Many companies struggle to identify what to be compliant with let alone staying compliant with existing laws and acts. Compliance does not need to be overly complex to start with.
Compiling a Regulatory universe and applying your mind to which acts are pertinent to your organisation is a major step in the right direction. The definition of the idiom, “Trying to run before you can walk”, is trying to do something requiring a high level of knowledge before you have learned the basics. Too many organisations attempt to address too many compliance areas and end up doing a bad job overall whereas a focussed approach will not only yield more positive results, but also act as a type of test environment for the future process.
Identifying the acts that apply to your organisation and applying a core/secondary/topical rating need not be a complicated and time consuming exercise. It is often a worthwhile spend to include an outside consultant in this initial phase especially someone experienced in facilitating workshops. The resulting rating matrix provides insight into those core acts that if contravened could result in suspension of license or possible closure of certain areas of your business, this is experienced in certain industries in their risk management processes.
Realistically select the handful of acts that are most important for your organisation and create CRMPs (Compliance Risk Management Plans) for each of them. Each organisation, even if in the same industry does not necessarily have the same response to each act and may not even select the same core acts to start with. The cartoonist, Charles Addams said, ‘’ Normal is an illusion. What is normal for the spider is chaos for the fly” and in the compliance arena there is definitely no such thing as normal.
How you decide to compile your CRMP for each act depends very much on the company’s strategic objectives plus how many resources you have available and how skilled they are. Do not attempt to address all areas at the same time – rather break up your plan into bite sized chunks and spread them across the year ahead. How you generate your CRMPs also determines how well you are able to monitor the adequacy and effectiveness. Starting the process simply means monitoring becomes more manageable leading to a clear picture of the current state of compliance – this makes the next step of expanding the compliance universe that much easier.
Throughout this whole process and on a continual basis the compliance process needs to be marketed within your company to get buy-in. An effective and novel approach is to invite your staff to submit their own stories about compliance successes and failures – the more your staff think about everyday compliance issues the higher the adoption rate of a formal compliance plan will be.
Risk managers today have no choice but to incorporate regulatory compliance knowledge and understanding into their operations. The threat of substantial fines and crippling business interruption can be a loaded gun waiting to trigger multiple risks and derail the achievement of strategic and operational objectives.
For a light hearted view of compliance take a look at this short video – https://www.youtube.com/watch?v=aeH1E-Zn-lg
The BarnOwl compliance module which is part of the complete BarnOwl compliance software package, enables an organisation to manage its regulatory universe by rating and monitoring compliance to the acts, regulations and provisions at every level of the organisation, where applicable. BarnOwl facilitates a quick-start to the ongoing management and monitoring of the compliance function by providing seamless integration with compliance legislation from third party content providers such as LexisNexis and EOH Legal giving you access to all the legislation (acts, regulations and provisions) as well as ongoing updates to the legislation.