Category: Compliance

Compliance – part IV – Compliance officer

In this article, we will outline the role of compliance officers – their position within a company, and their tasks and responsibilities in an effective compliance system.

The compliance system is a set of procedures, actions and organisational solutions to ensure that the company operates in accordance with the external and internal regulations. The compliance system is not only a set of rules, i.e. orders and prohibitions applicable to a given enterprise, but it is also a kind of an ‘adviser’ helping to run the enterprise effectively and safely and achieve its objectives by means of these rules, which undoubtedly promotes its development.

The proper functioning of a compliance system should be overseen by an ‘expert’ who ensures compliance with the external and internal regulations and minimises the risk of non-compliance. A compliance officer is such an ‘expert’. A compliance officer is a person appointed within a given entity or outside (the so called external compliance officer, which, for example, may be a legal advisor providing compliance services), who has expertise and experience, in particular with respect to risk management and the implementation of solutions aimed at minimising the risk of non-compliance. The position of a compliance officer is primarily associated with ensuring the correct culture of procedures in an organisation and supporting the development of the business.

The main responsibilities of a compliance officer include, in particular:

  • implementing the compliance system and ensuring its correct functioning,
  • building the compliance awareness and culture within the company,
  • minimising the risks associated with running a company contrary to the applicable internal and external regulations in the compliance system, including the ethical and social standards,
  • providing training and education to employees and managers on the applicable requirements and the internal and external regulations concerning the compliance system,
  • monitoring the legal, corporate and industry developments,
  • identifying potential risks associated with the applicable regulations and making realistic risk assessments,
  • ensuring the proper functioning of the whistle-blowing system,
  • cooperation in the implementation of effective systems, procedures and safeguarding mechanisms,
  • reporting the implementation of the tasks arising from the compliance plan to the company’s governing bodies.

It should be borne in mind that the mere preparation and implementation of a compliance system is not sufficient. In order for such a system to be effective, it must be overseen by a competent person, which in this case is a compliance officer.

Please read our other articles on compliance:

Compliance – part III – Who is affected by the compliance system and how it is implemented.

Compliance – part II – compliance system

Compliance – part I – introduction

Compliance – part III – Who is affected by the compliance system and how it is implemented.

Who is involved in compliance?

The compliance system is a system to prevent violations not only in the area of law, but also in the area of unfair practices or unethical behaviour.

The concept of compliance is extremely broad. This means that the scope of application of a properly functioning compliance system is very complex and affects practically every aspect of company activities.

The main task of the compliance in a company is to implement mechanisms that will effectively eliminate the risk of non-compliance.

In order for the system to be effective, compliance must be ensured both internally and externally, which means that all members of the company should comply, as the system applies not only to employees and management, but also to business partners and contractors. All parties working with the company should be aware of the scope of the established procedures and apply them in practice.

How to implement the compliance system?

In order for the compliance system to be as successful as possible, it should operate on two levels: internally and externally.

  • Internal domain

Internal operations, i.e. those undertaken within the organisation, should include, in particular, elements such as the development of regulations, policies, procedures and codes of conduct to be implemented for use. In connection with the adoption of the aforementioned regulations, care should also be taken to educate all employees about their responsibilities, as the decisions they take affect the entire enterprise and may have negative legal consequences.

  • External domain

The external domain of the compliance refers to actions towards contractors, customers, subcontractors and legal institutions. In this domain, the organisation’s main obligations are the protection of personal data and keeping professional secrets confidential, as well as any anti-corruption measures, the prevention of manipulation or the reporting of violations. In addition, care should be taken to ensure that all contracts are entered into in accordance with the law, while all business activities should be undertaken in accordance with established compliance regulations.

In order for the compliance system to fulfil its functions and deliver the expected results, its implementation alone is not sufficient. It must be monitored on an ongoing basis and adapted to changing regulations and the situation within the company as well as its environment.

 

In the next article, we will introduce you to the institution of the Compliance Officer and point out the basic tasks the one should perform.

 

Please read our other articles on compliance:

Compliance – part II – compliance system

Compliance – part I – introduction

Compliance – part II – compliance system

A compliance system consists of several mandatory elements, without which its implementation may not be effective, and which include:

  • a comprehensive audit,
  • assessment of risk areas,
  • Implementation of detailed procedures covering key risk areas,
  • supervision and control of compliance with procedures – a Compliance Officer,
  • employee training.

