There is a common misconception that the business of compliance is simply a matter of reading the law books, summarizing the rules, and following them. If the world were this linear, everyone would be on track!

The truth is that there are myriad compliance tasks that impact the success of your company – ones that you won’t find written down. Welcome to the intriguing world of “Internal Compliances”.

Most compliance systems, and for that matter, compliance-tech solutions, are focused on ticking a box each time a compliance task has been completed. As important as each task may be, there are numerous examples where your internal processes and procedures will be the real determinant of whether your compliance system works. Here are some examples:

FCPA:

The Foreign Corrupt Practices Act is US law that not only applies to US companies abroad but also reaches into their international supply chains. Although there are no binding rules that say Indian companies need to comply with the FCPA, for many companies, failing to anticipate these rules can be catastrophic. For this reason, leading compliance solutions such as Complius® don’t limit themselves to domestic rules alone but enable companies to adopt a layer of “internal” compliances that keep them ahead of the game.

International Codes of Practice:

Laws and standards such as GDPR and HIPAA may not be applicable to your company now, but as your business expands, anticipating the need for international consistency can better prepare you for new business opportunities. Often these frameworks can be deployed without additional cost, and by displaying proactivity and openness to international compliance features, you are much better positioned to close the deal. Internal compliance measures play a pivotal role in managing various recurrent aspects that may not always directly correspond with statutory laws. Below are examples illustrating the utilization of internal compliance to effectively manage such challenges:

Managing safety standards:

Adherence to safety standards like Occupational Health and Safety standards, National Building Code of India, Bureau of Indian Standards, Indian Standards, and Automotive Industry standards, etc., can be critical in fostering stakeholder trust and enhancing brand reputation.

Managing Policies and Standard Operating Procedures:

Employing an internal compliance framework enables meticulous implementation of Policies and Operating Procedures that are built for your organization. For example, if the law imposes prohibitions on loans to directors, most compliance systems will simply serve up a question asking if this rule has been adhered to. But in this and in many other cases, this simply leads to serial box ticking where it is all too easy for any owner of the task to simply respond “no”. However, leading companies are not satisfied with this approach but can add layers of internal procedures to ensure compliance is real. E.g., have senior management been trained on the provision? is there a declaration form for such loans? Have each of the Directors actually signed the form? Are proofs of compliance retained in a central repository available to the audit function?

Getting the point? … Without internal procedures that dictate “how” an external compliance is to be monitored and complied with, many systems will fail and when an excursion happens the audit function will be left scrambling.

Managing Conditions Precedent and Condition Subsequent:

Many commercial transactions such as M&A, Fundraising, and Joint Ventures produce a myriad of pre and post closure obligations that need to be tracked. This process enables companies to maximize value from the transaction while enhancing investor confidence; but not all compliance systems enable the tracking of ad hoc transactions, leaving individual departments to devise their own solutions.

Operational Task Management:

In many cases, a seemingly innocuous external compliance can trigger a complex internal workflow. Think of safety regulations that specify the characteristics of certain materials that are used in the manufacture of children’s toys. Without a rigorous internal procedure that covers sourcing, assembly, testing, and certification, simply listing and ticking off a compliance parameter is inviting disaster.

The aforementioned examples serve to assure management and ultimately consumers that tasks are managed in alignment with the organization’s protocols, ultimately enhancing operational efficiency, safety, and compliance in the broadest sense.

Is your Compliance system box-ticking, or do you really “get under the hood” and define the internal procedures that make compliance truly effective?

Do you think you can do a better job? Consider Complius® a technology solution that doesn’t just feed up statutory requirements but enables companies to customize every task and import workflows that really work.”