Section 1

Understanding the Basics


Get Started with Compliance Fundamentals

Lay the foundation for growth with the core elements of an effective compliance program. From creating a top-notch Code of Conduct to understanding the role compliance plays in your organization, learn the building blocks of compliance.


Each compliance program is unique with disparate risks and various levels of maturity. Although there are a number of nuances determined by your company’s size, industry and location, there are still basic principles that are best practices across the board. In this section you’ll learn about the key skills every compliance professional should have as well as the general knowledge base effective compliance professional have and harness throughout their careers.

Just as there are key skills every modern compliance professional should possess, there are fundamental elements every effective compliance program should practice. This section will introduce you to those key components of a robust compliance program and provide the guidance you need to move your career and program to its next level of sophistication. 

Project Management Principles for Compliance

Get the nuggets of wisdom needed for successful compliance project management—including the best ways to fail, how to age gracefully and how to set priorities. Your compliance projects can always benefit from the best practices of successful project management.

Matt Kelly, Radical Compliance 02/15/2017

Get the nuggets of wisdom needed for successful compliance project management—including the best ways to fail, how to age gracefully and how to set priorities. Your compliance projects can always benefit from the best practices of successful project management.

I’m always looking for new ways to think about corporate compliance, to see whether that fresh perspective can help compliance officers do their jobs more effectively.

I’ve been thinking lately about the importance of IT projects to the success of large compliance programs—and the tendency for IT projects to go wrong. At first I wanted to see how internal audit’s principles for risk assessment and management might apply to IT projects. As I read further, however, I saw that many of the concepts here are just as useful to compliance officers trying to roll out your own programs.

After all, in a broad sense “compliance” is a project like any other. It starts as a specific set of actions you want the company to take to achieve a desired outcome. Sure, in our case the desired outcome is usually something like higher completion rates for training programs, or more accurate due diligence analyses, or better accounting of payments from intermediaries to overseas customers—but those are compliance projects like any other. They can fail like any other, too.

So what nuggets of wisdom can we steal from looking at project management principles?

Find the Best Way to Fail

First, projects can fail in two ways:

  • They can fail to be completed on time.
  • They can fail to achieve the outcome you want.

This is a hugely important point for compliance officers to grasp. We all know that compliance projects can be complicated, nuts-and-bolts ordeals—just try integrating two different accounting systems and your third-party screening program if you need a reminder. They can be deadline-driven, with real budget dollars at stake and awkward conversations with the CIO or CFO should they fall behind schedule.

Still, for many compliance projects the paramount goal is to improve behavior—and that’s where failed outcomes can be really dangerous. Your new training program might get higher completion rates, but fewer employees absorb the lessons you want to impart. An internal reporting system might try to be helpful with automated prompts, and not allow employees the chance to report an error or misconduct you haven’t anticipated.

Whatever your specific project is, you need to ask several questions. First, what’s the worst way your project could fail? Second, what’s the “best” way your project could fail? That is, would you rather run 20 percent over budget but still achieve 100 percent of your desired outcome, or stay within budget but achieve only 80 percent of your goal?

Those can be tough questions for compliance officers to answer. Usually it will depend on the specific problem you’re trying to solve. Inevitably, some consultant will remind you to “take a risk-based approach”—which is good advice, until you need to start making real decisions about what stays in the project and what stays out. The questions above can help you focus your thinking.


Age Gracefully

Second, remember that projects have a natural life cycle: inception, development, delivery and closure. Benchmarking your compliance project management to that life cycle will help you know who to involve at various points along the way.

For example, at the inception phase, you want to define why you’re undertaking this compliance project at all and what the desired outcomes are. So this is when you want a robust conversation among yourself, the chief audit executive, perhaps the general counsel (say, if the project is to improve contract management) or the HR director (if the project is to improve employee attitudes).


Artboard 1Write your reply...

Understood how to handle the project Management from the CIO level down to developers and lot hard work should be put for a project to develop .

0 Responses
March 28, 2017, 12:02 p.m. Manjisha Ka Manjisha Ka

Well stated, Matt! We begin every project with some very basic questions: what else is your team tasked with implementing? What does success look like? And what is driving the need here? Stepping back and evaluating the big picture is critical for so many reasons: aligning like priorities, assessing the capacity for the organization to take on more change and overburdening key resources, to name a few.

I also encourage healthy dialogue around another key component to support our effort: change management -- managing the people side of change. Without a plan in place around sponsorship, communication and training, the likelihood of getting people "on board" with your project dwindles drastically. And let's face it: without most if not all of those people, we probably wouldn't be doing whatever it is we are doing.

0 Responses
March 28, 2017, 11:08 a.m. Cody Bland Cody Bland