 

AUDIT:

The audit shall verify internal processes that are carried out in the entity to identify compliance risks and areas that should be addressed by the compliance system. The audit is based on the documents presented and interviews with persons involved in the individual processes in the entity.

ASSESSMENT OF RISK AREAS:

At this stage, the areas that are most prone to risk are identified, taking into account the specific nature and the industry in which the entrepreneur operates, and the degree of risk involved is assessed.

IMPLEMENTATION OF PROCEDURES:

Based on the results of the audit and the risk assessment performed, a set of structured and consistent policies and procedures covering various aspects of the entity’s operations is developed and implemented in the entity. These include, in particular, internal procedures covering the basic principles of division of competences and responsibilities, and external procedures covering the principles of dealing with contractors and public authorities.

SUPERVISION AND CONTROL:

In order for the implemented compliance system to fulfil its intended function and bring the intended benefits to the entity, it is necessary to maintain constant supervision of compliance with the procedures and to ensure that the Compliance Officer is able to respond to situations that pose a risk of infringing the entity’s compliance rules.

TRAININGS:

A necessary element of any compliance system is the organisation of training courses that build awareness of the applicable compliance regulations among the management as well as the employees and associates of the entity.

If you would like to find out more about the implementation of compliance systems, please contact us.  Our experienced compliance team supports the Clients on an ongoing basis in view of the changing legal and business environment for companies. Our professional experience and knowledge allow us to design an efficient and coherent compliance system as well as internal control system that takes into account the specific nature of your industry, minimises risks and guarantees legal security in all areas of your business.

 

 

Please read our other articles on compliance:

Compliance – part I – introduction

Compliance – part I – introduction

We are pleased to provide you with the following article on the compliance system. You are highly recommended to read the text below.  Our team has prepared for you a number of articles covering detailed issues related to the compliance system, which will soon appear on our website. You will be able to learn more about issues such as what a compliance system is and who it applies to, what benefits can be gained from implementing a compliance system in your company, what the various stages of implementation look like (i.e. conducting an audit, preparing procedures, conducting training, etc.) and what the institution of a compliance officer is all about.

 

What is compliance?

Compliance literally means “conformity”. It is an extremely broad concept, as it touches many areas of an organisation and affects a number of its processes. Compliance system includes compliance with the law, sets of rules, including ethical ones, internal regulations, as well as a whole range of activities and standards integrated with each other, which the organisation is obliged to follow.

Compliance therefore means organising a company in such a way that it is run in accordance with the provisions and rules indicated above, and all the activities that are intended to help this to happen form a compliance management system.

The implementation of a compliance system in an organisation provides tremendous support for its day-to-day operation, but above all reduces the risks involved, particularly the risk of liability for irregularities within the organisation. Every year there are more and more regulations that companies have to comply with under the threat of severe sanctions, most often financial ones. Therefore, the risk of non-compliance of the conducted activities with applicable laws and regulations is constantly increasing.

Operating in a dynamically changing business environment, a modern entrepreneur must in advance minimise the risks that may arise when making most decisions related to the conducted activity. He or she must also be aware of the importance of properly responding to changes in the law, training management and personnel, developing and implementing the required policies, or even choosing the right course of action in the event of government intervention.

The introduction of a compliance system in a company is primarily aimed at preventing various types of violations and irregularities, and in the event that such failures occur, the system should enable them to be detected quickly and liability to be established. In addition, the system is also designed to protect the organisation against penalties, financial losses or loss of reputation in the event of problems resulting from, among other, violations of the law.

Irregularity is understood to include both unlawful behaviour or omission, but also breaking the rules of ethics, exceeding the accepted standard or norms Such an act may be, for example, corruption, ignoring money laundering, violation of personal data protection, disclosure of confidential information, harassment of an employee, determination of working conditions contrary to the provisions of labour law, violation of health and safety rules, etc.

Compliance system adapted to the profile of the organisation and functioning in a realistic manner allows you:

  • reducing the risk of occurrence and detection of violations and irregularities and limiting the liability of people responsible in organisations (preventive function),
  • bringing about compliance with the law and internal regulations
  • limiting the negative effects of the events that have occurred,
  • improving the processes within the organisation,
  • controlling legal risks as well as business risks.

Effective management of compliance risk in the company requires the implementation of a compliance system. However, for a compliance procedure to be effective, it must be tailored individually to the structure of the business processes and the profile of the entrepreneur, i.e. take into account the specifics of the company’s operation and its legal and business environment, in order to ensure compliance with legal regulations.

 

Please read our other articles on compliance:

Compliance – part II – compliance system