Tag: Role of HR in compliance

Categories
Blog

Operationalizing Compliance With 10 Questions for HR

Operationalizing compliance is the crucial step in creating an effective compliance program within an organization. It involves cascading compliance goals to all levels of the organization and fostering a culture of compliance. This process requires clarity and comparability of goals, focusing on high-risk areas first, and gradually expanding initiatives. Ethical business conduct should be a top priority, with HR playing a key role in attracting and developing talent. Continuous improvement and performance tracking are also crucial for identifying gaps and developing key compliance indicators.

Root cause analysis is a key process in identifying the reasons behind compliance failures and implementing effective solutions. It involves understanding what allowed the compliance issue to arise, rather than simply assigning blame, and addressing the core issues to prevent future compliance failures. It goes beyond assigning blame and focuses on finding solutions to prevent future failures. Understanding the root cause allows organizations to address the core issues and implement effective measures to ensure compliance.

To operationalize compliance effectively, organizations need to consider several key factors. One of the first factors is the interconnectedness of targets. Compliance goals should be cascaded down to individual workers, ensuring that everyone understands their role in achieving compliance objectives. While tone at the top is important, it is equally crucial to establish an appropriate tone in the middle and at the bottom of the organization.

Clarity and comparability of goals is another important factor. Compliance targets should be clearly communicated and understood by all employees. Complex goals can lead to confusion and hinder the operationalization process. Focusing on high-risk areas first and gradually expanding initiatives can help manage risks effectively and ensure a systematic approach to compliance.

The role of HR in operationalizing compliance cannot be overstated. HR should take the lead in showing that attracting and developing talent who will engage in ethical business conduct is a top priority. By creating the appropriate mindset of doing business the right way throughout the organization, HR can contribute to the successful operationalization of compliance.

Continuous improvement and performance tracking are essential for identifying gaps in the compliance program. Monitoring compliance programs in real-time and reacting quickly to remediate them is crucial. Auditing and monitoring should work in tandem to uncover and evaluate risks. Key compliance indicators, such as hotline or helpline reports, can provide valuable insights into the effectiveness of the compliance program.

While operationalizing compliance is essential, organizations must also consider the impact on employees. Talent acquisition and retention is a critical business function. Retaining top employees who engage in ethical business conduct is crucial for the long-term success of the compliance program. By promoting and rewarding employees who adhere to the code of conduct, organizations can create a culture of compliance and operationalize it fully.

Balancing these factors can be challenging. Organizations must weigh the tradeoffs involved in cascading compliance goals, clarifying goals, and addressing high-risk areas. They must also consider the challenges associated with monitoring and auditing, as well as the importance of root cause analysis and employee retention.

What are the 10 questions you should ask to test, monitor and improve these issues?

  1. How are compliance goals cascaded down to individual workers?
  2. Does anyone complain that your compliance targets are too complex?
  3. How do you deal with repeated compliance failures in a specific business segment or compliance program area?
  4. How does your company show that attracting and developing talent who will engage in ethical business conduct is a top priority?
  5. How long is compliance underperforming tolerated?
  6. What makes it distinctive to work at your company?
  7. How do compliance programs that are not working typically get exposed and remediated?
  8. What key compliance indicators do you use for compliance tracking?
  9. For a given compliance problem, how do you identify the root cause?
  10. What are you doing to retain your top employees from the compliance perspective?

In conclusion, operationalizing compliance is a key component of an effective compliance program. By considering the interconnectedness of targets, clarity and comparability of goals, the role of HR, continuous improvement and performance tracking, root cause analysis, and employee retention, organizations can successfully operationalize compliance and prevent future compliance failures. It is crucial to strike a balance between these factors and consider the impact on employees when making decisions about operationalizing compliance and root cause analysis.

Categories
Blog

HR’s Key to Unveiling the True Ethical Fabric of Organizations

Compliance professionals understand the importance of fully operationalizing compliance and embedding it into the fabric of a business. How can your Human Resources (HR) function help to both create and maintain an ethical culture at your organization? It turns out in a variety of ways. Obviously significance of incentives in driving ethical behavior cannot be forsaken but there are other areas to consider such as the impact of cross-cultural differences on ethical behavior. HR can play a role in the importance of creating a speak-up culture where employees feel comfortable reporting ethical concerns without fear of retaliation.

