26.09.2023
Compliance system – part X – the most common mistakes made in the implementation and functioning of the compliance system in organisations
More and more compliance systems are being implemented in organisations. The reasons for this are, among others, frequent changes in the law, bringing members of the organisation’s management board to account, financial losses resulting from corruption and abuse. Moreover, implementation of an effective compliance system is often required by business partners, who make it a condition for further negotiations or conclusion of a contract. However, one should bear in mind that the compliance system must be adapted to the organisation’s needs and properly implemented. Moreover, the proper functioning of the system in the organisation should also be ensured, i.e. through updating and improving it and taking actions aimed at ensuring its effectiveness. An ineffective compliance system will not deliver the expected results and will not protect the organisation from the negative consequences of non-compliance.
The following are the most common errors in the implementation and functioning of compliance systems in organisations:
Poorly conducted risk assessments and defective implementation of internal policies and procedures – these problems arise when organisations try to carry out risk assessments on their own, without the help of a professional who can indicate the threats and implement effective and tailored security mechanisms. Lack of a proper risk assessment is reflected in the lack of adequate verification of the areas exposed to risks and the effectiveness of the implemented policies and procedures, and as a result, in irregularities, financial losses, reputational damage and liability.
No updates of the compliance system – internal policies and procedures functioning within an organisation also require regular updates, in particular in terms of compliance with the law, which nowadays is changing dynamically. Lack of ongoing updates of the compliance system means that the policies and procedures functioning within the organisation are not adapted to its current needs. This is also due to a failure to appoint a person responsible for supervising the compliance system and its ongoing updates.
Lack of a clear definition of the roles and responsibilities and assigning responsibilities to people who do not have the appropriate competences – a common mistake made by organisations is the fact that they entrust several functions to one person. The compliance system requires proper commitment, which means that the compliance officer should focus as much as possible on his or her responsibilities to avoid exposing the organisation to adverse effects.
Lack of regular reporting and notification of errors – ongoing reporting to the management bodies of the results of the compliance system in the organisation is another problem. Lack of proper monitoring and reporting measures translates into the lack of ability to quickly identify irregularities and implement corrective actions and inhibits the process of improving the compliance system in the organisation.
Lack of training – lack of training is reflected in the lack of knowledge of policies and procedures among employees and lack of skills to apply them in practice, e.g. failure to report errors. Moreover, the lack of regular training is not conducive to the creation of the ethical culture that promotes appropriate behaviour in a given organisation.
Lack of communication and support from the management body – organisations often point to the lack of commitment from the management body, which should clearly communicate support for the compliance system and promote the values and behaviours that are desired in the organisation.
Lack of appropriate tools to support the compliance system – organisations should implement tools to report and visualise the compliance status, which facilitate making effective decisions and demonstrating due diligence.
We invite you to read our other articles on the subject of compliance:
Compliance – part III – Who is affected by the compliance system and how it is implemented.