We’re nearing the end of this year and compliance officers are deep into strategic planning for next year—which means we should talk about how to update your compliance training for 2020. It’s an issue critical for compliance officers to get right, yet also one where people can lose sight of what matters most.
Why is Compliance Training so Important?
To begin, let’s review the importance of having an effective compliance training program and updating it regularly. For example, we could review significant enforcement actions or regulatory changes that have happened over the past year, and dissect how those events might affect your compliance training priorities in 2020. In fact, companies should undertake that exercise, because numerous events happened this year that your compliance program ignores at its peril. We’ll get to those events momentarily.
Listing the hot new compliance issues of 2020 is only half the battle and the lesser half at that. Compliance officers also need to understand how those issues affect your company, including the possibility that they don’t affect your company at all.
A smart, successful update to compliance training takes the issues of the day and connects them to business operations—including changes in business operations that also change who needs training on what issues. Only then can you adjust your training program to keep it current.
Let’s explore both halves the equation to see what works.
What Should be Included in Compliance Training?
Several compliance issues have only become more prevalent in 2019, and show no signs of receding in 2020. In no particular order here are some compliance training issues you should be considering as you plan for the year ahead.
Earlier this year the Office of Foreign Assets Control published extensive guidance on what constitutes an effective sanctions compliance program. A key theme in the document, and in several enforcement actions, was the importance of funneling sanctions questions through a central group that had the expertise to answer those questions wisely. So employees will need a better understanding of what a sanctions issue is, and the proper way to handle it.
The California Consumer Privacy Act goes into effect on Jan. 1, 2020, with extensive new compliance burdens imposed on companies doing business in California (which include most if not all large companies). In some ways the CCPA is similar to Europe’s General Data Protection Regulation; in other ways, it’s different—so compliance training here is not a matter of dusting off your GDPR training from 2018. It’s a whole new challenge.
The #MeToo movement transformed anti-harassment training into a major concern in 2018, and the issue has lost none of its urgency since then. More and more often, however, we see companies embrace a policy that encourages anyone to report harassment, even if they only witness such behavior rather than experience it themselves. So there’s a need to train employees on what harassment looks like, and how to report it when they see it.
4. Whistleblower Protection
Whistleblower protection has been a staple of corporate compliance training in the United States for years; now the issue is going global. The European Union will have strong new whistleblower protections going into effect by 2021. Other nations are adopting similar laws around the world. Even in jurisdictions with weak anti-retaliation standards, thanks to social media, whistleblowers have an easier time pressing accusations of retaliation in the court of public opinion. Businesses need to do better at reducing that risk.
Those are only four examples of pressing issues in compliance that may need more attention from your training program in 2020. We didn’t even touch on cybersecurity, antitrust, or ethical sourcing but those are subjects that shouldn’t be ignored, either.
Putting Compliance Training Issues Into Context
For all our talk about new issues in compliance, the much more likely scenario is that in 2020 your organization will confront mostly the same issues that it did in 2019. The real challenge will be understanding how your company’s own operations have changed—and therefore, how your compliance training priorities should change too.
For example, anti-bribery is not a new issue in compliance training. But your company’s internal operations can change in all sorts of ways that could necessitate new training attention to that old issue. The company might have adopted a new sales model that relies more on employees at headquarters working with local agents overseas. It could have launched an internship program, and slots in that program might be a tempting bribe to offer a sales prospect with a child in college.
What is your company doing that’s new? What compliance risks accompany those new things? And which people need new training to manage those compliance implications?
Compliance officers need to answer those questions as you plan your compliance training updates for 2020. That’s how you connect the issues in business news and management journals to practical, effective adjustments that will improve your compliance posture in the year to come.
How to Optimize Your Compliance Training
So, where does a compliance officer look to find the new topics they should be training employees and third parties? Here are a few cohorts of people you will want to ensure you engage.
New hires always need compliance training, including in the basics of your company’s corporate workplace culture and ethical values. A large volume of new hires might also mean changes in how you deliver that compliance training.
Employees in New Roles
These employees might know the culture and ethical values, but they may not know the finer points of compliance for specific regulations or risks. Be especially vigilant for employees shifting into any gatekeeper role (working in accounts payable, for example) or employees moving into management for the first time.
New technologies can be great, but they often bring new challenges in access control or data security. As the compliance risk changes, policies and procedures to address the risk may change too—and those changes may require new training efforts, even on an old issue.
Expansion Into New Lines of Business
New products, new services, new geographic markets, new customer targets; any expansion of the business can introduce employees to corruption or sanctions risk for the first time. They will need a training plan on what their duties are and how to fulfill them.
That’s the path forward to an effective compliance training program: one part attention to issues unfolding outside the company; one part attention to shifting strategies and operations inside the company; and a heaping dose of good judgment about how to balance the two as you update your compliance program—for 2020 and all the years after that.