The amount of regulations which all organisations need to meet grows each month. In 2018 alone more than 2,000 Acts and Regulations were passed in Australia.
An effective compliance program is part of the solution which ensures that organisations satisfy their governance responsibilities and remain compliant with all relevant laws.
An effective compliance program includes the development, implementation, and adherence to standardised operational compliance policies, procedures, standards of conduct, safeguards and written guidelines that outlines an organisation’s expectations of its employees.
The program should be well-structured, organised and consistent across the organisation. Areas of responsibility should be well defined to ensure accountability. All staff should be made aware of their compliance obligations through appropriate training and procedures, with the goal being to reduce compliance breaches.
Central to a successful compliance program is the commitment of managerial and executive staff, without which, an organisation will fail to achieve an effective program of compliance. Managers and the executive should communicate their commitment to compliance by being involved in the provision of resources and allocation of staff to enable the development and successful implementation of the program. Adequate training to employees should be provided that clearly indicates the organisation’s commitment to a compliance culture; and outlines the roles and responsibilities of employees in order to encourage reporting of breaches. Compliance activity should be monitored by those in a position of responsibility.
Continuous Risk Assessment
A successful compliance program will have processes in place that will continuously assess the risk of breaches and the impact of that risk on operations. Risks can be grouped into high, medium and low risk categories, allowing the organisation to prioritise areas of focus. Part of a risk assessment involves developing strategies to mitigate those risks. Putting processes, procedures and guidelines in place and having clearly defined roles and responsibilities for staff will aid in risk mitigation.
Written Compliance Program
Having a clearly written, concise, up to date and complete compliance program is essential to the program’s success. The program should include policies, procedures and guidelines that are easy to follow by all employees. It should be accessible to all staff and include information regarding the reporting process.
Compliance Auditing and Self-Assessment
When conducting an audit of your organisation’s compliance it is essential to first identify the responsible staff members for each compliance subject area that will be reporting back for the audit. It is essential to create an adequate system for tracking reporting back from staff, which includes providing those staff members with defined time frames for reporting. A successful audit will include interviews with relevant staff on questions that have been developed to reflect the organisation’s compliance obligations. The audit should aim to identify any gaps and inconsistencies in operations that can be drafted into an audit report. Recommendations should be made based on the results of the audit, with corrective action being taken within a time frame relative to the risk of the gaps or inconsistencies identified.
A key component to an effective compliance program is ongoing monitoring of all relevant legal obligations. Organisations should nominate at least 1 individual to have the responsibility for ensuring that the organisation is notified of relevant legislative changes and that steps are taken to ensure that the relevant parts of the organisation take action to ensure compliance with those changes.
Program for Handling & Reporting Compliance Problems & Breaches and Implementing Corrective Actions
A supportive and proactive compliance culture will give employees the confidence to step forward and speak up when there is a possibility of a breach and is one of the best defences an organisation has in minimising risk.
It is important that staff are made aware that there is no risk of reprisal to that employee for reporting possible breaches in good faith. The provision of information regarding the reporting process can be supported through widely distributed posters and regular emails or newsletters.
Some compliance breaches require external notification to relevant bodies such as the police or government officials. A successful compliance program needs to provide clear guidelines that indicate the steps to be taken when an external notification becomes necessary, including the time frames for notification.
A thorough risk assessment and investigation needs to be undertaken, and in order to prevent further breaches, new processes and procedures should be put in place to further mitigate any risk.
For further information about how Law Compliance can make legislative compliance easy, contact the team:
Phone: 1300 862 667