In order for a compliance professional to be effective, it is important that the organization trusts the compliance professional’s judgment. Without that respect and trust, it will be difficult for a compliance professional to build consensus around the compliance professional’s recommendations to mitigate potential risk. If a compliance professional manages a department, it is important that the entire department has that same respect and trust within its organization. Accordingly, a compliance professional should design the department’s structure so there is an appropriate level of oversight throughout the department to ensure staff’s compliance recommendations also represent the department’s views on compliance matters.
A compliance officer’s role is to effectively influence the organization to comply with the applicable rules and regulations. It is not uncommon for some compliance departments to be labeled as another “enforcement agency” or thought of as policing the organization. A compliance function’s success is not dependent upon a single compliance professional or department, but the entire organization.
To accomplish this objective, it is important for a compliance professional to collaborate with applicable departments in helping solve business issues in a compliant manner. A compliance department should strive to be thought of as an important business partner and not an enforcer. While compliance professionals need to say no to business initiatives that do not comply with the rules, compliance professionals should also provide constructive feedback to the business on how it may be able to structure a business initiative in a compliant matter. By creating appropriate solutions to a business problem, the business department will further respect the compliance department and view it as part of its solution to resolve an issue.
Support from the CEO and Senior Management
Support from the CEO and senior management is critical to integrating compliance functions in every area of your organization. To help build trust, compliance officers should spend time with management, include them in investigations as appropriate, work with them in their development of corrective action plans, and just be available when needed. Attendance at educational programs cannot be mandatory for everyone except managers and vice presidents. Some organizations may include specific compliance training for managers. Management needs to demonstrate a personal commitment to the program, which will enhance a system-wide commitment. After attending training sessions, managers should discuss the content with staff either at a regular department meeting or as circumstances permit.
Supervisors or managers must also lead by example, as actions speak louder than words. A manager cannot encourage employees to report questionable behavior and then give special treatment to a friend. And once a potential infraction is reported, the non-retaliation policy must be rigorously observed. It is up to management to make sure employees do not hesitate to come forward for fear of retaliation. The cultural tone is set by management and its actions.
Staying on top of compliance issues is part of a manager’s day-to-day obligations. Managers and supervisors must closely follow news and information from their professional organizations and pass along any and all compliance-related issues to the compliance department. And compliance officers can be proactive by periodically asking managers and supervisors what new regulations are developing in their fields.
How can compliance officers help build that trust with the chief executive officer (CEO) and senior management? What follows are ideas to try and areas to work on to gain the support and commitment the compliance department needs.
Communicate Staffing Needs
Staffing is a struggle for any department, and the compliance department is no exception. If the budget will not allow for it or there is not enough work to increase staff, but a certain project requires additional staff, the compliance department may get support from other teams. CEOs and management who recognize that everyone in an organization affects compliance (in effect making everyone part of the compliance team) will help get approval for staffing support from other departments when needed.
Although the compliance department may report directly to the board, it is still valuable to meet with the CEO for more than data dissemination. The CEO has experience to share that can help the lead of the compliance department’s navigate working with the board and other departments. During this one-on-one meetings, discus how the department is doing, where it is going, and what assistance may be needed. Additionally, this time allows for the CEO to provide valuable communication about organizational goals and which areas the compliance department could assist. By holding these meetings, and by other departments being aware of the supervision structure, it again shows a clear sign of support for compliance within the organization.
Is your communication with the CEO open and candid? Being candid does not mean being rude, nor does it have to be direct. Many people have strong communication skills and know how to be open and honest while still conveying certain unpleasant facts or circumstances. To be candid is to explain your thought process, how it informed your conclusion, and why you may or may not agree with what another individual believes. Having candid conversations with your CEO promotes a better understanding of decisions or topics. The point is not to win; the point is to try to ensure everyone understands where others are coming from, and to provide insight into your decision-making process.
Employee Compliance Training
Having a CEO who supports the annual compliance training plan and takes it seriously goes a long way with senior management’s involvement. The CEO should follow up with the compliance officer about the attendance at the annual trainings, in addition to checking in with other department heads about their team’s attendance. The CEO doesn’t need to know each person who is delinquent (unless it’s a smaller company or the CEO wants to know that level of detail), but the CEO should know if a group from a location or department is not attending.
Compliance Department Personnel Training
Compliance department employees require outside training and resources. Being a member of a professional compliance association, such as Health Care Compliance Association (HCCA), provides access to a number of resources. An example is a compliance community blog, which can help when creating new policies or learning what a specific external audit might entail. Profession-specific magazine, newsletter, and blog articles keep the compliance community sharp and up to date on best practices for the industry and things that are coming down the regulatory pipeline. Being able to attend trainings creates new contacts for complicated topics and provides information that would take hours for one individual to pull together—perhaps still missing key pieces. Being a competent professional does not mean being an expert in every area we encounter, but it does involve learning from experts. A CEO who supports a reasonable personnel training line in the budget, can help compliance department personnel stay knowledgeable about the profession.