5 Ways Training on Your Compliance Policies Can Protect Your Organization

We write a lot about the importance of creating, implementing and managing the right policies. But implementation is only half the battle. If you don’t give your employees thorough, effective and regular training on them, you won’t see the kind of compliance results you need.

The stakes here are enormously high.

Good compliance training made all the difference in a 2010 case when the Department of Justice decided not to prosecute Morgan Stanley after an employee violated the Foreign Corrupt Practices Act. In its investigation the DOJ found Morgan Stanley had “frequently trained its employees on its internal policies, the FCPA and other anti-corruption laws.” The company had given personnel in Asia—where the offending employee was based—training on anti-corruption policy 54 times in seven years. The company trained the accused himself on the FCPA seven times, and reminded him to comply with that law another 35 times.

When the DOJ came knocking, Morgan Stanley was able to make it clear that the employee acted on his own—by showing the company had done its part to raise awareness and train the employee on ways to avoid or prevent non-compliant behavior.

This is why it is so crucial for every business to have an effective, ongoing process for educating employees about policies and procedures. The way education is structured will depend a great deal on your organization and its culture. But reading policies aloud at onboarding and passing around employee handbooks is simply not effective.

The policy management life cycle requires regular and risk based tracking of policy conformance and relevance—and repeated, supportive training.

Policy training can be broken down to five basic steps:

  1. Regularly educate employees.
    After the initial education there are many ways you can re-communicate policies to employees to make sure they stay top of mind. Micro learning and quizzes are good ways to assess how well employees are retaining policy information. (See additional ideas here.)
  2. Send gentle reminders for keeping up with compliance training.
    If your organization has the resources to invest, online compliance training can also be very effective since it allows employees to educate themselves at their convenience. Having visibility into employees’ training activities, compliance officers and HR managers can stay up-to-date on which employees are behind on training and encourage them to stay current. Online training also has the added benefit of allowing compliance and HR to track the courses an employee has taken.
  3. Take action when policies are misused.
    You must be prepared and able to enforce your policies or retrain employees if or when policies  are ignored or misused. Not only does this ensure a stable organizational reputation, it also encourages employees throughout your organization to remain compliant if they can see there are consequences to rule-breaking.
  4. Explain the steps that were taken and why.
    Being as transparent as possible about the “whys” of policy training and policy management fosters good faith among employees. Although training is extremely important, the knowledge may fade quickly if training is infrequent or if the employee cannot easily find and refer back to the original policy or procedure.
  5. Re-educate employees when changes in policy occur.
    The training process doesn’t end once you push out a new policy, any more than it ends after first-day orientation. Policies can become outdated or irrelevant overnight. Risks may also change which require updates or new policies (e.g. social media). Not only do laws, regulations and organization risks change, but the forces of technology and competition can also create the need to reassess and rewrite policies, as can entry into new markets or industries, which may have different rules governing your business or your employees’ behavior.

To learn more about how to effectively and efficiently manage your organization’s policies and procedures, download our free ebook, The Definitive Guide to Policy Management.

Chat with a solutions expert to learn how you can take your compliance program to the next level of maturity.

Key Findings from NAVEX Global's Third Party Risk Management Benchmark Report

High-profile compliance failures stemming from third party misconduct have escalated in recent years. NAVEX Global’s recent Third Party Risk Management Benchmark Report sheds light on this evolving issue by examining who owns third party risk, organizations’ approach to due diligence the resources allocated to third party risk management, among other key benchmarks.

Previous/Next Article Chevron Icon of a previous/next arrow. Previous Post

Concerns on the New UK Whistleblower Rules

In early March, the U.K.’s Financial Conduct Authority and Prudential Regulation Authority began rolling out new whistleblower rules, with which financial organisations will be required to comply. These rules have not been universally welcomed—and feedback from financial industry insiders included several concerns. But are the issues raised warranted? We examine them in this post.

Next Post Previous/Next Article Chevron Icon of a previous/next arrow.