Time for Compliance Programs to become standarised
One of the wonderful things about the World is that the way that most things are built, designed and managed can become standardized. At some stage in the development of a repeatable process, someone, somewhere, will build a common set of frameworks known as Standards. These Standards are designed to build a common set of guidelines, rules and frameworks so that everyone across companies, regions, countries or even business units can talk in the same language.
Compliance officers have been slow to adopt a recognized framework for the development of compliance programs. They have tended to follow their gut and best practices as articulated by articles, whitepapers and speakers at conferences. They have also followed the guidance issued by regulators and also tracked common issues in enforcement proceedings and litigation.
Now is the time for compliance officers to retrofit their compliance programs into a framework that is common Worldwide. The best option for a global program that is recognized across the World is the International Standards Organisation (ISO) and their Standards that relate to compliance programs generally (ISO 19600) and for anti-corruption programs (ISO 37001).
The following are some obvious benefits in applying one or both of the Standards to your compliance program.
A Common Language. The Standards create a common language for you to speak across business units and risk areas that are the subject of the compliance program. Whether it is a tax compliance program, an anti-money laundering program or a safety compliance program, there is value in having a common framework.
Supports benchmarking. If everyone is using a different model, it is very hard to benchmark and compare programs across companies. Imagine if everyone used the same framework, it would be easier to compare and judge compliance.
The ability to audit consistently. Audits are much easier when it is against a Standard and not against a vague 'best practices' which is open to significant interpretation. Imagine what the finance/accounting world would be like without GAAP and IFRS.
Consistent Reporting. It is very easy to report to a Board or Audit Committee on a common way if every group in the organization has built their compliance program according to the same Standard. The same terminology, same structure, same reporting can be used which is easier, clearer and more likely to be understood.
Certifications. There is some scope under the Standards to be independently certified under a Standard. This adds significant value to the compliance program and proves is compliance and adoption with the Standard.