Skip to content

How To Set Compliance Plan Objectives That Bring Results

In a constantly shifting regulatory environment, being able to conduct risk assessments is not enough. Organisations must also gear up to protect themselves against future risk and that means creating compliance plan objectives. Your compliance strategy must be as flexible and agile as the ethical landscape in order to avoid reputational damage and the potential of large financial penalties

However, research has found that 69% of executives are not confident that their current risk management policies and practices will be enough to meet future needs. This concerning statistic suggests that, unless they activate a compliance plan with future-facing objectives, they could find themselves in regulatory trouble. We hope chief compliance officers and compliance teams looking to shore up their organisations and instigate robust compliance policies will find this article helpful when preparing their compliance plans.  

 

1. What is a Compliance Plan?

A compliance plan, or corporate compliance program, is a set of policies and procedures for managing risk as well as standards of conduct and internal controls. It prioritises best practices and commitment to business ethics. But it should also include provisions for regular review and auditing of your compliance procedures.  

A company’s compliance plan takes into account the regulatory requirements it needs to address currently and in the future, as well as the steps the company is taking to meet those legal obligations. 

Your plan can lay out the steps needed to ensure your compliance initiatives are successful and helps track your progress towards your goals.  

 

2. The Importance of Having a Compliance Plan

There are multiple reasons why a compliance plan is important for your business. These include:  

  • Understanding what your obligations are and how employees can report breaches as well as detect, and even avoid, non-compliant behaviour in the workplace. This helps improve staff morale, cut down on employee churn as well as protect the brand and shield the organisation from fines. 
  • Reviewing your current compliance function performance against your goals allows you to adjust your strategy accordingly. You can better understand where you are on track and where your policies are lagging behind.
  • As a result of understanding your progress towards your compliance goals, you can target your compliance training more effectively. You know which departments and areas of corporate compliance need the most support. 
  • Implementing frequent regulatory compliance checks as part of your plan, which ensures that you learn about new legislation in good time to make the necessary adjustments to your compliance strategy and undertake the required training. For example, although the EU Whistleblowing Directive came into force in December 2021, companies had many months to launch the internal reporting systems required. The earlier you know about forthcoming changes to the law, the better prepared you are for them. 

3. How To Set SMART Compliance Plan Objectives

Using SMART goals, you can break down your compliance plan objectives and analyse them to ensure they are worth working towards and that you stand a chance of succeeding with them. SMART stands for Specific, Measurable, Achievable, Relevant and Timebound.  

Taking the example from above, if the objective of the chief compliance officer was to implement and run a whistleblowing reporting channel ahead of the deadline for the EU Whistleblowing Directive, your SMART goals might look like this. 

  Feature of the objective What it means for a compliance plan
S Specific This is the who, what, where, when and why. In our example:
  • Who refers to the employees, contractors,
    interns, directors and everyone else     included in the scope of the directive 
  • What means choosing a channel for
    anonymous reporting and training staff to use it
  • Where refers to the place where people
    perform work for your business
  • When is on a specific date before the
    deadline passed
  • Why is because it is a legal requirement and in order to help whistleblowers feel confident in making reports.
M Measurable By launching the channel and completing the
relevant training, you can measure whether you have been successful.
A Achievable It is certainly possible to implement a reporting channel and train staff. There are no real barriers other than time.
R Relevant It is relevant because it is a regulatory
requirement. In addition, an open corporate
culture that welcomes reports of wrongdoing,
rather than trying to shut them down, is more
likely to retain its best talent.
T Timebound There are hard deadlines set by the European
Union in the directive, making this a timebound objective.

4. Compliance Objective Examples

Compliance objectives can relate to major legislative changes, as in the example above. But they can also refer to operational adjustments within your compliance function. Here are some examples of compliance initiatives that chief compliance officers might include in their plan as well as details on how to measure the progress of the related objective:

Objective How to achieve the objective? How to measure?
To speed up the
process of creating an insider list when information
becomes classified as inside information		 Use insider list management software like InsiderLog to populate insider lists and to send
reminders to insiders who do not respond		 Use the data collected on when insider lists were created and populated
before using  InsiderLog and compare with the data collected in the tool afterwards to track the progress
Ensure employees have access to all policies and
procedures relating to compliance		 Designate a team member to be in charge of updating the company intranet and populating it with all relevant policies Maintain a checklist of all relevant compliance
procedures and compare with the information on the intranet
Reduce penalties and warnings for compliance breaches Implement training sessions for staff in relevant departments on necessary topics  Compare data year-on-year
All new staff in high-risk positions must undertake specific compliance training within four weeks of joining Work with HR to
identify qualifying
employees and
automatically invite them to training as part of the onboarding process		 Audit training attendance records to ensure they match with your employee records
Automate employee trade pre-clearance Use emplyee trade monitoring software, like TradeLog, to set parameters for what are and are not
acceptable employee personal trades and to accept or reject
requests based on those parameters		 Audit employee trades on a regular basis to make sure the pre-clearance system is working and keep the business compliant

