Every company’s compliance plan is going to vary depending on their size, industry, and risk exposure. At the very minimum, an efficient program should address the following key elements:
Tone at the top
Senior management ethics and attitude set the tone for the rest of the company. A clearly articulated stance against corruption ensures that employees understand the company’s position and base their actions on these emphasized company values.
Code of Conduct and Compliance Policies
The code of conduct is the groundwork for an efficient compliance program. Policies and procedures should detail internal controls, auditing processes, documentation policies, and disciplinary measures.
Oversight and Job Duty Segregation
Those in charge of oversight should be autonomous from management. Job duty segregation ensures appropriate oversight and that no one individual can have too much control over multiple departments.
Companies need to understand their specific risks and vulnerabilities and more importantly, prepare for them. Vulnerability checks that analyze internal controls, anti-fraud plans, compliance, and business operations are necessary to sustain a company of any size.
Training not only ensures that employees understand policies and procedures, it also adds a degree of accountability and culpability.
Clear disciplinary action outlines consequences for adverse behavior and promotes adherence to compliance policies.
Third-Party Due Diligence and Payments
Third-party interactions expose companies to increased risk and vulnerabilities to include lawsuits, financial loss, and corruption. This is why due diligence checks and secure contracts are imperative when conducting business with external vendors (to include new partnerships).
Reporting mechanisms should be in place that promote confidentiality and the “if you see something, say something” message without fear of retaliation.
Testing and Review
A good compliance program should constantly reviewed, tested, and amended. As operations, business models, size, and regulations change, so should the compliance plan.
If you'd like to learn more or want ASI to help create your compliance plan, contact us today for a consultation.