In a world where ethics are paramount, HR professionals hold the key to creating an ethical culture within organizations. But what happens when change is pushed too quickly, compensation drives behavior, and cross-cultural differences come into play? Discover the challenges and secrets to success in this thrilling journey of HR’s quest for an ethical culture…

In the pursuit of understanding the vital role of HR in establishing an ethical culture, I stumbled upon an unexpected revelation that shook the very foundation of my beliefs. It was a twist that challenged my assumptions and left me with a burning question: Can change truly be achieved without sacrificing ethical values? As I ventured deeper into this journey, I uncovered unsettling truths about the underlying ethos of corporations and the detrimental impact of short-term targets. But what I discovered next was even more astonishing, a revelation that would forever alter my perspective on the role of HR in creating an ethical culture…

If you are feeling frustrated and overwhelmed because your efforts to create an ethical culture are being undermined by inconsistent enforcement and lack of accountability, then you are not alone! Despite implementing compliance programs and promoting ethical values, you may find that employees still engage in unethical behavior due to a lack of consequences or clear guidelines. This can lead to a sense of disillusionment and hinder the progress towards an ethical work environment.

HR significantly contributes to embedding ethical behavior within the organizational culture. By creating a conducive environment that promotes honesty and integrity, HR can foster a culture that this significantly resistant to unethical practices. It’s primarily up to HR to ensure that employees feel comfortable voicing concerns without fear of retaliation, helping to enhance the ethical culture within organizations.

The path to cultivating an ethical culture is often met with significant roadblocks such as too much rapid change, reward-driven behaviors, and cross-cultural conflicts. These elements can create an environment where unethical behavior thrives, impacting organizational growth and success. For a moral culture to strive, these challenges should be identified and effectively addressed, paving the way for a workplace that values ethical conduct.

Understanding the underlying organizational dynamics is crucial in establishing and maintaining an ethical culture. It’s not enough just to have a written code of conduct; the actual behaviors within the organization need to be assessed and aligned with these ethical guidelines. HR plays a crucial role in comprehending these dynamics, ensuring that metrics used to reward employees promote ethical conduct rather than encouraging unethical short-term success.

Have you ever heard these myths about the role of HR in creating an ethical culture? First myth: HR is solely responsible for ethical behavior. Second myth: Creating an ethical culture is too time-consuming and costly. Third myth: HR can’t effectively enforce ethical standards. But what if I told you that these myths are far from the truth? Some key points are:

  • How HR can be the key instigator in shaping an ethically driven business culture.
  • Recognizing the potential roadblocks that could obstruct the path to ethical behavior in organizations and how to overcome them.
  • Appreciate the crucial interplay between organizational dynamics and ethics.
  • Perceive the nuanced impact of incentives on ethics and how it can steer the moral compass in corporate environments.
  • Master the art of endorsing.

My journey into understanding the vital role of human resources in establishing an ethical culture within an organization started with a deep dive into the role of HR and how those roles could that shed light on a fundamental dilemma for compliance. This dilemma was not about right and wrong, but about navigating clashing interests, misaligned incentives, and conflicting cultures. I learned that pushing too much change from the top, too quickly and too frequently can warp a company’s ethical climate. This realization led me to critically analyze the compensation plans in various organizations. The stark reality that people do what they are rewarded to do underlyes ethos of many corporations. This means that short-term targets often overshadowed long-term success, leading to a detrimental impact on the ethical culture. As I delved deeper into the concept of ethical culture, I realized that the essence of this term is far more profound and complex than it seems on the surface. This is not just about formal corporate governance documents or written codes of conduct. It is about understanding and adopting your organization’s underlying culture. It is also about self-awareness, organizational awareness, and the courage to speak up. One problem is that too many leaders tended to seek advice from their like-minded peers rather than embracing diverse opinions. This convinced me about the importance of fostering a speak up culture, and most crucially, a culture devoid of retaliation. This exploration underscored the pivotal role of HR in championing ethical norms, thereby establishing a robust and effective compliance program.

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective HR in Compliance: Day 5 – Role of HR in Incentivizing Compliance

Welcome to the August edition of One Month to a More Effective Compliance Program. In the month of August, 2023 we will consider the role of Human Resources in a best practices compliance program.

