Continuous monitoring and continuous improvement are two of the most important phrases for any compliance program. These twin concepts were further enshrined in the 2023 Update to the Evaluation of Corporate Compliance Programs (2023 ECCP). In 2023, all companies’ risks changed as we moved from Working From Home to Return To Office and, now, a hybrid model. In addition to this straight-forward change in risk due to working locations, new risks in the form of geopolitical, supply chain, and export control, as well as increased risk due to social media, continue to impact compliance programs. Your compliance program must be ready to respond to whatever those risks might be going forward.
Continuous improvement runs the gamut in a best practices compliance program, from risk assessments to policies and procedures to periodic testing and review.
Three key takeaways:
1. How have your company’s risks changed over the past year, and how will they change in 2024?
2. What is your process for continuous monitoring and improvement?
3. What sources of information do you use that come from outside your organization?