Transparency in business is important for a successful company and essential for its long-term success. A compliance program helps companies achieve this objective.
A general compliance program to fit every company does not exist, although there are a few general principles that should be universally adopted. To reduce the possibility of improper conduct, each company must develop a set of ethical conduct standards. These standards should be documented in the company’s Code of Conduct (“CoC”), which expresses the company’s ethical principles and identifies the major compliance risks. It should also address enforcement and evaluation methods (training, support, monitoring, auditing, whistleblower protection, hotline, etc.), consequences for improper conduct, conducting of due diligence of business partners and background checks.
Additional CoC policies should address industry-specific issues as well as compliance with anti-bribery and anti-corruption laws, rules for conducting business with third parties or government-owned entities, participation in public procurement, donations and sponsorships, conflict of interest, and others.
Producing a set of documents is not enough to ensure company-wide compliance with CoC principles. Company employees must be duly familiarized with the compliance program, which can be accomplished through obligatory training for all employees, management, and, if necessary, business partners as well. The training must be documented, and the employees‘ understanding of its content tested.
The compliance program must be fully supported by company management, with commitment to compliance strongest at the top. Management should perceive compliance not as an administrative necessity, but as a strategic function helping the company move forward. This should be supported in turn by independent compliance officers (internal or external) with strong authority.
An essential element of compliance is risk assessment. A systematic approach to the compliance program followed by regular assessment is crucial. The most common risk assesment tools include internal audits, calls made to hotlines, internal investigations, completion of employee trainings, monitoring of internal compliance, and monitoring of third parties.
It is also strongly advised that the compliance department aid employees who seek guidance or help with compliance issues. A reporting system, such as a hotline (e.g., e-mail or phone line support provided by external legal counsel), is effective in uncovering improper conduct and may be utilized by business partners as well as employees.
Disciplinary actions against persons breaching compliance rules will vary ad hoc, and include mainly: repeated training, a pay cut, and termination. The company must take steps proportional to the misconduct detected.
In recent years, there has been much progress in the implementation of compliance programs. An effective compliance program should be seen as a strategic tool, giving the company a strategic advantage against competitors. The implementation of compliance programs throughout the business world will help society eradicate corruption, improve transparency in business relationships, and improve the life of the entire society overall. That is a WIN-WIN for everyone.