In this episode, Tom Fox explores the role of HR in implementing effective compliance programs within companies. The episode focuses on the importance of incentivizing compliance and ethical behavior through both financial and non-financial incentives. The Department of Justice’s guidance emphasizes the need for positive incentives, such as personal evaluations, promotions, and rewards for ethics and compliance leadership. The podcast discusses various avenues for implementing incentives, including cash bonuses and non-compensation rewards like t-shirts or ethical awards. It emphasizes the role of HR in driving the right behavior through incentive structures and warns against solely promoting based on financial targets. Overall, the podcast highlights the significance of HR in creating a fully operationalized compliance program that fosters an ethical work environment.

 Three key takeaways:

  1. The DOJ 2023 ECCP specifically calls out incentives for doing business ethically and in compliance.
  2. HR can lead the efforts around incentives.
  3. Incentives go beyond financial rewards.

For more information, check out The Compliance Handbook, 4th edition, available on LexisNexis.com.

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective HR in Compliance: Day 4 – The Reference Check

Hiring the right people for your team is critical to the success of any organization. Unfortunately, it can also be a costly endeavor if the wrong hire is made. According to a survey of 2500 companies, one bad hire can cost an organization more than $25,000 in lost productivity, low morale, and other associated costs. In some cases, the cost can be even higher, with one energy service company estimating the cost of a bad hire at $400,000.

With these staggering costs in mind, it’s clear that companies need to invest in the hiring process to ensure they get the right people. Reference checks are an important part of this process, yet they are often overlooked. This was discussed in a recent episode of One Month More Effective Compliance Program. The episode featured Kevin Ryan, who believes that reference checks are an underutilized part of the hiring process and a key internal control for human resources.

Reference checks are the only way to learn things about prospective employees that can’t be found on a resume. Unfortunately, companies often can’t or won’t give out much more information than confirming dates of employment. To get a more robust appraisal, one should dig up people who will speak candidly about the candidate. Search firms are particularly good at this, and companies should emulate this practice. Asking direct questions to acquaintances can provide direct responses 75% of the time.

The Department of Justice has recognized hiring as a best practice for compliance programs since 2004. According to Kevin Ryan, companies should take the time to get to know the candidate and ask questions that will reveal their values, beliefs, and motivations, as well as their ability to work with others, take direction, and think critically. He recommends that companies take three steps in the hiring process: resume review, in person interview, and reference checks. While the resume is good for establishing the basic qualifications for the job, it doesn’t provide much else.

The hiring process is the first step in operationalizing a compliance program. Reference checks are an important part of this process, as they can help to ensure that the candidate is a good fit for the company. Investing in the hiring process is essential to ensure that the right people are brought on board and to avoid costly mistakes. The Department of Justice has recognized hiring as a best practice for compliance programs since 2004, and reference checks are an underutilized part of the hiring process and a key internal control for human resources.

Three key takeaways:

  1. The hiring process is the first step in operationalizing your compliance program.
  2. The DOJ spoke to hiring as part of a best practices compliance program as far back as 2004.
  3. Reference checks are an underutilized part of the hiring process and a key internal HR control.

For more information, check out The Compliance Handbook, 4th edition, available on LexisNexis.com.

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective HR in Compliance: Day 3 – The Hiring Process

When it comes to hiring, it’s important to consider compliance, especially when it comes to family members of foreign government officials or employees of state-owned enterprises. In this podcast episode, Tom Fox discussed the importance of using the skill, will and fit approach to interviewing to try to weed out those persons who might not fit with the organization on an ethical and cultural basis.

The skill, will and fit approach to interviewing involves asking open-ended questions to determine whether the employee takes ownership of their work and has the hunger and creativity to succeed. For example, questions like “What’s the biggest impact you had at your past organization?” and “What do you want to do in five years?” can help to assess whether an employee might have a propensity to engage in bribery and corruption.

Tom also discussed the importance of having a frank discussion with prospective hires about what is expected of them in terms of engaging with the community. He used the example of the Houston Dash, a professional women’s soccer team, who are active in the local community and encourage their players to adopt local charities and become involved. This puts the importance of interacting with the public into their interview process.

