The second step on the way to achieving compliance management success is all about engaging with the people who are exposed to potential risks. After having defined key terms and positioned the role of the chief compliance officer (CCO), a CCO must collect information and conduct assessments outside the walls of his/her office also.
Get Out of the Office
The information that the CCO needs to effectively do his/her job is not all to be found at HQ or online. One best understands a higher risk operational scenario by spending time in that location with the company personnel involved and with other local stakeholders.
The relationships formed with company personnel through field visits “puts a face” on compliance and demystifies the role. Merely by offering a sympathetic ear and demonstrating HQ’s interest in a local colleague’s situation and challenges, the conversation that begins with “I wasn’t sure who to call” or “I didn’t feel comfortable using the company hotline” can result in a discussion containing significant information directly or indirectly involving compliance.
Peers met at conferences can be invaluable sources of ideas and trend data – often saving many hours of research or drafting time. Developing a network of informal sounding boards to contact from time to time on a data sharing or “let me bounce something off you” basis is especially helpful in complex situations or when trying to construct meaningful metrics.
One way to escape the office and to free up time that can be used for these higher value add activities is to use an automated compliance management system. Software as a service (SaaS) – based systems function as an automated ‘system of record’. The best of these offerings are integrated and have logical workflows that help manage key compliance tasks (e.g. risk assessments, supplier due diligence, policy-signing, e-learning content distribution) and that also have built in repositories for associated records.
Now that you have collected your data, turn to step three of the process; ‘prepare for foreseeable challenges’. This step will be dealt with in next week’s post.