Systems are in place to allow the reporting of policy violations so that an open, unbiased investigation of the alleged violation can be thoroughly conducted.
The US Department of Justice has a voice in this discussion as well, and that comes forward in their Sentencing Guidelines. It’s interesting that in the DOJ guidelines, there is discussion on consideration for the company’s liability based on how proactive they have been in the deterrence of violations as opposed to taking a “head in the sand” approach. When companies do all the right things, the possibility of a bad actor still exists. No policy is ever going to make bad actors go away!
This issue really boils down to if you’re doing everything you can to create a culture of compliance from top to bottom in your company. If you are, then often consideration is given to the company and fault falls to the bad actor, but if you are not doing everything reasonable within your power to create a culture of compliance, are you in fact being complicit and thereby culpable?
J Rollins is the co-founder and CEO of ETHIX360. At ETHIX360, our goal is simple: to provide an affordable, flexible, and comprehensive answer to employee communication, policy management, corporate training and case management on issues related to corporate ethics, code of conduct, fraud, bribery, and workplace violence. To stay up-to-date on the latest compliance and HR-related news, follow us on Twitter, Facebook, or LinkedIn.
To learn more about ETHIX360 and how we can help, please visit www.ethix360.com
The ETHIX360 blog brings you weekly updates on all things human resources and compliance.
MEET THE AUTHOR
J Rollins is the co-founder and CEO of ETHIX360. J is a well known leader and innovator who has served on senior leadership teams ranging in responsibility from Chief Revenue Officer, Chief Marketing Officer, SVP of Product Strategy and Chief Operating Officer.
ABOUT ETHIX360
At ETHIX360, our goal is simple: to provide an affordable, flexible, and comprehensive answer to employee communication, policy management, corporate training and case management on issues related to corporate ethics, code of conduct, fraud, bribery, and workplace violence.
