One of the key changes coming out of the Covid-19 pandemic is the need for dynamism on corporate policies. This message was driven home in a MIT Sloan Management Review article,“Turbulent Times Demand Dynamic Rules”. The authors believe, “Circumstances can change rapidly in an uncertain world — organizational rules should be designed to change along with them.”
This concept is most appropriate in the compliance arena in the area of risk management. As your risks change, your management of those risks should adapt to the new reality. This is why the DOJ intoned in the 2023 Evaluation of Corporate Compliance Programs (ECCP) that you should assess your risks as they change, modify your risk protocols, monitor your risk management strategy and then update your compliance programs through continuous monitoring.
This dynamic policy process can build dynamic rules to enhance your company’s ability to anticipate and cope with risk changes. When the corporate compliance function embraces experimentation and learning in the creation and reformulation of policies, it builds flexibility into the organization’s structure, processes, and practices. This type of flexibility is essential as we have moved from disaster recovery to business resiliency to business as usual, especially in the field of risk management.
Three key takeaways:
1. After Covid-19, your policies must be as dynamic as your business.
2. There are three general areas to improve the dynamic features of policy creation and improvement; transparency, experimentation and innovation.
3. Garner feedback from your users on the effectiveness of your compliance policies.
For more information, check out The Compliance Handbook, 4th edition, here.