There are three questions to analyze the hiring of a family member of a foreign government official or employee of a state-owned enterprise:

1. Does the candidate meet your hiring requirements?

2. Does the foreign official whose family member you are considering for hire demand or suggest that the company hire this prospective candidate?

3. Has the foreign official made or will make a decision which will benefit your company?

He also emphasized the importance of documenting any decisions made in order to avoid violating the Foreign Corrupt Practices Act (FCPA). Additionally, he encouraged organizations to operationalize their compliance programs and to have a second set of eyes in the hiring process to provide another level of oversight.

When it comes to hiring, HR has a dual role with both a traditional hiring and a compliance function. Introducing the topic of compliance at the pre-employment stage may encourage potential employees with a propensity to engage in bribery and corruption to take their skills elsewhere. By using the skill, will and fit approach to interviewing, organizations can assess whether an employee might have a propensity to engage in bribery and corruption, and operationalize their compliance programs to ensure that all hiring decisions are documented and have a second set of eyes for oversight.

Three key takeaways:

  1. Use the interview process to determine who will be an ethical and compliance fit for your organization.
  2. Consider the skill, will and fit approach.
  3. Ask open-ended questions.

For more information, check out The Compliance Handbook, 4th edition, available on LexisNexis.com.

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective HR in Compliance: Day 2 – The Role of HR in Creating an Ethical Culture

Welcome to the August edition of One Month to a More Effective Compliance Program. In the month of August, 2023 we will consider the role of Human Resources in a best practices compliance program.

Creating an ethical culture in the workplace is essential for any business. Not only does it ensure that employees are making the right decisions, but it also helps to protect the company from potential legal and financial repercussions. But how do you create an ethical environment?

HR can play a key role in this process. They can provide employees with the tools and resources they need to make ethical decisions, such as a personal network for informal guidance and the opportunity to consult with advisory functions. Additionally, HR should support employees who want to do the right thing and ensure that those who speak up are not discriminated against or held back from promotion.

Written protocols are also important for the detection and prevention of unethical behavior. Companies should consider if their compensation system is based on performance or something else, and ensure that incentives are not driving behaviors that are counter to long-term success. Bonus payments and executive share schemes should not be based on short-term business metrics, and cross-cultural differences should be taken into account.

Leadership also plays an important role in creating an ethical culture. Senior leadership should set the tone from the top and reward ethical behavior, while also seeking out diverse opinions and breaking down silos in the corporate organization. Additionally, a speak-up culture should be encouraged to ensure that unethical behavior is not tolerated.

Finally, employees need to understand the organization’s underlying culture in order to make ethical decisions. Companies should ensure that employees have the tools and resources they need to make informed decisions, and that they are not pushed too much change from the top, too quickly and too frequently.

Creating an ethical culture in the workplace is essential for any business. By utilizing HR, written protocols, and leadership, companies can ensure that employees have the tools and resources they need to make ethical decisions. This will help to protect the company from potential legal and financial repercussions, while also creating an environment where employees feel supported and empowered to do the right thing.

Three key takeaways:

  1. Beware of the three obstacles to creating an ethical culture.
  2. What really matters in your company?
  3. A speak up culture will improve the operational performance of your business.

For more information, check out The Compliance Handbook, 4th edition, here.

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective HR in Compliance: Day 1 – The Role of HR in Compliance

When it comes to operationalizing a successful compliance program, HR is an essential part of the equation. HR has many touch points with employees, from interviews to onboarding, and can be used to connect the dots in many divergent elements of a compliance and ethics program. HR can take the lead in operationalizing compliance at each of these touch points, such as pre-employment screening and interviewing, onboarding training, annual assessments and reviews, and promotions to exit strategies.

The Compliance Podcast Network’s One Month to a More Effective Compliance Program provides four steps to ensure an effective compliance program. These steps include establishing a consistent application of disciplinary actions and incentives across the organization, utilizing an incentive system to incentivize compliance and ethical behavior, and providing examples of actions taken, such as promotions and awards denied as a result of compliance and ethical considerations. Additionally, it is important to determine who determines the compensation, including bonuses, as well as discipline and promotion of compliance personnel.

