What are you looking for?
Categories

The Future of Compliance Training

In this episode of Excellence in Training, Shawn Rogers provides some thoughts on the veiled land of –the future of compliance training.

Highlights include:

1.Compliance Training will be More Respectful of the Learner

2. Compliance Training Abuse” will Stop 

3. Compliance Training will become More Relevant to Learner Roles

4. Compliance Training becomes More Integrated into Business Processes

5. Compliance Training becomes More “Bottom-Up” Driven than “Top Down” Driven 

Disclaimer-As a company, GM uses many training vendors. GM’s compliance function primarily uses two vendors. Rogers has worked with other good vendors that currently do not work with GM. Rogers is not promoting any specific vendors, nor is he disparaging any specific vendors in this podcast. And, of course, these opinions are Roger’s alone and opinions that  developed over almost 15 years. He is not speaking on behalf of GM in any way.

Categories

Training Frequency

In this episode of Excellence in Training, Shawn Rogers provides some thoughts on how training frequency and the amount of training can positively or negatively impact an overall training strategy.

It be fantastic if we viewed compliance training in the same way instead of giving an hour-long course on a topic they have heard before, what if instead employees received a 10-minute “refresher” training just to maintain their awareness and get the message that they should constantly be vigilant?

There are some compliance topics that are so important to a company that training needs to be required fairly regularly, maybe even annually. For instance, at GM, we have decided that it is important to provide reminder training annually on a few topics:

  • The importance of our Code of Conduct
  • The importance of speaking up when a concern is observed, and how to report the concern
  • An understanding of the company’s non-retaliation policy
  • The importance of workplace and vehicle safety
  • The requirement to disclose conflicts of interest.

At GM, we are moving towards a less frequent repetition of lengthy training courses for our current employees, and more frequent “refresher” or “reminder” training modules that keep the risk top-of-mind without assuming that lengthy courses need to be repeated every year. It is a very common sense and defensible approach to compliance training.

New GM employees are required to take more detailed courses during their first year so that they are exposed to the key risks in detail. After that, full-length courses are staggered in a three-year interval so we can keep the courses updated and to avoid over-training.

Disclaimer-As a company, GM uses many training vendors. GM’s compliance function primarily uses two vendors. Rogers has worked with other good vendors that currently do not work with GM. Rogers is not promoting any specific vendors, nor is he disparaging any specific vendors in this podcast. And, of course, these opinions are Roger’s alone and opinions that  developed over almost 15 years. He is not speaking on behalf of GM in any way.

Categories

Measuring Training Effectiveness

In this episode of Excellence in Training, Shawn Rogers provides some of this thoughts on measuring training effectiveness.
To measure the effectiveness of a compliance training program, you can’t come up with a metric that measures how many violations it prevented. Everybody knows intuitively that training helps prevent compliance violations. Again, that measurement is too far removed from the purpose of the compliance training program. However, it would be a good metric for the overall training program if you could figure out how to do it.
But how often do you see companies reporting the number of classes that were delivered? Or how many hours of compliance training were completed? It happens all the time. It could be a completely accurate statistic. It could be a measure of compliance program efficiency. It could be an indicator of an active compliance training program. But it in no way shows if the compliance training is effective.
But there are ways to measure training effectiveness. You can show that the training was aligned to the company’s risk profile. With user surveys and focus groups you can measure whether the learners feel that the training is applicable to their role and you can measure user satisfaction. You can ask learners to give examples of how they have changed the way they do their jobs.
Why don’t companies do a better job in measuring the effectiveness of compliance training? Because it’s very challenging to do. But there are ways to do it. Shawn conclude with one of his current ‘most favorites’ implemented at GM this year.
At GM there is a cybersecurity course that explains how to avoid phishing email scams. It is required of all employees that have a GM email account. To measure how effective the training was, the IT function came up with a method of sending out emails to random batches of employees that should have been recognized as phishing emails if they had paid attention to the training. If the employee recognized that the email was suspicious and clicked on the “Report Phishing” button, they were congratulated on reporting the email as suspicious. However, if they clicked on the link in the email, the IT team knew that the training had not met its objective. And, those employees that clicked on the link were kindly informed that they had failed the competency test and were provided with immediate feedback on how to avoid phishing scams.
Disclaimer-As a company, GM uses many training vendors. GM’s compliance function primarily uses two vendors. Rogers has worked with other good vendors that currently do not work with GM. Rogers is not promoting any specific vendors, nor is he disparaging any specific vendors in this podcast. And, of course, these opinions are Roger’s alone and opinions that  developed over almost 15 years. He is not speaking on behalf of GM in any way.
Categories

Take a Holistic Approach – Establishing Governance Across the Risk Universe

In this episode of Excellence in Training, Tom Fox and Shawn Rogers consider just how does a company create a comprehensive compliance training program that covers its complete risk profile? Many large company faces many legal and regulatory risks, and often many of those risks are “owned” by organizations that are outside of the compliance function. This is a huge challenge for a company the size of GM. But I think this is probably faced by most companies. How do you create a risk-based compliance training program that addresses ALL of a company’s legal and regulatory risks, including the risks that are “owned” outside of the established compliance function? One possible approach is to establish a corporate compliance training governance committee that looks at the company’s overall risk profile and builds a cross-functional and comprehensive multi-year training plan that effectively addresses all of the risks in a company’s risk portfolio. This is what GM has tried to do.
Categories

Working with Training Vendors

In this episode of Excellence in Training, Shawn Rogers provides some of this thoughts on working with training vendors. Shawn adds this disclaimer-As a company, GM uses many training vendors. Our compliance function primarily uses two vendors. He has worked with other good vendors that currently do not work with GM. He is not promoting any specific vendors, nor is he disparaging any specific vendors in this podcast. And, of course, these opinions are Shawn’s alone and opinions that  developed over almost 15 years. He is not speaking on behalf of GM in any way.
Categories

Establishing Your Program Design Objectives

At GM, we came up with ten design objectives that we felt were important for our training program:

1. Aligned to GM’s top compliance risks. In various guidance documents, you see the term “risk-based.” It’s critical that you design your program to directly address the risks your company faces. We’ll talk more about having a risk-based training program in future podcasts.

