Compliance professionals are aware that creating a strong culture of compliance should be a priority for their organizations. Yet what exactly does that mean for firms—and how can they prove to regulators that a culture of compliance is in place? That’s a question that I cover frequently with the firms that I work with.
Here are some key steps that I recommend firms take to create a strong culture of compliance.
Create mandatory training, and track that it’s done
Training is important, both when an employee joins the firm as a new hire and on a yearly basis after that. Solid training insures that employees are aware of the policies and procedures that they must adhere to. Make sure to follow up training with appropriate and ongoing disclosures and attestations to provide a historical record for regulators and the firm and to identify potential conflicts of interest that need follow up.
Compiling and conducting training can be a drain on compliance teams of all sizes. An outside firm can help by providing the expertise to insure all of the bases are covered during training, and by freeing up your internal team to focus on other tasks.
Make all Policies and Procedures are easily accessible for employees across all levels of the organization
Policies and Procedures only work if your employees are aware of them, and if you have the tools in place to enforce them. Reviewing Policies and Procedures during training and keeping them out of sight for the remainder of the year is a sure-fire way to insure intentional and accidental violations. Easy-to-use technology like a mobile app can help keep employees engaged with compliance and increase adherence to policies and procedures.
Create the right tone from the top
To raise their profile within the firm, the CCO should be a part of critical internal committees, both to gain an understanding of what’s going in in the organization and to provide other decision makers with timely and relevant compliance information.
Setting the right tone also conveys that compliance is part of everyone’s job and ensures that department heads and managers are aware of their responsibilities. Holding quarterly meetings with department heads and managers will remind them of their compliance responsibilities and reinforce your partnership in building a strong culture of compliance.
And as important as it is to have the right mix of dedicated professionals on your compliance staff, other stakeholders are just as crucial. Outside resources like consultants and technology providers can also provide expertise and be key members of your core compliance team. Learn more about using technology to transform compliance
Keep up-to-date with the latest technology
Technology really is the key to creating a culture of compliance efficiently and effectively. Compliance technology provides the platform for communicating policies and procedures and demonstrating adherence to regulators. Recent SEC guidance and risk alerts have consistently pointed to a lack of adequate technology as a deficiency in compliance programs. Could minimum technology standards for compliance be far behind?
Watch the webinar "Minimum Technology Standards for Compliance" featuring Tito Pombra and Giselle Casella, where they discuss the concept of minimum technology standards, and how firms can use both minimum technology standards and automation to effectively manage compliance, including:
- Evaluating compliance technology offerings for fit
- Aligning capabilities with compliance requirements to replace manual processes
- Understanding how automation can help firms better manage the core functions of compliance
- Leveraging technology for effective SEC exam management
Knowing your compliance risk requires the right view. Featuring a scalable and modular approach to meet the needs of every firm, MCO helps organizations manage conduct risk and identify conflicts of interest across employees, transactions and third parties.
The MyComplianceOffice platform enables comprehensive monitoring, workflow-directed task management, real-time alerts to exceptions and sophisticated hierarchy management and integrated data sets, including global company and security master of public and private companies.
Ready to learn more? Let us know and we’ll set up some time to talk.