HR can help operationalize a compliance program by getting the message out through their distribution channel. They can also utilize their expertise and talent to more fully communicate compliance concepts. This could include ongoing communications with prospective, newly hired, and seasoned employees about the need for ethical dealings and compliance with company values. It is also important to have a shared commitment requirement found in the commitment of senior management as well as the requirements around incentives and discipline.

The 2023 guidance from the Department of Justice Evaluation of Corporate Compliance Programs listed several HR touch points as best practices for a successful compliance program. These include senior leaders and middle management stakeholders, such as business and operational managers, finance, procurement, legal, and human resources, demonstrating their commitment to compliance and remediation efforts. HR can be one of the linchpins in spreading a company’s commitment to doing business ethically and in compliance throughout the employee base.

Incentive and discipline processes should involve participants in making disciplinary decisions for the type of misconduct at issue. Reasons for discipline should be communicated to employees. Compliance should be operationalized into the very fabric of a business. Have a cup of coffee with the head of corporate HR to find out what they do, how they do it, and what they do on a daily basis. This will help you to better understand how HR can help operationalize your compliance program.

By following the four steps outlined in the Compliance Podcast Network’s One Month to a More Effective Compliance Program, you can ensure your compliance program is successful and that your employees are aware of their responsibilities. HR can be a powerful tool in operationalizing your compliance program, and by utilizing their expertise and talent, you can more effectively communicate compliance concepts and spread the company’s commitment to doing business ethically and in compliance throughout the employee base.

Three key takeaways:

  1. What are the HR-employee touchpoints at your company?
  2. HR professionals can bring new, dynamic and innovative techniques to compliance
  3. Go down and have a cup of coffee with the head of your corporate HR department. Find out what they do and how they do it.

For more information, check out The Compliance Handbook, 4th edition, here.

Categories
Blog

Great Structures Week III – The Roman Arch and Resourcing Your Compliance Program

I continue my Great Structures Week with focus on structural engineering innovations from ancient Rome. I am drawing these posts from The Teaching Company course, “Understanding the World’s Greatest Structures: Science and Innovation from Antiquity to Modernity”, taught by Professor Stephen Ressler who said “When I think of Rome, the first image that comes to mind is an arch.” It is present in aqueducts, in the triumphal arches that adorn the city of Rome, in the city gates and even in the Coliseum.

The arch was a major engineering advancement because the prior method for traversing horizontal distance was the beam, which was limited in its use. Ressler notes “because the arch carries its load entirely in compression, its span isn’t limited by the tensile strength of the material, the size of its stones, and it can span greater distances which might be conceived of with stone beams”. The arch itself has two essential characteristics. First it carries an entire load in compression, that is it counter-balances against itself, which allows for construction using the most basic building materials known in the ancient world: stone, brick and concrete.

Yet the second characteristic of the arch is equally significant. An arch requires “both vertical and horizontal reactions to carry a load. The downward load of the arch is balanced by an upward reaction from the base”. Both the Arch of Titus and Pont du Gard aqueduct are still standing and can be seen today as magnificent examples of this Roman innovation.

I wanted to use the dual load system whereby an arch supports not only great weight but also esthetic engineering designs to discuss how a Chief Compliance Officer (CCO) or compliance practitioner might develop resources to implement a best practice anti-corruption compliance program under the Foreign Corrupt Practices Act (FCPA), UK Bribery Act or other anti-bribery law. Funding of a compliance program is always one of the biggest challenges. Short of being in the middle of a worldwide FCPA, UK Bribery Act or other anti-corruption investigation, you are never going to receive all the funding you want or even think that you are going to need.

However, this corporate reality is not going to save you if the government comes knocking. The FCPA Resource Guide 2nd edition, provides the following, “Moreover, the amount of resources devoted to compliance will depend on the company’s size, complexity, industry, geographical reach, and risks associated with the business. In assessing whether a company has reasonable internal controls, DOJ and SEC typically consider whether the company devoted adequate staffing and resources to the compliance program given the size, structure, and risk profile of the business.”