2.Professionally designed. Face it, compliance training is not pleasant. But it can be even worse if its quality is substandard. Unfortunately, in my career, I’ve had to take some pretty ugly courses. I’m sure many of us can relate. We’ve seen courses that are nothing more than a PowerPoint presentation with some stock images. If we’re lucky, we might have some narration. We wanted more than that with our online courses. We wanted our courses to be visually appealing. We wanted them to be very organized. We wanted them to be professionally narrated. We wanted them to be interactive.
3. Applicable to adult learners. There is a lot of debate about “adult learning theory” and strategies that appeal to various demographics. We wanted the courses to speak intelligently to a sophisticated and experience professional audience. Companies have different cultures, different styles, and different tastes. At GM, we wanted to be formal, but conversational. We wanted to be serious, but not stuffy. We didn’t want our learners to feel like we were talking down to them or treating them like children.

4. Standardized. There are some things that really irritate learners. One of those is a lack of standards between course offerings. Learners don’t want to have to learn how to use different navigation techniques in different courses. This is as simple as standardizing on look-and-feel, location of forward and back buttons, location of resources, types of test questions. One of the advantages of using a training vendor is that it promotes standardization between courses. This is a quick win. If all your courses have a standard look-and-feel, similar learning exercises, and similar kinds of knowledge checks, they spend the time learning rather than trying to figure out how to move through the course. We also wanted to come up with a set of standard languages, and we wanted the courses to reflect GM’s branding guidelines.

5. Strategically Planned. A company the size of GM has many risks that could be covered in a compliance training program. In our online training portfolio we have dozens of topics that we need to cover. But you just can’t require dozens of courses each year. There is such thing as training overload. So we decided to map out or risk coverage strategically over a three-year timeframe. Some stakeholders feel like their specific risk is so important that it has to be required every year. We had to get past that and reassume them that they weren’t going to be ignored, but that they needed to accept the fact that their specific topic would be fairly represented in the program over time.
6. Engaging. By engaging, I mean that we wanted the courses to hold the audience’s attention. We want them to be interesting. We want the courses to be relevant to the audience’s situations. We want them to make the learner think.
7. Frequently updated. One of my personal pet peeves, both as a training professional and as a learner, is being required to take the EXACT same course over and over again. I agree that some topics are so important that they have to be repeated. However, that doesn’t mean you can’t keep the courses fresh with different scenarios, different approaches to the risks, different videos, different learning checks. This became one of my cardinal rules. If you are going to repeat a topic in the training program, you’re going to refresh the course. I personally think it’s insulting when I’m asked to take a course twice. To me, nothing screams “check the box” program than requiring the identical course year over year.
8. Non Legalistic. How many times have you been in a training session where the instructor starts out by saying something like, “The five elements of the FCPA are…” The only people that kind of an approach appeals to are the lawyers in the room. I always say that I don’t care if my learners know how to spell FCPA. We aren’t trying to create mini-lawyers. (Do you really want your audience to be making legal decisions?) We are trying to help businesspeople understand how to perform their jobs ethically and within the bounds of company policies and the laws. We try to make sure that our courses speak the language of the business, not the language of the lawyers. (It’s a constant struggle.)
9. Optimized to Eliminate Redundancy. When you require multiple courses in the same year, there’s bound to be some redundancy. As important as a non-retaliation policy is, do you really need to cover it as a learning objective in every single course? Perhaps you can cover non-retaliation in your Code courses, and then just do a short pop-out reminder that we don’t retaliate in the other courses. Your overall goal is to cover the topics adequately while minimizing seat time to respect the employee’s time and company resources.
10. Flexibility
Finally, we wanted our program to be designed for flexibility. For example, it’s very possible that you will get an unexpected requirement to address a risk in year that you had not planned for that risk. A three-year plan can be designed to be flexible and adaptable to a changing risk environment.

Conclusion

Your company might value other things besides those I’ve talked about in this podcast. But if you think about your design objectives early in the planning phase, it will make your program implementation easier. It is also helpful to have these design objectives in hand before you start talking to the vendors who want your training business. You’ll be more likely to find a vendor that will meet your requirements if you go into the discussions with a vision of what you want them to provide.
Categories

Envision Your Compliance Training Program

In this episode of Excellence in Training, Shawn Rogers and I consider how you should envision your training.

Shawn begins his journey with the famous book, The Seven Habits of Highly Effective People, where Stephen R. Covey said, “All things are created twice. There’s a mental or first creation, and a physical or second creation to all things. Take the construction of a home, for example. You create it in every detail before you ever hammer the first nail into place. . . Then you reduce it to blueprint and develop construction plans. . . Begin with the end in mind. ”

This principle applies to creating a compliance training program. A common mistake is jumping right to the question if which courses you want and how to deploy them. However, there are several things you need to think about before you start building the program.

Here are the steps we followed at GM as we envisioned what our compliance training should look like:

  1. Decide on the program’s guiding principles
  2. Establish program design objectives
  3. Develop a style guide or set of course standards
  4. Determine the exact risks that will be addressed by the training program
  5. Set up a governance process to ensure stakeholder alignment, approve the program design, approve the budget, and monitor effectiveness.In Covey’s terms, these activities resulted in the blueprint — or the  “first creation” —  of our compliance training program. We did all of these before we selected our vendor and started building our training courses.