How Can I Make Sure My Compliance Training Program Covers All My Risks?

mary-bennett.png

Building a compliance training program that covers all of your organization’s risks isn’t easy. To do it in a way that ensures you cover your bases without creating training fatigue means creating a multiyear training program.

During a webinar with Compliance Week, “Creating a Multiyear Compliance Training Plan in 7 Easy Steps” we discussed how a multiyear training program fits into an organization’s overall compliance training program and offered seven easy steps towards putting a plan into place. In this post, we’ve provided a brief recap of the webinar.

Seven Steps to Creating a Multiyear Compliance Training Plan

Step 1: Match Training Topics With Risks

Knowing which topics to train on starts with identifying your risks. Use industry regulations and enforcement trends, consider changes to the business, look at trends data, meet with internal subject matter experts and conduct program assessments.

Once you’ve identified risks, you’ll need to analyze and prioritize them, as not all risks are created equal. Compliance professionals should also consider the likelihood and frequency of each risk, and the impact it has on the organization in time, money and reputation, and then weigh those risks against the overall objectives of their training plan.

Step 2: Segment Your Audiences

Segmenting audiences for training takes time. Start with simple groupings: all employees, senior leaders, managers, non-managers, the board of directors and third parties.  

Once that’s working smoothly, consider an advanced approach—a granular segmentation within the groupings to vary depth, duration and frequency on specific topics. The more granular segmentation might include factors such as risk exposure, location, region or facility, or new hires, to name a few.

And finally, always take into consideration special groups within your audience. Some people have learning constraints, require translation or have location issues. And, depending on the generational diversity in your workforce, you may need to take into consideration training that works better for millennials, boomers and everyone inbetween. Consider compliance training that will best reach your learners—sometimes that means getting creative.

Step 3: Determine the Right Timing for Training

Deciding how often you should train is an inexact science. There are best practices and anecdotal experience, and there is some legal guidance including the Federal Sentencing Guidelines—as well as important federal and state employment laws.

The most important thing here is delivering the right message to the right audience at the right time. Be sensitive to busy times, space out communications so employees have time to digest the information, and promptly and proactively address every issue that arises.

When determining the right timing for compliance training, consider:

  • Repetition:  This does not mean repeating the same course, but rather reiterating core messages in interesting ways so employees remember the key messages and can easily call them up when they need them.
  • Frequency: On your most critical topics, train every 12 to 24 months, offering a refresher or burst learning in an off year. For secondary risks areas, plan to train every 18 to 36 months, but communicate regularly on these areas and offer frequent but less extensive training solutions.
  • Depth and Duration: Use your risk analysis to decide what depth you need—30 minutes may be reasonable for a lot of topics, while other topics, or employee segments, may require a longer, more in-depth training.

Step 4: Choose Your Compliance Training Methods

Methods can be formal (such as live and online training sessions) or informal (group discussions or sharing success stories), full-length or short. Training can also include supplemental materials such as posters or screen savers.

According to our Ethics and Compliance Training Benchmark Report, the top methods used by respondents included live and online training, email, posters and intranet.

Start by assessing the methods the organization has available and determining what has worked well and what hasn’t. But be careful not to limit your training to what you’re used to. Experiment with new trends, such as video podcasts or internal social-media sites.


>> Never miss a post - subscribe to the blog today!


Step 5: Designate Owners

Successful execution of the plan won’t happen unless someone is accountable for putting it in practice. So once all the elements are in place, the plan will need owners.

Determine who will create the content, review and approve it, as well as deliver it. Someone must also be responsible for collecting and archiving the training and measuring the outcomes.

Step 6: Document Your Work

While it’s not necessary to document every piece of communication within your compliance training program, the program must demonstrate that it is doing what it is supposed to do to meet its objectives.

Digitize paper records, document all systems of record and what they track, consolidate systems of record when possible, and keep a record of all program documents.

Step 7: Measure Program Effectiveness

There are three components to measuring the effectiveness of your multiyear compliance training plan:

  • Setting the goal for the training you’re launching
  • Deciding what metrics you’ll use to measure whether you met the goals
  • Selecting the tools you’ll use to measure your goals

Compliance professionals need to begin with the end in mind and answer the question, “What will we call successful?” Then choose goals and the tools to measure.

Key Takeaways

Following these seven steps will help you put together a solid plan. Continue to revisit the plan at least annually. Tweak, adjust and improve upon it regularly. Keep in mind that a strong multiyear education plan is a living, breathing part of your organization—it should constantly be evolving.


Chat with a solutions expert to learn how you can take your compliance program to the next level of maturity.

Whistleblowing’s Renaissance

Goldman Sachs Cheating Scandal: Lessons for Your Compliance Training Program

The recent cheating scandals at Goldman Sachs and JP Morgan may serve to teach companies a few compliance training lessons. While several factors may explain why the cheaters decided to take a chance on being dishonest, companies that are concerned a similar incident can happen in their organizations can employ a few simple strategies to make their training curricula engaging and effective.

Previous/Next Article Chevron Icon of a previous/next arrow. Previous Post

Achieving Greater Whistleblower Protection: New OSHA Best Practices for Whistleblower Compliance Programs

The new guidelines issued by the Whistleblower Protection Advisory Committee are geared toward protecting whistleblower rights, which can address employee concerns before they spiral out of control. The public can comment on the guidelines until January 2016, meaning employers should learn about them and consider commenting and take steps to bring their compliance protocols in step.

Next Post Previous/Next Article Chevron Icon of a previous/next arrow.

Comments