Stephen Martin, CCO at  Skillsoft, often says that an inquiry a prosecutor might make is along the lines of the following. First what the company’s annual compliance budget was for the past year. If the answer started with something like, “We did all we could with what we had ($100K, $200K, name the figure), the next inquiry would be, “How much was the corporate budget for Post-It Notes last year?” The answer was always in the 7-figure range. Then the KO punch question would be, “Which is more business critical for your company; complying with the FCPA or Post-It Notes?” Unfortunately, most companies spent far more on Post-It Notes than they were willing to invest into their compliance program.

However this corporate reality will allow you to look to other areas to assist the compliance function. An obvious starting place is Human Resources (HR). There are several areas in which HR can bring expertise and, in my experience, enthusiasm to the compliance function. Some of the reasons include the fact that HR is physically located at or touches every site in the company, globally. HR is generally seen as more approachable than many other departments in a company, unfortunately including compliance. A person’s first touch point with a company is often HR in the interview process. If not in the interview process, it is certainly true after a hire is made. Use this approachability.

HR has several key areas of expertise, such as in discrimination and harassment. But beyond this expertise, HR also has direct accountability for these areas. It does not take a very long or large step to expand this expertise into assistance for compliance. HR often is on the front line for hotline intake and responses. These initial responses may include triage of the compliant and investigations. With some additional training, you can create a supplemental investigation team for the compliance department.

Clearly HR puts on training. By ‘training the trainers’ on compliance you may well create an additional training force for your compliance department. HR can also give compliance advice on the style and tone of training. This is where the things that might work and even be legally mandated in Texas may not work in other areas of the globe; advice can be of great assistance. But more than just putting on the training, HR often maintains employee records of training certifications, certifications to your company’s Code of Conduct and compliance requirements. This can be the document repository for the Document, Document, and Document portion of your compliance program.

Internal Audit is another function that you may want to look at for assistance. Obviously, Internal Audit should have access to your company’s accounting systems. This can enable them to pull data for ongoing monitoring. This may allow you to move towards continuous controls monitoring, on an internal basis. Similarly, one of the areas of core competency of Internal Audit should also be internal controls. You can have Internal Audit assist in a gap analysis to understand what internal controls your company might be missing.

Just as this corporate function’s name implies, Internal Audit routinely performs internal audits of a company. You can use this routine job duty to assist compliance. There will be an existing audit schedule and you can provide some standard compliance issues to be on each audit. Further, compliance risks can also be evaluated in this process. Similar to the audit function are investigations. With some additional training, Internal Audit should be able to assist the compliance function to carry out or participate in internal compliance investigations. Lastly, Internal Audit should be able to assist the compliance function to improve controls following investigations.

A corporate IT department has several functions that can assist compliance. First and foremost, IT controls IT equipment and access to data. This can help you to facilitate investigations by giving you (1) access to email and (2) access to databases within the company. Similar to the above functions, IT will be a policy owner as the subject matter expert (SME) so you can turn to them for any of your compliance program requirements, which may need a policy that touches on these areas. The final consideration for IT assistance is in the area of internal corporate communication. IT enables communications within a company. You can use IT to aid in your internal company intranet, online training, newsletters or the often mentioned ‘compliance reminders’ discussed in the Morgan Stanley Declination.

Finally, do not forget your business teams. You can embed a compliance champion in all divisions and functions around the company. You can take this a step further by placing a Facility Compliance Officer at every site or location where you might have a large facility or corporate presence. Such local assets can provide feedback for new policies to let you know if they do not they make sense. In some new environments, a policy may not work. If your company uses SAP and you make an acquisition of an entity which does not use this ERP system, your internal policy may need to be modified or amended. A business unit asset can also help to provide a push for training and communications to others similarly situated. One thing that local compliance champions can assist with is helping to set up and coordinate personnel for interviews of employees. This is an often over-looked function but it facilitates local coordination, which is always easier than from the corporate office.

All of these other corporate functions can greatly assist you in the actual doing of compliance. Moreover, in a resource-constrained environment, these other corporate disciplines can be used to strengthen your compliance program, in a manner similar to vertical and transverse integration of structural integrity presented in an arch. Finally, just as the arch utilized some of the most basic construction elements in existence, by using the other corporate disciplines, engaging in precisely their corporate functions, you can create a strong foundation in your compliance program going forward.

Join us tomorrow where we look at the intersection of Gothic Cathedrals and compliance incentives.