Top ten pillars for effective compliance

Posted by John Kleeman

What are the ten pillars for an effective compliance and ethics programme? And how can assessment help?

I mentioned in a previous blog post that I’d enjoyed hearing Carlo di Florio from the US SEC talk at the Ethics & Compliance Officer Association’s (ECOA) Conference. He suggested ten pillars for an effective compliance and ethics programme which I’d like to paraphrase here:

1. Good governance: setting the right tone at the top

2. Culture and values: for instance not saying one thing and doing another

3. Incentives & rewards: these can be key enablers for compliance, but they can also be key indicators for risk

4. Risk management: allocating resources based on risk

5. Policies and procedures: setting correct policies and making people aware of them

6. Role-based training and education – not just generic communication

7. Monitoring and reporting –  using technology where appropriate

8. Investigation and enforcement – effective response

9. Issues management – having a good process to deal with escalating problems

10. On-going improvement process – continually making things better

(see here for a speech by Carlo di Fiorio explaining setting out the pillars in detail).

I thought it might be interesting to see where assessments (surveys, quizzes, tests and exams) fit in here. For which pillars is assessment one of the foundations?

Clearly for #2, surveys measure culture and values and how they are changing. And obviously for #5 and #6, quizzes, tests and exams are a key way to check understanding of policies and of the effectiveness of training. And for #7, assessments are one of the few ways of monitoring your people in all your different offices and getting early warning of problems.

And how about #10? If you want to continually make things better, you will need to measure your improvements. Assessments provide trusted and valuable data to help see where you are and whether you are improving. I also thought how Dr. Bruce C. Aaron’s A-model framework might help organizations measure improvements in compliance?

If you’re not familiar with the A-model, see my colleague, Doug Peterson’s excellent videos (here and here) on using the A-model to measure business improvement. And consider how you might be able to apply this framework within your own organization.

Leave a Reply