Integrated Compliance Management Software
How integrating key compliance functions facilitates an effective compliance program
One important measure of success for compliance teams is an “effective” compliance program as prescribed by
the U.S. Federal Sentencing Guidelines for Organizations; the DOJ-SEC Resource Guide on the U.S. Foreign
Corrupt Practices Act; and other domestic and international standards. The DOJ-SEC Resource Guide, specifically,
distills the government’s expectations into three basic questions: (1) Is the company’s compliance program well
designed? (2) Is it being applied in good faith? (3) Does it work? Taking into account the guidance of the U.S.
Sentencing Commission, DOJ and SEC on the importance of continually improving a compliance program, we’ve
added that as a fourth basic area to consider.
A Pragmatic Approach to Compliance: Four Key Questions to Consider
Is it well designed?
Applied in good faith?
“Effective compliance programs are tailored to the company’s
specific business and to the risks associated with that business.
They are dynamic and evolve as the business and the
markets change.”
“[The DOJ and SEC] do not hold companies to a standard of
perfection...An assessment of a company’s compliance program, including
its design and good faith implementation and enforcement, is an
important part of the government’s assessment of whether a violation
occurred, and if so, what action should be taken.”
Does it work?
Continuous Improvement?
“In the end, if designed carefully, implemented earnestly, and
enforced fairly, a company’s compliance program...will allow the
company generally to prevent violations, detect those that do
occur, and remediate them promptly and appropriately.”
“A good compliance program should constantly
evolve...Consequently, DOJ and SEC evaluate whether companies
regularly review and improve their compliance programs and not
allow them to become stale.”
Operationalizing Key Compliance Program Functions
Integrated compliance management solutions allow compliance teams to centralize and automate compliance
functions across key risk areas, while equipping them with a uniquely contextual and holistic perspective of their
program’s performance.
Manage and monitor
cases from hotline, web
portal and open door
reporting channels.
OPERATIONAL
IMPACT
Centralize intake channels
Automate case workflows
Ensure appropriate
response
CASE
MANAGEMENT
TRAINING
Link cases to training, policies
and risk areas to understand
context of incident and where
attention is needed to minimize
future risks.
Provide framework for
compliance program and
set expectations
Simplify the drafting,
review, distribution and
certification of
compliance policies.
Increase accountability
and responsiveness
Connect your written
program to your training
initiatives and cases to
see how policy concepts
are (or aren’t) being put
into practice.
Ensure concepts are
understood and practiced
POLICY
MANAGEMENT
Centralize training content
Automate training
distribution
Track completion rates
and test scores
Reinforce compliance
policies with online
training, and re-train
individuals or groups
based on incidents or
updated risk profile.
COMPLIANCE
RISKS,
REGULATIONS
AND
OBLIGATIONS
OPERATIONAL
IMPACT
Centralize policies
Automate policy
distribution
Track certification rates
Create alerts for
reviews, rewrites
OPERATIONAL
IMPACT
Distribute policies, training and
case follow-ups to ensure a
defensible, good faith effort to
communicate on key initiatives
and build an ethical culture.
Drive home key
compliance concepts
with online training
courses.
ONGOING
COMMUNICATIONS
Demonstrate commitment
to culture of compliance
OPERATIONAL
IMPACT
Facilitate ongoing
communications
Automate distribution
Ensure audit trail of
messages
Strengthen compliance
initiatives and buy-in from
the top and middle with
consistent communications.
Easy. Efficient. And (Most Importantly) Effective.
In addition to bringing efficacy and efficiency to the compliance office, integrated compliance program
management enables organizations to demonstrate with ease and confidence that their program is well designed,
applied in good faith and that it works—and facilitates continuous improvement. Through the cohesive
implementation, management and monitoring of the standards, controls, communications and
responses associated with an effective compliance program, compliance management solutions help ensure your
organization remains in compliance—and above reproach in the event of a breakdown—to safeguard the
reputational and financial health of your company.
Is it well designed?
Communicate
standards and
procedures and
conduct
effective
training
Monitoring and
auditing to
detect criminal
conduct
Conduct
periodic risk
assessment
and make
necessary
program
modifications
Design,
implement and
modify
compliance
program based
on results of
periodic risk
assessment
Maintain
anonymous
reporting
mechanism
Does it work?
Continuous Improvement?
Leaders
understand the
program,
oversee
effectiveness
and ensure
adequate
resources
Applied in good faith?
Periodically
evaluate
program’s
effectiveness
Benchmark
program
against
industry
standards and
best practices
“[a] well-constructed,
thoughtfully implemented,
and consistently enforced
compliance and ethics
program helps prevent,
detect, remediate,
and report misconduct.”
Promotion and
enforcement
through
incentives and
disciplinary
measures
Respond
appropriately
to misconduct
and make
needed
program
modifications
Review and
test internal
controls and
implement
necessary
adjustments
© 2014 Convercent
All rights reserved.