 

5. Reasons Why Compliance Plans Fail and How to Avoid Them

5.1 Failure to recognise varying regulatory risks

When companies expand and diversify, or rules change, they can sometimes overlook the risks and regulatory requirements in different territories or sectors. An example of this might be for UK-based companies that carried out business in the EU and now have to consider legislation from both territories since Brexit. Although the UK transposed much of the existing EU law into its national law, there are notable differences. One of these differences is that the UK chose not to implement the EU Whistleblowing Directive.  

For these reasons, compliance department staff must be alert and forward-thinking, remaining up to speed with the company’s strategy and plans. By understanding the direction of travel of the business as a whole, they can work ahead and mitigate future risks. 

5.2 Limited buy-in from senior leadership

In order to foster an ethical culture in the business, leadership has to be seen to embrace it. If leaders do not buy in to compliance measures, staff will see no reasons to do so either. The tone has to be set by senior management and the board of directors, and then passed down to middle management who should feed it down to everyone else. Unity of purpose is key to a successful compliance plan and for a culture of compliance. 

The best way to get management and other company leaders to support your compliance efforts is to show them the business benefits of backing them. The reduction in unnecessary penalties, the improvement in staff morale, the efficiency savings of using automation tools to carry out tasks like creating insider lists are all persuasive arguments for promoting compliance.  

5.3 Insufficient training

Compliance activities are not just theoretical exercises, they have to be carried out by your staff and that means they need training. If they do not receive the right coaching to understand why and how to put your plan into practice, they will not be able to do it with any success. So, keep staff up to date with your compliance work plan and code of conduct. Inform them of the benefits of compliance and the disciplinary actions for failing to adhere to the plan. 

Make sure compliance training is held regularly and covers the relevant topics that each employee needs to know about. This also helps them understand how seriously the company takes compliance. It could even encourage them to speak out if they spot something that appears to challenge the ethical culture of the organisation.  

6. How do you monitor the effectiveness of your compliance plan?

Collecting data at every stage of your compliance plan helps you to understand the differences that you make and to track your progress. Based on your business compliance objectives, you can develop key performance indicators (KPIs) to help you monitor those aspects of your plan that you are most keen to measure. 

Distribute employee surveys to understand how much they understand about your compliance plan and how well equipped they are to deliver it too. You can also run an internal audit to make sure you are reaching your goals. If not, you can quickly take corrective actions.

7. Conclusion

Your compliance plan objectives will differ from another company’s, but your plan should be relevant and achievable, as well as making progress towards a more compliant workplace and improved ethical culture. It requires buy-in from company leaders and should be an ever-developing entity that takes into account the shifting regulatory landscape. It helps avoid violations of laws and encourages ethical behaviour. 

One way to improve your compliance processes is to use the tools that automate insider lists, employee trade requests and whistleblowing reports.   

compliance-plan-complylog

8. References and further reading
Ebook The State Of MAR: The Latest Sanctions And Pitfalls
Download

Share this post

linkedin-icon email-icon

Article Summary

Subscribe to our newsletter

Stay up to date with the latest news and products

Subscribe
newsletter-subscription-image

Sign up for our newsletter

Stay up to date with the latest news and products

You have successfully subscribed!

This is your official confirmation. Thank you for joining ComplyLog Newsletter. While you wait for the next issue of ComplyLog, check out the latest articles and references.

Related articles

Post Picture

What Is Conduct Risk In Banking Today? (And How To Manage It)

The global financial crisis of 2008 drove repercussions across all sectors and provoked a culture shift in how institutions approach conduct risk in...
Read More
Post Picture

The 20 Compliance Culture Questions To Ask In Your Next Survey

Deloitte states that “building a culture of ethics and compliance within an organisation is a business imperative.” And one of the key elements for...
Read More
Post Picture

11 Key Compliance KPIs + Examples (And Why You Should Track Them)

If there ever was a time when people accepted that companies were justified in behaving as they liked as long as they made money, those days are long...
Read More
Post Picture

How To Align Leadership And Compliance For Success

It is certainly true that compliance is costly. Identifying, analysing and mitigating compliance risks takes time, effort and resources to carry out...
Read More
All articles