Compliance is the process by which organisations identify and meet their strategic obligations whether arising in law, standards, codes of practice or from stakeholder expectations.
Focussing on legal obligations in isolation results in a minimalist and narrow approach, which cannot leverage an organisation’s ability to efficiently manage all aspects of compliance risk.
The Board should articulate the compliance philosophy and ensure adequate seniority, level of authority and support is given to the compliance function.
Questions to ask in your business
- Does the Board issue the compliance policy and endorse the compliance plan?
- Is there a Board or management compliance committee?
- Are your Board and senior management knowledgeable about the content and operation of your compliance program and do they oversee and monitor its implementation and effectiness?
- When was the compliance policy last reviewed and issued?
- Does the person responsible for compliance have sufficient seniority and authority and have direct access to the Board and CEO?
- Regardless of structure (centralised and decentralised), is compliance independent of operational and business drivers?
- Is the compliance program sufficiently integrated into the organisation so that business units and all staff can understand, perform and be assessed against, their compliance obligations?
- Are the compliance requirements, rules, structures, resources, policies and procedures documented and implemented across the organisation?
- Is compliance training integrated into induction and the annual training plan for all staff?
- Are compliance obligations included in each staff member’s position description?
- Does compliance form part of business key performance indicators? =
If you would like to implement an compliance governance framework, then ACY Advisory can help!