Section 1

Understanding the Basics


Get Started with Compliance Fundamentals

Lay the foundation for growth with the core elements of an effective compliance program. From creating a top-notch Code of Conduct to understanding the role compliance plays in your organization, learn the building blocks of compliance.


Each compliance program is unique with disparate risks and various levels of maturity. Although there are a number of nuances determined by your company’s size, industry and location, there are still basic principles that are best practices across the board. In this section you’ll learn about the key skills every compliance professional should have as well as the general knowledge base effective compliance professional have and harness throughout their careers.

Just as there are key skills every modern compliance professional should possess, there are fundamental elements every effective compliance program should practice. This section will introduce you to those key components of a robust compliance program and provide the guidance you need to move your career and program to its next level of sophistication. 

7 Steps to Creating a Culture of Ethics, Integrity and Compliance

Like breadcrumbs leading the way through the fairy tale forest of compliance, these evidence-based steps will guide your way to the very real success of an organizational culture and ethics that is intentional and actually means something to your employees and customers.

NAVEX Global 02/15/2017

Like breadcrumbs leading the way through the fairy tale forest of compliance, these evidence-based steps will guide your way to the very real success of an organizational culture and ethics that is intentional and actually means something to your employees and customers.

A corporate culture of integrity must be intentionally shaped. In effective compliance programs, this intention manifests itself in several core elements that operate to prevent, detect and correct problems. These elements have become the gold standard for compliance programs in all industries and have been embraced by standard-making bodies worldwide.

This list can then be prioritized based on the needs of your organizational culture and likelihood and magnitude of potential problems.

1. Designate a Compliance Owner

Your compliance program must have a designated owner. This owner is often called the “compliance officer” or, even better, the “compliance and integrity officer” to denote that the program is about doing the right thing, not just legal compliance. This person should be a well-qualified member of senior management with direct access to the organization’s governing body, and with reporting responsibility to the top tier of executive management.

2. Implement Written Standards and Procedures

Every organization needs a code of conduct. The code applies to all employees, and to those who do work on the organization’s behalf. The code is an important vehicle for communicating executive management’s clear commitment to organizational culture and ethics, integrity and compliance. The document should state the organization’s mission, goals, values and compliance standards—plus the requirement for appropriate staff to adhere to their professional codes of conduct. The risks that are addressed in the standards and related documents should track with the organization’s risk profile, with more attention being given to the organization’s unique high-risk topics, such as harassment, health and safety, and conflicts of interest.

3. Conduct Appropriate Training and Awareness

As part of the compliance program, organizations should require specific training on a periodic basis for all employees and other contracted staff. This is essential to communicate and reinforce values and standards, meet legal obligations and mitigate legal, reputational and operational risks. And training can help change behavior and reduce instances of wrongdoing through prevention.

The process for building an effective training and communication plan begins with the list of risk areas from a risk assessment. Determine the audiences needing education in each risk area, and the depth and frequency of training needed based their jobs and risk exposure. Then settle on education methods and establish a training calendar.

4. Develop Open Lines of Communication

Offering employees a safe way to report problems and issues is critical for a strong organizational culture. Fear of retaliation is one of the most common reasons that staff refuse to speak up about poor care or other misconduct.

Organizations should encourage open-door reporting to management. There should also be an open line of communication directly to the compliance officer and the compliance committee. Additionally, anonymous routes of reporting should be provided in areas where anonymity is permitted. This is commonly a toll-free helpline and a web-based reporting system, which complies with local data privacy laws.

Combat skepticism and improve corporate culture by publishing anonymized or sanitized reports of issues that have been addressed. Not only does this demonstrate that the organization hears and takes such reports seriously, it also provides another way to educate staff on what is and is not accepted behavior—and how the organization will handle conduct that steps over the line.

5. Centrally Manage all Reports and Allegations

Reported concerns should all be added to a centralized database. That database should also collect the helpline and/or web-reported cases, plus those that come directly to compliance staff and managers.


Artboard 1Write your reply...

Great read! It's always good to refresh yourself on the 7 elements.

0 Responses
June 20, 2017, 11:12 a.m. LaTonya Cole LaTonya Cole

I'm obsessed with the USSC's guidance on the seven elements of an effective compliance program and this article breaks those elements down in a way that is less intimidating and far more digestible. Great read!

0 Responses
May 1, 2017, 7:35 a.m. MaShari Walker MaShari Walker

This is fantastic! I love this article.

0 Responses
April 27, 2017, 2:28 p.m. LeBrin Odell LeBrin Odell

This is a great checklist of simple "how-tos" to bridge communication on compliance between management and staff. Compliance is not simply a list of rules to follow, but a two-way street so that all employees are on the same page.

1 Response
March 28, 2017, 8:58 a.m. Jaime Gosselin Jaime Gosselin

I agree.

April 27, 2017, 2:28 p.m. LeBrin Odell LeBrin Odell