You’ve spent countless days, nights, and weekends at your private company gearing up for this moment.
It’s an exciting time,and the level of preparedness required is instrumental to your company’s success. After all, an IPO is just the beginning of a long road to delivering growth and shareholder value. And now, you’re responsible for ensuring compliance at your company.
So where do you start? As you work to set up the elements of an effective compliance program, prioritize these four compliance fundamentals to set yourself up for success:
It is imperative that employees understand how to behave and make decisions aligned with your company’s values and in compliance with all applicable laws and regulations. The Evaluation of Corporate Compliance Programs (ECCP) underscores this, stating:
“As a threshold matter, prosecutors should examine whether the company has a code of conduct that sets forth, among other things, the company’s commitment to full compliance with relevant Federal laws that is accessible and applicable to all company employees.”
A Code of Conduct establishes the rules and behaviors expected of employees. Internally, it serves as a resource and performance benchmark. Externally, it communicates your company’s commitments to third parties, shareholders, and the broader community.
In addition to well-communicated standards, employees need an easy, safe, and secure way to report suspected wrongdoing.
The ECCP calls for an:
“...efficient and trusted mechanism by which employees can anonymously or confidentially report allegations of breaches…of suspected or actual misconduct.”
Engage a third-party reporting provider that:
Policies and helplines only work if employees know about them and have opportunities to practice making the right decisions.
Risk-based training is essential to promote awareness of your company’s risks and support sustainable growth. Trust drives successful businesses, and training builds that trust.
The ECCP does not mandate a specific number of training hours but focuses on preventing misconduct. Think about the activities that could get your company into trouble and work backwards to ensure you’re delivering the right guidance to the right people.
Once you’ve launched initial training, explore how to reduce seat time in future years while remaining aligned with DOJ guidance.
A robust compliance program mitigates risks specific to your business. To help employees do their jobs compliantly, you must first identify the risky tasks and behaviors that could lead to violations.
This is especially important pre-IPO, as employees engage with third parties including VC firms, investment bankers, and shareholders.
Think of these four compliance fundamentals as your foundational building blocks. They will help you drive a culture of compliance and mitigate risk as you prepare for your IPO. Once this foundation is in place, you can begin building out a long-term strategy for compliance excellence.
Harper Wells is a governance, risk, and compliance leader with over 20 years of experience developing enterprise-wide ethics and compliance programs. As Chief Compliance Officer at Learning Pool, she leverages data-driven insights and innovative training strategies to foster ethical, high-performing workplace cultures.