Compliance – part IX – procedures

The compliance system ensures an organisation’s compliance with legal regulations, industry standards and ethical principles in the risk areas.

An effective compliance system requires creating appropriate tools, such as policies, procedures and codes. On the other hand, the kind of compliance system documentation to be implemented in an organisation is determined primarily by the scope of the business activity and the type of risks involved.

This documentation should provide, in particular, information on the patterns of operation in an organisation, the roles and tasks of individual persons and the rules of conduct, e.g. in the event of specific irregularities.

Standard compliance procedures include:

Code of Ethics. This is the basic document of the compliance system, which indicates the crucial ethical principles and standards applicable in the company, both in the internal and external relations. In addition, it contains the values that guide the organisation in its operations.

Code of Conduct. The code of conduct contains specific procedures and behaviours that should be observed or restricted within the organisation. It is addressed, in particular, to all members of the organisation, but sometimes the circle is extended to include external entities.

Anti-corruption procedure. The procedure is designed to minimise the risk of abuse in the organisation. Effective compliance with this procedure prevents the risk of criminal liability for a person in a managerial position because of taking a private financial or personal advantage, abusing his or her powers or failing to fulfil his or her obligations. In addition, the implementation of an anti-corruption policy is an expression of lack of tolerance for corrupt behaviour and a confirmation that the organisation operates in accordance with ethical principles, which in turn strengthens its credibility with customers, investors and business partners.

Infringement reporting procedure. The procedure lays down the rules and guidelines for reporting potential irregularities and handling of such reports.

AML procedures. AML procedures relate to the obligations arising from the Act on Counteracting Money Laundering and Terrorist Financing, and their implementation is required by entities that are recognised as obliged institutions in the above-mentioned regulations. Their purpose is to prevent the flow and use of money from illegal sources.

Corporate governance procedures. This is a set of fundamental principles, practices and processes to manage and control an organisation. These principles are intended to strengthen the organisation’s management systems, in particular the areas related to risk management, compliance and internal audit function.

Personal data protection procedures (GDPR). In case of some organisations, it is advisable that the compliance system also covers the processing of personal data, in the form of implementation of the GDPR privacy protection principles and organisational measures, because non-compliance with these principles may expose the organisation to the risk of severe administrative penalties.

Labour law procedures. Labour law procedures play a key role in the employment sphere, as they are an important source of information for employees on the principles in force in the organisation that they are obliged to follow. In addition, in many cases the procedures help protect against potential administrative, civil or criminal liability. The labour law-related policies include, among others, anti-mobbing policy and non-discrimination and equal treatment policy.

Environmental procedures. Environmental protection is an important and broad field in which every entrepreneur should ensure compliance. The environmental law is a number of legal acts, i.e. laws and regulations, that the entrepreneurs should observe. Any violations in this respect, such as a failure to comply with reporting obligations or a lack of proper permits, can have far-reaching negative consequences for the organisation. The procedures are intended to ensure compliance of the organisation’s activities with the environmental laws and requirements, as well as the current “green” trends in the industry.

The list above is for reference only and does not include all the procedures and policies that comprise the compliance system. The documentation is always based on the needs of a given organisation, taking into account the regulations governing the type of business concerned. Not all of these procedures will be necessary in all cases.  The scope of the procedures may be narrower or broader, depending on the individual needs.

Depending on the type of business of a given organisation, the following procedures and policies can also be implemented: procedure for counteracting unfair competition, code of conduct when concluding contracts, tax and accounting procedures, procedure for verification of contractors and using the car fleet.

We invite you to read our other articles on the subject of compliance:

You might be also interested in...