1. Make sure you know who’s in charge
Find out who’s in charge of your organisation’s compliance. If it’s one person, check what happens in cases of absence. Is there someone that takes over this role in the case of absence or do they decide to leave? If you have a panel of people who deal with compliance, does anyone know their specific responsibilities? It sometimes turns out that each person thought someone else was covering a certain issue, only to find that no one was covering it. It’s best to get people working together across departments because everyone should have a stake in compliance.
2. Encourage collaboration
Achieving compliance often takes collaboration across departments and along the supply chain. Each head of the department needs to know the requirements that apply to what they’re doing and how to meet the regulations. For some, the requirements will be straightforward, but for others, they’ll be complex. Collaboration needs a clear assignment of roles and responsibilities. On top of watching for changes to regulations, any possible evolution of your product or service should be reported across the organisation to check if everything will work and remain compliant:
• Service operators – will the company still be able to support users/customers?
• Risk managers – will security and controls still work?
• Compliance managers – will everything still conform to the regulations?
3. Check if everything is compliant across all countries
What’s compliant in the UK may not be compliant elsewhere. Check your product or service is compliant wherever you provide, sell or manufacture it. Creating corporate standards helps to ensure that processes are designed, implemented and completed, with compliance in mind – wherever your organisation’s involved.
4. Take a wider risk assessment
A failure in governance is sometimes actually a failure in judgement. The reason is that the compliance risks are focused at a departmental level. It’s best to extend the assessment beyond the project. Also assess company, business and product risks for all developments. This results in a clearer picture of cause and effect on the entire organisation and its compliance.
5. Check your data management
If data is used correctly by an organisation, there are big rewards for investing, collecting and storing it. However, there are strict regulations on data protection that need to be followed.
Automated systems and processes can not only produce goods and services but can also provide proof that regulations have been followed appropriately in the sector.
6. Use technology
Some corporate compliance programs are stuck together with dozens of Excel and Word files and at best some databases that need to be cross-referenced. Software systems can put an end to duplicated reporting, and cut out the risk of human error, streamlining business processes to make compliance easier.