[INSERT COMPANY NAME]
Practitioner Note: Use this sample as a starting point only and customize/change as needed and appropriate for your organization.
Statement of Purpose
The [INSERT COMPANY NAME] (“Company”) Global Compliance and Ethics Committee (the “Compliance Committee” or the “Committee”) is responsible for oversight and supervision of the Company’s compliance and ethics program. The Compliance Committee shall provide assistance to the Company’s management and to the Audit Committee of the Company’s Board of Directors to enable the Company and its operating subsidiaries (collectively, “INSERT COMPANY NAME”) to continue to operate according to the highest ethical business standards and in accordance with applicable laws and regulations.
The Compliance Committee shall:
• Ensure the development, implementation, and operation of an effective compliance and ethics program;
• Promote an organizational culture that is “open door” and supports organizational justice, psychological safety, and ethical business practices by encouraging speaking up, law abiding, and ethical conduct and decision-making;
• Consider and resolve any issues of interpretation regarding any aspect of the compliance and ethics program; and
-
Have a direct reporting responsibility and line of communication with the Company’s Audit Committee of the Board of Directors.
Responsibilities
The Compliance Committee may delegate its duties to designated officers and employees of the Company and may hire independent counsel and other outside advisers, as the Committee deems appropriate and necessary, to fulfill its duties and obligations. To assist it in carrying out its responsibilities, the Compliance Committee may also form and delegate authority to regional, subregional, country-level, local, or business unit compliance and ethics committees or subcommittees when appropriate. The responsibilities of the Committee, on an ongoing basis, either directly or through appropriate Company officers and employees, are as follows.
Compliance Expertise
-
Obtain appropriate education and training for its members about applicable regulations and laws and interpretations and guidance related thereto issued by government regulators, as well as compliance program best practices and the elements required for an effective compliance program under applicable regulatory guidance.
Risk Assessment
-
Assess the risks of noncompliance with laws and regulations applicable to the Company and the risk of unethical conduct by employees and/or any outside parties acting on behalf of the Company, including dealers, distributors, resellers, suppliers, service providers, independent contractors, and agents (“Third Parties”).
Policies and Procedures
• Develop and maintain appropriate compliance policies and procedures for the compliance and ethics program, including the Company’s Code of Conduct.
Education and Communication
• Increase the awareness of employees and, as appropriate, Third Parties, customers, and shareholders about compliance and ethics–related policies and procedures through education programs, distribution, or other dissemination of the Code of Conduct and other Company policies; notifications regarding reporting methods available for possible violations; and other compliance communications.
Auditing and Monitoring
• Audit and monitor adherence to the Company compliance and ethics–related policies and procedures, including, but not limited to, reviewing the Company’s business ethics, conflicts of interest, and Code of Conduct certification processes.
Reporting/Seeking Guidance
-
Establish mechanisms for employees to report suspected misconduct or violations of applicable laws, contractual obligations, the Company Code of Conduct, or Company compliance and ethics–related policies and procedures and receive guidance on compliance and ethics issues, including, where allowed, an anonymous reporting mechanism.
• Encourage employees and, as appropriate, agents and Third Parties to report possible violations of, and to seek guidance concerning, applicable laws and regulations, contractual obligations, the Company’s Code of Conduct, and compliance and ethics–related policies and procedures (together, the “Compliance and Ethical Conduct Violations”).
• Review the status and disposition of Compliance Helpline reports, internal management reports regarding Compliance and Ethical Conduct Violations, and any other sources from which alleged Compliance and Ethical Conduct Violations may result.
• Establish and communicate the Code of Conduct, and other policies and procedures established to protect employees and others from retaliation for reporting, in good faith, suspected misconduct or violations.
Investigations
-
Establish procedures to ensure alleged Compliance and Ethical Conduct Violations are appropriately investigated by qualified and impartial personnel in accordance with applicable laws and regulations and Company policies and procedures.
-
Oversee the investigation of potentially material Compliance and Ethical Conduct Violations, considering, among other factors, involvement of members of management, the amount at issue, the type of alleged violation, or the potential risk to the Company (“Material Matters”).
-
Evaluate the evidence arising from an investigation of Material Matters and determine whether disciplinary action is warranted.
-
Ensure a root cause analysis is conducted for each Material Matter and oversee the completion of mitigating actions to correct and eliminate all such root causes.
Discipline for Violations
-
Review results of investigations regarding alleged Compliance and Ethical Conduct Violations and any discipline taken to ensure the discipline is proportional to the violation and in order to maintain consistency across the organization.
-
Determine the disciplinary action to be taken in connection with Material Matters.
Disclosure of Violations
-
Determine if Compliance and Ethical Conduct Violations are required to be, or should be, reported to appropriate governmental officials, internal committees, or to the Board of Directors.
Due Diligence
-
Develop and oversee a procedure to ensure appropriate background checks and due diligence are performed on all prospective members of senior management, employees moving into sensitive or key positions, as well as all higher-risk Third Parties.
Application of Program to Outside Parties
-
Evaluate the extent to which aspects of the compliance and ethics program will apply to entities such as joint ventures, business partners, subcontractors, and other Third Parties.
Evaluation of Program Effectiveness
-
Monitor developments in applicable legal and regulatory standards, industry and general best practices relating to regulatory compliance, and effective compliance and ethics programs.
• Assess the effectiveness of the Company’s compliance and ethics program under applicable legal and regulatory standards, including appropriate program structure, access to data and resources, the effectiveness of policies and procedures, compliance education, auditing, monitoring, reporting, investigations, discipline, disclosure, and the awareness and promotion of an ethical culture in the organization.
• Evaluate the sufficiency of the Compliance Helpline and other reporting mechanisms, including reviewing the performance of, and selecting, any outsourced tool or organization used to manage the program and the communication of its availability to employees.
-
Oversees appropriate revisions, updates, and amendments to the Company’s compliance and ethics program to account for any changes, gaps, or insufficiencies identified.
Documentation of Compliance Program
-
Ensure the compliance and ethics program is documented and updated, including maintenance of proper records related to all portions of the program.
Ongoing Monitoring
-
Establish and oversee the ongoing monitoring of compliance-related data, metrics, and key performance indicators to ensure early visibility to indicators of potential fraud, misconduct, and other compliance violations, as well as emerging compliance risks.
-
Ensure officers and employees assigned operational responsibilities relating to the Company’s compliance and ethics program have full and unrestricted access to appropriate sources of data and information needed for effective compliance monitoring and fraud detection.
Authority and Resources
• Ensure sufficient authority, autonomy, and resources such that officers and employees assigned operational responsibilities relating to the Company’s compliance and ethics program have appropriate stature, funding, staffing, and support to fulfill their responsibilities.