Chapter 7. Monitoring, Auditing, and Reporting

Chapter 7. Monitoring, Auditing, and Reporting

An effective compliance program involves constant evaluation and improvement. To keep improving your program, risk areas need to be consistently monitored and audited. Auditing and monitoring are a compliance program’s detection mechanisms. This element can assist you in finding risks that have been escalated or in detecting new risks. Additionally, this element can verify that management has put mechanisms in place to mitigate previously identified risks. A reporting system is also necessary for staff to use if they encounter instances of noncompliance and are not comfortable raising issues with management. The reporting system is the safety mechanism for an employee to feel free to raise issues without fear of retaliation or retribution. With these tools and processes in place, an organization demonstrates its commitment to continually improving its compliance program.

While an expectation of 100% compliance is an ideal goal, it is also unrealistic since organizational compliance relies on each individual’s compliance and accountability. The key to strive for and demonstrate is a process for continually improving and evolving your compliance program and its activities. There is a strong emphasis on the importance of evaluation in most recent settlements with regulatory agencies.

The need for regular monitoring is ongoing. Management should monitor the risks of the organization and ensure that they are mitigated. Monitoring helps to identify early on if risks are escalating so that they can be addressed quickly and reprioritized when needed. Moreover, all government compliance program guidance states that ongoing evaluation is critical to a successful compliance program. Regulators (such as the DOJ) have also identified key areas they look at when evaluating the effectiveness of compliance programs.

This document is only available to subscribers. Please log in or purchase access.