Keeping Compliance Simple
I know I am not supposed to say this but compliance can be simple. That sounds like heresy but it is not.
A person’s intelligence is always reflected in their ability to explain complex topics in simple terms. You may be the smartest person, the greatest thinker of all time, but in the end. if you cannot translate those great thoughts into simple ideas, which are accessible to others, you have failed as an “intelligent” person.
The same rule applies in compliance. I recently read (or tried to read) a complex compliance document which supposedly contained some of the leading concepts in compliance today. I will not bore you with the details but suffice it to say – I could not understand the paper, nor any of the concepts being explained.
The document outlined some of the “leading” compliance ideas at a recent conference held in Europe. Even the chapter titles were inexplicable. For example, the paper outlined how “business owners” had to be appointed to take responsibility for specific “compliance controls.” While I understood the word, the explanation of the concept was incomprehensible.
By definition, compliance must be accessible: not only to other compliance professionals but more importantly, to the company’s directors, officers and employees, as well as third party business partners and intermediaries.
The compliance program itself must be accessible as well as the implementation of the program. Here is what I mean – I often make the point that a compliance program should be organized in a clear and simple fashion. There is no reason for multiple committees, multiple responsibilities which overlap, and over-thought and over-organized programs.
A compliance program should be clean and clear with easily understood lines of authority and delegated responsibilities. Simplicity translates into accountability. If a simple program is designed and implemented, each of the compliance constituencies should understand their role and responsibilities for making the program work.
Simplicity also translates into communication. To restate the obvious, a compliance program will not be effective if it is not communicated throughout the organization in clear and simple terms.
Regular compliance communications, whether in training, reminders and other announcements, if executed with simple terms and explanations, will do more to advance the company’s compliance program than more frequent complex communications. The goal of compliance is to make sure the audience listens and integrates the ideas into their work performance.
A complex compliance message will only turn off the company audience, resulting in a limited integration of compliance requirements and ideas by the board, officers and employees. The audience will rely on limited attention to identify only those compliance requirements which have a direct and immediate relevance to a specific employee. That is not a recipe for success but is a recipe for disaster.