œMargaret, take this envelope and head over to the casino. Our division owes money and we are relying on you to settle our debts–I know you’re good at poker so don’t let me down. Karen, if you tell the anyone else in our company what we do with their money you’re both fired. Open up that Vodka I’ve got another meeting in five and I need a drink.”
Perhaps this is a bit of an exaggeration. Perhaps not. Who is to say what would really happen at weekly meetings in a workplace that blatantly disregarded compliance?
What’s more likely is not that there are workplaces without any sense of regulation, but rather, workplaces that just don’t have a good system for organizing their policies and business in a synergistic way that increases efficiency. Their employees may even border these extremities but have no idea that what they are doing is wrong. In other cases, they may know they are avoiding compliance, but can find ways to shift blame due to the lack of organization.
Fortunately, compliance is enforced through auditing. For the safety of all stakeholders, ethical rules and regulations are reviewed by checking the processes set in place in a business to ensure employees are following suit. On the other side of the coin, businesses without an organized and streamlined process can be left with a bad image and fees depending on the extremity of the compliance issues they have breached.
Reviewing new regulations and creating a company’s policies and procedures can be a mess. One person might be tasked with creating a policy based off of a new rule. Revising the process may mean they involve one or more people to review and provide changes, leaving the first person to sift through emails and marry different changes in one document. This leaves a large margin for error. Not only can the first person misinterpret the regulations to implement, but they may involve the wrong people or not enough people. They might not be clear in the type of changes allowed, or what departments will need to implement a procedure in a different way. Reviewing changes can leave a virtual trail through multiple folders, and in the end, the policy may not be approved. And if it is, who is to say that it will be renewed in a timely manner?
The first step in ensuring compliance is making sure your policies and procedures are created with the right people, and all kept in one place “ not scattered through emails. Avoid this issue by identifying the proper roles, and agreeing upon a common location and order of approvals. To further eliminate the margin of error, use an automated process like ConvergePoint that takes the personal effort out of the equation, and stores version histories, discussion boards, and an audit log of approvals.
Some managers may forward an email to their employees letting them know their new policies and procedures are posted to their intranet, or a messy Wiki site with every other department’s specific policies, or even in multiple folders buried deep in their shared network. Some managers may assume the employees were told where to look upon orientation, while other managers may not even mention it.
The fact is, when you leave something as important as ensuring compliance up to the individuality of each manager or department, there is another large margin left for error.
Ensuring every individual employee has received notice of a new policy or procedure once posted, and acknowledging and understanding new regulations should be a top priority. There is no reason to spend countless hours and frustration organizing and editing policies and procedures to let them fall when they leave your hands. There is a reason bigger than the task itself to create these policies and that is to ensure your employees are following them. Just because they are on paper, or in a file somewhere, does not mean they will ever see them. Identify the appropriate managers, and a method to ensure each individual employee knows where to find them.
This seems to be a popular theme. So popular that I’ve seen it happen at a company I once worked for.
Whether being audited for bad business, or creating an audit to prove a positive work environment, audit day should not be the only time policies and procedures are mentioned. If you have ever received a list of “audit answers,” you know what I am talking about.
This sends employees into a frenzy, realizing that their answer could affect the company’s status, and that there are actual policies and procedures they may not have known about. The last thing you want is to have employees looking at the list saying “Wow, I’ve never done that, I guess it doesn’t really matter.”
Compliance certifications should be required at continuous intervals depending on the policy. Using programs to schedule these is the most ideal way, but other ways which require more attention can still make an improvement.
In a case where a company might actually have a smoothly flowing system in creating the policies and procedures, and where management strictly ensures their employees know to acknowledge new policies, a common issue lies in the organization of the distributed materials.
Departments, position level, and specific role, can all determine the type of policies that a person
Approaching a messy Wiki page of outdated policies, or an entire colony of folders with different categories can be intimidating to an employee in determine which folders to enter, how far to search through them, how many documents to click, and so on. The ideal situation would be to ensure only specific employees have access to the policies they require, and that they are all kept in a single location.
Anti-Harassment and Non-Fraternization Policies
œSexual harassment is a hotbed issue that strikes fear in even the most seasoned of CEOs. Historically, as more women entered the workforce, employers had to figure out how to handle the interaction of genders within the office space. After years of allegations, public lawsuits and hefty payouts, corporate America has learned that the key to protecting itself against the monster of sexual harassment is a detailed anti-harassment policy. But, typing a policy on a piece of paper is not effective if you can’t ensure that every employee sees it, reads it and agrees to follow it”.