News
 
21 June 2018
Sailing close to the wind? Getting compliance management implementation right

The European Union General Data Protection Regulation (EU-GDPR), which went into effect on May 25, 2018, has re-awakened a lot of managers. Many ask pessimistically: How can we possibly ensure that every employee follows every legal and other binding rule and regulation? And what am I as a manager obliged to do to ensure that any of my employees is complying with existing rules and regulations?

These questions are anything but new. In many parts of a company, “legal compliance” and “complying to company guidelines and operating instructions” is a perennial issue. And many prominent examples such as Volkswagen’s “Dieselgate”, the corruption affairs at Siemens or the “Libor index scandal” at Deutsche Bank show the negative consequences of compliance breaches for companies and managers alike.

 

acondas has been supporting clients in implementing new compliance management systems and corporate guidelines for many years. Compliance topics range from health & safety to environmental protection, data security and data privacy.

 

From our perspective, there are five key success factors for the implementation of compliance management systems and compliance guidelines:

 

1. Relevance and priorities

Get a systematic overview of all legal and additional internal requirements and weigh their relevance for your area of responsibility. Critical: prioritize the relevant requirements according to their likelihood and how great the (negative) impact would be in case of a breach. Consider that negative consequences do not only affect people, environment, society and the company’s EBIT short-term, but also its public image in the long run.

 

2. Systematic approach

After this relevance analysis, focus on the high-priority requirements and plan a systematic process for ensuring compliance and checking implementation. Proceed in a top-down manner, starting with the overall corporate guidelines, then move to department rules and then to working procedures and instructions. Mind the materiality principle, focusing on high-priority topics.


3. Focus (time, attention, resources)

Regularly checking new and existing legal and other requirements in terms of their relevance and materiality, adapting guidelines and instructions, honing employee communication, training and controlling legal compliance – these activities are time-consuming and resource-intense. You and your staff cannot conduct those activities in parallel to your daily work. Therefore, assign dedicated resources with a realistic time budget to these activities. This is recommended regardless of whether those tasks are conducted in a project-like set-up or as dedicated tasks of the line organization.


4. Keep it simple

Keep implementation of legal compliance simple! Neither you nor your employees will benefit from a myriad of incomprehensible guidelines and instructions in “legalese”. Translate legal and other requirements into everyday language for your employees. What does a legal requirement mean for a specific work process or method, for the layout and infrastructure of your work space, for using and handling work equipment? What are examples of desired behaviour, what are examples of negative/non-compliant behaviour? Be very explicit about the consequences when breaching the guidelines and instructions – both for the individual employee, the team colleagues, external suppliers, the environment and the entire company.


5. Measure compliance, delineate consequences

Maintain trust, but verify. Check the compliance with guidelines and instructions, their effectiveness and up-to-dateness on a regular basis. Document all known violations and show zero tolerance in case of a breach. Repeat over and over the importance of compliance both from individual, environmental, societal and company perspectives. Introduce a compliance monitoring which controls (a) whether your team is complying with existing guidelines and instructions and (b) whether those guidelines are effective. Conduct internal and external audits on a regular basis – not to prove that you have a “clean record”, but as a regular check-up and wake-up call.


As you might see, ensuring legal compliance doesn’t require a magic wand, but rather well-structured, planned, prioritized and consequent actions requiring skills and tools closely related to systematic project management skills.

 

If you have any questions about compliance management, organizational development or other implementation topics, feel free to contact us at: info@acondas.com


Picture source cover photo: Tamara Kulikova - Shutterstock.com


 
News
 
Sailing close to the wind? Getting compliance management implementation right

The European Union General Data Protection Regulation (EU-GDPR), which went into effect on May 25, 2018, has re-awakened a lot of managers. Many ask pessimistically: How can we possibly ensure that every employee follows every legal and other binding rule and regulation? And what am I as a manager obliged to do to ensure that any of my employees is complying with existing rules and regulations?

These questions are anything but new. In many parts of a company, “legal compliance” and “complying to company guidelines and operating instructions” is a perennial issue. And many prominent examples such as Volkswagen’s “Dieselgate”, the corruption affairs at Siemens or the “Libor index scandal” at Deutsche Bank show the negative consequences of compliance breaches for companies and managers alike.

 

acondas has been supporting clients in implementing new compliance management systems and corporate guidelines for many years. Compliance topics range from health & safety to environmental protection, data security and data privacy.

 

From our perspective, there are five key success factors for the implementation of compliance management systems and compliance guidelines:

 

1. Relevance and priorities

Get a systematic overview of all legal and additional internal requirements and weigh their relevance for your area of responsibility. Critical: prioritize the relevant requirements according to their likelihood and how great the (negative) impact would be in case of a breach. Consider that negative consequences do not only affect people, environment, society and the company’s EBIT short-term, but also its public image in the long run.

 

2. Systematic approach

After this relevance analysis, focus on the high-priority requirements and plan a systematic process for ensuring compliance and checking implementation. Proceed in a top-down manner, starting with the overall corporate guidelines, then move to department rules and then to working procedures and instructions. Mind the materiality principle, focusing on high-priority topics.


3. Focus (time, attention, resources)

Regularly checking new and existing legal and other requirements in terms of their relevance and materiality, adapting guidelines and instructions, honing employee communication, training and controlling legal compliance – these activities are time-consuming and resource-intense. You and your staff cannot conduct those activities in parallel to your daily work. Therefore, assign dedicated resources with a realistic time budget to these activities. This is recommended regardless of whether those tasks are conducted in a project-like set-up or as dedicated tasks of the line organization.


4. Keep it simple

Keep implementation of legal compliance simple! Neither you nor your employees will benefit from a myriad of incomprehensible guidelines and instructions in “legalese”. Translate legal and other requirements into everyday language for your employees. What does a legal requirement mean for a specific work process or method, for the layout and infrastructure of your work space, for using and handling work equipment? What are examples of desired behaviour, what are examples of negative/non-compliant behaviour? Be very explicit about the consequences when breaching the guidelines and instructions – both for the individual employee, the team colleagues, external suppliers, the environment and the entire company.


5. Measure compliance, delineate consequences

Maintain trust, but verify. Check the compliance with guidelines and instructions, their effectiveness and up-to-dateness on a regular basis. Document all known violations and show zero tolerance in case of a breach. Repeat over and over the importance of compliance both from individual, environmental, societal and company perspectives. Introduce a compliance monitoring which controls (a) whether your team is complying with existing guidelines and instructions and (b) whether those guidelines are effective. Conduct internal and external audits on a regular basis – not to prove that you have a “clean record”, but as a regular check-up and wake-up call.


As you might see, ensuring legal compliance doesn’t require a magic wand, but rather well-structured, planned, prioritized and consequent actions requiring skills and tools closely related to systematic project management skills.

 

If you have any questions about compliance management, organizational development or other implementation topics, feel free to contact us at: info@acondas.com


Picture source cover photo: Tamara Kulikova - Shutterstock.com