Disconnectedness compliance comes from the fact that there is not one system that connects the disparate strands of the compliance discipline. Connected compliance allows a CCO and all those people in the organization working with compliance to have one central place, a system of record for everything they do. This can be their whistleblowing hotline, case management, training of their employees, or training of their vendor’s policy. It is literally connecting them all so they are running from one central location, and these disparate systems can be monitored from one central location. A key way to think about it is “getting everything under one roof,” as one of the struggles many compliance officers have is that the information they need is literally siloed across different functions of the company. Information can be contained in the sales function, where there may be employee expense data, information on marketing expenses, or charitable donations in the sales organization, but it could be spread among other corporate functions as well.
All of this is what the DOJ has articulated as operationalizing compliance. It first garnered attention in the February 2017 release of the original Evaluation of Corporate Compliance Programs and has only increased with the 2023 ECCP. Since that time, compliance practitioners have steadily worked to move their compliance programs forward onto the front lines of their business units. Connected compliance is one way to do so, but it clearly requires a human element to not only interpret data but to impart the appropriate or required compliance solution. Operationalizing compliance means that you cannot have an annual or even quarterly update on what’s going on in the program. It must be operationalized in such a way that you are sharing information not only with the regional business units of floating up to the corporate compliance folks but also sharing information back and forth with the other business units, procurement, finance, and reacting in real-time.
Three key takeaways:
- Connected compliance moves you towards continuous monitoring.
- Compliance under one roof.
- Never forget the human element.
For more information, check out The Compliance Handbook, 4th edition, here.
