How To Set Compliance Plan Objectives That Bring Results

In a constantly shifting regulatory environment, being able to conduct risk assessments is not enough. Organisations must also gear up to protect themselves against future risk and that means creating compliance plan objectives. Your compliance strategy must be as flexible and agile as the ethical landscape in order to avoid reputational damage and the potential of large financial penalties.

However, research has found that 69% of executives are not confident that their current risk management policies and practices will be enough to meet future needs. This concerning statistic suggests that, unless they activate a compliance plan with future-facing objectives, they could find themselves in regulatory trouble. We hope chief compliance officers and compliance teams looking to shore up their organisations and instigate robust compliance policies will find this article helpful when preparing their compliance plans.

1. What is a Compliance Plan?

A compliance plan, or corporate compliance program, is a set of policies and procedures for managing risk as well as standards of conduct and internal controls. It prioritises best practices and commitment to business ethics. But it should also include provisions for regular review and auditing of your compliance procedures.

A company’s compliance plan takes into account the regulatory requirements it needs to address currently and in the future, as well as the steps the company is taking to meet those legal obligations.

Your plan can lay out the steps needed to ensure your compliance initiatives are successful and helps track your progress towards your goals.

2. The Importance of Having a Compliance Plan

There are multiple reasons why a compliance plan is important for your business. These include:

Understanding what your obligations are and how employees can report breaches as well as detect, and even avoid, non-compliant behaviour in the workplace. This helps improve staff morale, cut down on employee churn as well as protect the brand and shield the organisation from fines.
Reviewing your current compliance function performance against your goals allows you to adjust your strategy accordingly. You can better understand where you are on track and where your policies are lagging behind.
As a result of understanding your progress towards your compliance goals, you can target your compliance training more effectively. You know which departments and areas of corporate compliance need the most support.
Implementing frequent regulatory compliance checks as part of your plan, which ensures that you learn about new legislation in good time to make the necessary adjustments to your compliance strategy and undertake the required training. For example, although the EU Whistleblowing Directive came into force in December 2021, companies had many months to launch the internal reporting systems required. The earlier you know about forthcoming changes to the law, the better prepared you are for them.

3. How To Set SMART Compliance Plan Objectives

Using SMART goals, you can break down your compliance plan objectives and analyse them to ensure they are worth working towards and that you stand a chance of succeeding with them. SMART stands for Specific, Measurable, Achievable, Relevant and Timebound.

Taking the example from above, if the objective of the chief compliance officer was to implement and run a whistleblowing reporting channel ahead of the deadline for the EU Whistleblowing Directive, your SMART goals might look like this.

	Feature of the objective	What it means for a compliance plan
S	Specific	This is the who, what, where, when and why. In our example: Who refers to the employees, contractors, interns, directors and everyone else included in the scope of the directive What means choosing a channel for anonymous reporting and training staff to use it Where refers to the place where people perform work for your business When is on a specific date before the deadline passed Why is because it is a legal requirement and in order to help whistleblowers feel confident in making reports.
M	Measurable	By launching the channel and completing the relevant training, you can measure whether you have been successful.
A	Achievable	It is certainly possible to implement a reporting channel and train staff. There are no real barriers other than time.
R	Relevant	It is relevant because it is a regulatory requirement. In addition, an open corporate culture that welcomes reports of wrongdoing, rather than trying to shut them down, is more likely to retain its best talent.
T	Timebound	There are hard deadlines set by the European Union in the directive, making this a timebound objective.

4. Compliance Objective Examples

Compliance objectives can relate to major legislative changes, as in the example above. But they can also refer to operational adjustments within your compliance function. Here are some examples of compliance initiatives that chief compliance officers might include in their plan as well as details on how to measure the progress of the related objective:

Objective	How to achieve the objective?	How to measure?
To speed up the process of creating an insider list when information becomes classified as inside information	Use insider list management software like InsiderLog to populate insider lists and to send reminders to insiders who do not respond	Use the data collected on when insider lists were created and populated before using InsiderLog and compare with the data collected in the tool afterwards to track the progress
Ensure employees have access to all policies and procedures relating to compliance	Designate a team member to be in charge of updating the company intranet and populating it with all relevant policies	Maintain a checklist of all relevant compliance procedures and compare with the information on the intranet
Reduce penalties and warnings for compliance breaches	Implement training sessions for staff in relevant departments on necessary topics	Compare data year-on-year
All new staff in high-risk positions must undertake specific compliance training within four weeks of joining	Work with HR to identify qualifying employees and automatically invite them to training as part of the onboarding process	Audit training attendance records to ensure they match with your employee records
Automate employee trade pre-clearance	Use emplyee trade monitoring software, like TradeLog, to set parameters for what are and are not acceptable employee personal trades and to accept or reject requests based on those parameters	Audit employee trades on a regular basis to make sure the pre-clearance system is working and keep the business compliant

5. Reasons Why Compliance Plans Fail and How to Avoid Them

5.1 Failure to recognise varying regulatory risks

When companies expand and diversify, or rules change, they can sometimes overlook the risks and regulatory requirements in different territories or sectors. An example of this might be for UK-based companies that carried out business in the EU and now have to consider legislation from both territories since Brexit. Although the UK transposed much of the existing EU law into its national law, there are notable differences. One of these differences is that the UK chose not to implement the EU Whistleblowing Directive.

For these reasons, compliance department staff must be alert and forward-thinking, remaining up to speed with the company’s strategy and plans. By understanding the direction of travel of the business as a whole, they can work ahead and mitigate future risks.

5.2 Limited buy-in from senior leadership

In order to foster an ethical culture in the business, leadership has to be seen to embrace it. If leaders do not buy in to compliance measures, staff will see no reasons to do so either. The tone has to be set by senior management and the board of directors, and then passed down to middle management who should feed it down to everyone else. Unity of purpose is key to a successful compliance plan and for a culture of compliance.

The best way to get management and other company leaders to support your compliance efforts is to show them the business benefits of backing them. The reduction in unnecessary penalties, the improvement in staff morale, the efficiency savings of using automation tools to carry out tasks like creating insider lists are all persuasive arguments for promoting compliance.

5.3 Insufficient training

Compliance activities are not just theoretical exercises, they have to be carried out by your staff and that means they need training. If they do not receive the right coaching to understand why and how to put your plan into practice, they will not be able to do it with any success. So, keep staff up to date with your compliance work plan and code of conduct. Inform them of the benefits of compliance and the disciplinary actions for failing to adhere to the plan.

Make sure compliance training is held regularly and covers the relevant topics that each employee needs to know about. This also helps them understand how seriously the company takes compliance. It could even encourage them to speak out if they spot something that appears to challenge the ethical culture of the organisation.

6. How do you monitor the effectiveness of your compliance plan?

Collecting data at every stage of your compliance plan helps you to understand the differences that you make and to track your progress. Based on your business compliance objectives, you can develop key performance indicators (KPIs) to help you monitor those aspects of your plan that you are most keen to measure.

Distribute employee surveys to understand how much they understand about your compliance plan and how well equipped they are to deliver it too. You can also run an internal audit to make sure you are reaching your goals. If not, you can quickly take corrective actions.

7. Conclusion

Your compliance plan objectives will differ from another company’s, but your plan should be relevant and achievable, as well as making progress towards a more compliant workplace and improved ethical culture. It requires buy-in from company leaders and should be an ever-developing entity that takes into account the shifting regulatory landscape. It helps avoid violations of laws and encourages ethical behaviour.

One way to improve your compliance processes is to use the tools from ComplyLog that automate insider lists, employee trade requests and whistleblowing reports.