Many factors – external and internal, organizational and individual – contribute to the challenge of staying compliant. But the challenge is not only how to ensure that you comply with the rules and regulations on paper, it’s also about acting and operating compliantly. That means making it part of the organization’s ethos and having it fully embedded in its operations and behaviors.
Different challenges on multiple fronts
Compliance is complex because it comes at an organization from all directions. New regulations result from changes to state laws or industry standards. International agreements and trade deals can require organizations to adjust how they do business. Technological advances, adjustments in working practices, economic forces and social changes may all lead to more regulation. To compound matters, compliance needs to be tackled at both the organizational and at the level of individual employees.
Picture compliance as a multi-headed beast coming at you from all directions, all the time.
The big picture
There’s no endpoint to staying compliant. It’s a continuous process requiring constant evaluation and response. In fact, the biggest challenge to operating compliantly is to be prepared for the changes that will inevitably come and to be proactive in your response. Compliance is both the present and the future: act compliantly and continue to do so, always.
To get an idea of the bigger picture let’s look at the areas that provide the top current and persistent challenges to operating compliantly:
- Financial regulations: Financial compliance doesn’t just apply to the financial industry. While some regulations like Basel II and III apply primarily to the banking industry, other financial initiatives can apply across the board. These include measures to prevent money laundering and fraud. The commonest consequence for most organizations is the requirement for more detailed and more timely financial reporting. The acquisition of more and more data only adds to the pressure to maintain financial compliance.
- Technology: Better reporting can be facilitated by new technology, but that technology brings its own compliance challenges. The increased prevalence of technology in all business operations has led to a mountain of data that needs to be stored and protected. Recent data legislation like GDPR places further obligations on how organizations treat the data they gather. The accumulation of data from a variety of sources raises the question of cyber security. How do you protect against cyber-attacks and other sources of data leaks? Technology opens up other, direct, immediate, often informal channels of communication that require monitoring for compliance. Technology allows for new ways of working and new business processes and practices that also need checking for compliance.
- New work practices: As we’ve seen in the past eighteen months technology has enabled different ways of working as many of us have been confined to working from home. In many respects, this has just intensified a trend to working over distance as organizations grapple with a more dispersed workforce spread across geographies and time zones. This raises the question of how you ensure that people outside the main office continue to work compliantly. The challenge increases with mobile access to company resources, the option of informal communication channels, and the increased use of social media in business settings.
- The big disruptors: According to commentators we’re living through a fourth industrial revolution as technology transforms the way we live and work. Technology is one of the big disruptors whose effects are felt across the globe. To this, you can add the Covid pandemic and measures to tackle climate change. The consequences for compliance may not be immediately clear but one can safely predict that any new regulations and legislation will require mandated changes to practices. Then there are economic and trade agreements that require new compliance mechanisms on a more regional basis, like Brexit, for example.
- Organizational standards: Other compliance issues are closer to home and more within our direct control. Every organization of whatever size has a responsibility towards its employees’ well-being. Recently particular attention has been paid to people’s mental health, as well as the long-standing requirements for good health and safety. The growth of a more diverse and dispersed workforce adds a layer of complexity to achieving those standards. It has also increased the importance of ensuring there’s a strong company ethos and culture that is both inclusive and compliant. To these internal pressures, you can add the external demands of new industry standards and sector-specific regulations.
- Individual behaviors: Often compliance (or non-compliance) boils down to the actions of individuals. That behavior might have consequences for the whole organization. Yet, it may only be an act of omission rather than commission, a result of not realizing the consequences, a feeling it’s not their responsibility or a case of simply not caring. The reliance on the efficacy and responsible behavior of individuals is potentially compounded when you have people working remotely or in the field. The challenge is to reach these people (literally and metaphorically), motivate them, and instill in them the notion and practice that operating compliantly is part of everyday working.
Compliance presents a constant but shifting target. You can’t avoid compliance (or not without serious consequences), so the question is how to stay compliant and how to make staying compliant easier.
Too often compliance has been seen as a passive, tick-the-box exercise that certifies compliance up to a point but no further. That approach treats compliance as a step to be completed before work moves on. Yet to deal with the sheer weight of the challenges it presents, compliance needs to be seen as continuous. Staying compliant needs to be regarded as part of working and training and not separate from them. That attitude then prepares people to regard compliance and its evolution as the norm and be ready to respond.
Training for compliance
Training rather than certification must be the focus. The nature of compliance means that training needs to be easily updatable with the latest information. It has to be accessible wherever people are working and whenever they need it. This is particularly true in the age of remote working. Compliance training needs to be flexible and adaptable to take account of different local conditions or circumstances. It must also be supported by robust monitoring and reporting so that managers are alerted when someone is not meeting the standard and is operating non-compliantly.
Compliance training should be engaging and relevant. You need to motivate your people and make them aware of their responsibility to treat compliance as a necessary condition for effective performance. Compliance should be central to the company’s ethos and an essential element in career progression. It needs to reach and reach out to people. Compliance is everybody’s business.
Compliance training can be supported by digital training solutions delivered via learning platforms. These extend the provision of compliance training and ease the administrative and cost burden of traditional training programs.
Learning Management Systems support learning in a variety of formats and facilitate access to training while providing the back-end functions that monitor and evaluate the progress of learners. They also have an array of features that make the compliance training experience more memorable and impactful improving retention and motivating learners to take compliance seriously. You can use an LMS to build and sustain a culture of compliance.
Being and staying compliant
Compliance certification shows you’ve reached a certain standard. Unfortunately, it’s no guarantee that you will maintain that standard into the future, and it doesn’t indemnify you against future regulation. To move from being regarded as compliant to operating compliance requires a continuous, proactive program of training and validation. It also requires full engagement from employees at all levels in the organization.
Compliance must become part of normal working practices so you can ensure your business is operating safely and legally. Get in touch to find out how Learning Pool can help you with this process.
Rob is Learning Pool’s Head of Marketing, providing marketing leadership across all facets of Learning Pool’s brand, products and technologies.
He started his marketing career in the late ’90s, with significant time spent working in the media sector and is particularly skilled in Marketing Management, Digital Strategy, Research and Market Planning.
Rob holds a Master’s Degree (MSc) in Marketing Management from Manchester Metropolitan University. He now spends most of his time working out how to clearly communicate our ever-growing range of learning technology solutions to interested audiences in Europe and across the US.
Away from the office, Rob tries to balance family life with a passion for cycling, hiking, travelling and all things outdoors.