As you look ahead to advancing your ethics and compliance programme in 2017, it is useful to consider how your programme fares against your industry peers, and whether they are experiencing the same challenges as you are.
One of the most important considerations is your policy management process, which includes the practices throughout all the stages of managing your organisation’s policies or procedures, including creation, review, distribution and attestation.
Earlier this year, we surveyed nearly 400 ethics and compliance professionals from companies in Europe, the Middle East and Africa about their approach to policy management in our recent EMEA Policy Benchmark Report released October 2016. The report is a subset of our global Policy Management Benchmark Report, which surveyed 1,075 respondents across the globe.
A number of clear policy management challenges emerged at the top of EMEA compliance managers’ concerns. If your organisation shares any of these challenges, prioritise these actions as a New Year’s resolution for 2017.
Policy Management New Year’s Resolutions
1. Develop Standard Protocols for Policy Localisation
Technology and automation can, and should, play a pivotal role in developing standard protocols for policy localisation.
Thirty-six per cent of organisations conducting business in EMEA state that keeping policies up to date with new and changing regulations is their top policy management challenge. This is in line with their global peers and is certainly no surprise in EMEA given the frequency with which new regulations are added and changed in different parts of the region – the most recent being a flurry of new whistleblowing regulations in the UK, France and the Netherlands. Organisations are increasingly under pressure to be aware of, and to react to, these regulatory changes as they impact multiple departments and locations and there is often no single gatekeeper or solution to identify and manage them.
However, compliance professionals can mitigate this and mature their policy management practices by developing standard protocols for policy localisation so that there is logic and cadence to the prioritisation and localisation of policies. Technology and automation can, and should, play a pivotal role in this.
2. Take Steps to Train Employees at all Levels of Your Organisation
Thirty-one per cent of EMEA compliance professionals say that training employees on their organisation’s policies is a significant challenge. This finding mirrors that of our global Policy Management Benchmark Report, which found that organisations often struggle to decide what training to provide to whom, and how often to provide it.
Furthermore, many organisations underestimate the importance of making their compliance training and assessment activities relevant to an evolving workforce. By 2020, over half of the global workforce will be made up of millennials, so organisations need to diversify their training methods to make them appeal to all generations, using, for example, options such as mobile learning, gamification, just-in-time learning and social learning.
The most successful programmes will be those that bring the policy management and training departments together to share ownership of policy management training.
3. Invest in Technology to Manage Version Control
Managing different versions of your compliance policy can be challenging, and in our survey, 22 per cent of EMEA organisations list this as a top concern. Technology and automation can address, not only the challenges involved in drafting, editing, approving and keeping policies up to date, but also in developing and improving policy quality, communications to employees and third parties, policy access, compliance and a positive contribution to organisational culture.
EMEA organisations, like others worldwide, can significantly benefit from automated, centralised policy management tools. Our survey finds policy management software profoundly impacts an organisation’s policy management programme outcomes as well as the compliance programme as a whole. Aspects of policy management programmes like policy workflow between writers and approvers and policy access are positively impacted by policy management software. However, adherence to new laws and regulations, tracking policy violations and obtaining policy signoff are the components that can really reduce risk, improve compliance and legal defensibility with increased automation.
4. Make Friends with Legal
Twenty-two per cent of EMEA compliance professionals list effectively meeting the demands of legal compliance and aligning their policies with regulations as a top concern. As a policy manager it is essential to invest in your relationship with Legal. Organisations with policies that adhere to legal regulations and a policy management programme that is aligned with the legal department are much better placed to take action if any sort of legal action arises.
5. Appoint a Policy Management Champion
Policy management is a challenge wherever your programme is located and the solutions are universal, but companies headquartered or doing business in EMEA have the added challenge of keeping policies in line with multiple languages and regions. This makes it even more important for organisational silos to be broken down.
The first step toward an advanced policy management programme is to ensure there is a clear path for policy management to grow and take root, making it easier for you to gain senior management buy-in – and potentially budget – for your policy management programme. So if your organisation does not already have one in place, make it your new year’s resolution to appoint a clear Policy Management Champion. As organisations mature in their policy management programmes and begin to define specific owners and budgets, the justifications for retaining manual processes may decline.