Corporate Compliance Programs - Top Elements

From Knowledge base
Revision as of 15:21, 29 August 2014 by Marshall (Talk | contribs)

Jump to: navigation, search

Contents

Top 5 Elements of an Effective Compliance Program

1. Leadership

Tone at the Top

  • Board of Directors

The Board of Directors has a key role to fulfill. The Board must ensure compliance policies, systems and procedures are in place and it should monitor implementation and effectiveness of the compliance program. The Board should receive periodic compliance briefings.

  • Ethics Committee and/or Audit Committee
  • Group Executive
  • Senior Management

Transparent and Active Commitment

Key Individual Roles

  • Chief Compliance Officer

Authority??

  • General Counsel

2. Risk Assessment

A risk assessment is designed to provide a big picture of your overall compliance obligations and then identify areas of high risk so that you can prioritize your resources to tackle these high risk areas first.

Risk Areas:

  • Regulation Risk
  • Business Opportunity Risk
  • Pricing


  • .Transaction/Accounting Risk

Risk assessments should be a regular, systemic part of compliance efforts rather than an occasional, ad hoc exercise. They should be performed periodically throughout the year. The should be performed by a group such as your Accounting and Finance, Internal Audit, Contracts, and Risk Management. The outcome of the risk assessment establishes the "Program Plan" for the upcoming period for the compliance and internal audit departments.

3. Standards and Controls

Levels of Standards and Controls

(1) Code of Conduct

Every company should have a Code of Conduct which should express its ethical principles. However, a Code of Conduct is not enough.

(2) Standards and Policies

Every company should have standards and policies in place that build upon the foundation of the Code of Conduct and articulate Code-based policies, which should cover such issues as bribery, corruption and accounting practices.

(3) Procedures

Every Company should then ensure that enabling procedures are implemented to confirm those policies are implemented, followed and enforced.


Note: FCPA compliance best practices now require companies to have additional standards and controls, including, for example, detailed due diligence protocols for screening third-party business partners for criminal backgrounds, financial stability and improper associations with government agencies. Ultimately, the purpose of establishing effective standards and controls is to demonstrate that your compliance program is more than just words on a piece of paper.

4. Training

A strong compliance program trains company officers, employees and third parties on relevant laws, regulations, corporate policies and prohibited conduct.

Measures

  • Who is trained?
  • How is the training conducted?
  • How often?

5. Oversight - including monitoring, auditing and responses

Monitoring

A primary goal of monitoring is to identify and address gaps in your program on a regular and consistent basis.

Auditing

Auditing is a more limited review that targets a specific business component, region or market sector during a particular timeframe in order to uncover and/or evaluate certain risks, particularly as seen in financial records.

=Remediating and Correcting

What are your remediation efforts? Your company should remediate problems quickly. A key concept behind the oversight element of compliance is that if a company is policing itself on compliance-related issues, the government will not have to do it for them. Remediation, then, is an important component of oversight. It is not enough to just gather information and identify compliance problems through monitoring and auditing. To fulfill this essential element of compliance, you also have to respond and fix the problems.

Retrieved from "http://www.govcwiki.org/index.php?title=Corporate_Compliance_Programs_-_Top_Elements&oldid=7213"