Compliance is a trending issue in our increasingly regulated and complex business world. We’ve all seen giants such as Enron fall after issues in non-compliance and the numerous cases on personal data breaches on the nightly news. Every organization, regardless of scope or industry, must have an effective compliance program as outlined by the 2010 Federal Sentencing Guidelines Manual. Regulations have become so complex that large organizations often have entire departments allocated to these efforts as the cost of non-compliance is three times greater than that of an effective compliance program (Ponemon, 3).
To begin our compliance series, we first must understand what compliance is, and how regulations have morphed from public initiatives aimed at protecting consumers in the early 1900s, to the complex rules imposed on organizations today. What is compliance? It’s defined as the act of conscious obedience to a set of rules or parameters established by the collective or those in power. Compliance is often regarded as a headache for organizations, as it is a non-value creating function within the business, where the lines between ethical and non-ethical behavior are not always well defined. The active engagement of all members in a compliance program is essential, as organizations are only as compliant as their least compliant member.
Every society has rules and conventions that are established to define proper and improper behaviors, typically underlined by moral values. Compliance organization and programs saw their beginnings as a way to protect consumers and set centralized governmental oversight over public safety concerns during the early 20th century. For example, The Food and Drug Administration’s modern regulatory functions began in 1906 with the passage of the Pure Food and Drugs Act to provide basic protections to consumers, such as product labels, in response to public dissent on food processes spurred by publications such as Upton Sinclair’s The Jungle (FDA). These first programs in compliance focused on public safety initiatives and public concerns and took on a public centered approach to compliance. As the U.S. experienced capital growth during the 1950s and 1960s, the modern management and organizational cultures we experience today began to emerge. Around this time sociologists such as Amitai Etzioni, also began the study of compliance within societal structures, and we as a culture began to realize the necessity of compliance programs from within the organization (Coughlin).
During the 1970s, events such as the passage of the Foreign Corrupt Practices Act (created to curb illegal payments by companies in excess of $300 million to foreign officials) and the creation of the EPA and DEA led to a shift in the structure of compliance programs from public initiatives to internal functions within organizations. In the 1980s, procurement scandals by the Department of Defense (such as paying $600 for toilet seats) led to the creation of an industry wide initiatives that called for the government to create guidelines for the creation, adoption, and implementation of ethical practices (Packard). Creating these initiatives acknowledged that it was the contractor’s responsibility to ensure ethical business practices on behalf of the government.
In 1991, the U.S. Sentencing Commission created the first federal sentencing guidelines for organizations in response to inconsistent criminal sentencing for non-compliance. These guidelines were the first publications to outline key elements of an effective compliance program, and was the basis for the seven principals all organizations must follow today. Later, scandals such as WorldCom (Inflated Stocks Pricing) and Enron (Fraudulent Loss Transparency) highlighted the need for a shift in compliance strategy from indicting non-compliant companies to a strategy of reforming corrupt corporate culture (List). This shift in compliance strategy led to our current structure of compliance risk management systems and general counsel oversight that provides an internal proactive stance to effective compliance.
In 2013, compliance in the U.S. is larger than Sweden’s GDP; regulatory compliance amounted to $112 billion in regulatory costs and 157 million man hours of paperwork for U.S. workers (Batkins). While the strategy for compliance has changed over the last century, so have the processes and technologies involved. ConvergePoint uses best practices from every industry in compliance, and offers SharePoint-based software solutions to achieve your compliance goals.