I’d suggest that every compliance officer spends their time 'pushing': pushing out training, reminders, escalations, policies, codes, and all the other compliance-related 'stuff'. The problem is this can also lead to compliance fatigue and push-back, and it’s why—for example—employees don’t complete their training, or they complete it in five minutes at 5pm on a Friday after two reminders just to tick the box.
These challenges ultimately made me realise that we had to do things differently and inspired me to come up with a range of new and unconventional tools and techniques. In this post, I’ll share a few examples.
Destroying the Myths
The relationship between compliance and the Board is sometimes described as having a sawtooth pattern or a half-life. Basically, the Board becomes engaged when there’s a crisis, the issue gets resolved, and then, progressively, the Board’s engagement decays until the next problem arises. Regardless of how it's described, this scenario is far from ideal.
It's for this reason that it’s rare to see a compliance event that doesn’t feature a session around gaining Board support. Put simply, compliance can be perceived as stifling, intrusive, and expensive—all factors that can lead to Boards limiting their engagement with, and paying lip service to, compliance.
For the purposes of this paragraph, let’s address what’s most important to the Board—the bottom line—and analyse the issue of compliance as an expense. I’m curious, what's your organisation’s cost of compliance (the cost per employee per annum)? I’ve asked that question pretty much around the world, and yet I’ve only ever had ONE real response.
That figure can be hugely powerful in getting your Board’s buy-in. Put simply, if you are spending, say, £22 per employee per annum on compliance, yet just one typical compliance-related fine equates to £5600 per employee, then suddenly the Board no longer sees compliance as intrusive or expensive, but a pretty good value. And once the Board changes its tune, that paves the way for other compliance myths to disappear.
Whistleblowing & VeRoniCA
Again, I’d suggest that every compliance officer faces similar challenges when it comes to whistleblowing: relatively low levels of reports, limited sources of reports (i.e., near-zero from some countries, departments, and teams), and an ever-present concern over retaliation and how it directly diminishes reporting.
If you're serious about increasing the use of your whistleblowing hotline, then I would recommend taking a range of unconventional steps. Firstly, consider 'branding' your hotline (helpline, reporting line, etc.) by giving it a name.
Apple has Siri, Amazon has Alexa, so why not give your hotline tool a name as well? It doesn’t have to be a human name: I’m told of one company, who has an owl for a logo, using the 'Hootline' with great success.
In my case, I used VeRoniCA—our Virtual Regulatory Compliance Assistant. Eventually, people got into saying, 'I’ll ask VeRoniCA', or 'I’ll tell VeRoniCA', and suchlike.
Additionally, there's a raft of other things that many organisations can do to help people familiarise themselves with reporting. A competition, for example, where people use the helpline to submit 'trial-run' reports can make them comfortable when the day comes to make a real report. If they're familiar with the process, they’ll be less nervous and intimidated by it, and so less likely to give up halfway through.
Another option: Why not use weekly rotating images of employees’ pets to attract people to your hotline pages? Proud pet parents will tell their colleagues, 'did you see little Fido on the hotline page today?' therefore driving traffic to your page. Even if someone doesn’t have a report to submit at the time, at least they’ll be reminded of the hotline’s existence and function.
Whistleblowing & Retaliation
Most organisations argue that their available retaliation-related data is limited—but is that really true?
Case in point: I initially put together a simple matrix of non-anonymous whistleblowers against what could be deemed reasonable indicators of retaliation. I chose readily-available data covering pay raises, bonuses, promotions, overtime, and shift allocation. The results were shocking: You could immediately see patterns of retaliation and even how the propensity for retaliation occasionally followed certain managers as they moved to different jobs.
This simple analysis can be crucial in all manner of anti-retaliation activities. Once you’re equipped with data, you can prove how your whistleblower efforts are making an impact at your company, thereby incentivizing future whistleblowers to act. Having this simple analysis means that a truly active approach to anti-retaliation is possible.
What Else?
These are just some examples of unconventional tools, techniques, and approaches for compliance officers. Crucially, none requires vast investment, nor extensive data research, nor hiring a costly specialist.
What they do require, however, is a shift in perspective and the determination to take a different approach. If you have those things, congratulations! You’re an Unconventional Compliance Officer!
Keith Read is the former Group Compliance and Ethics Director at British Telecom (BT) and the author of The Unconventional Compliance Officer.
Broadcat here! You didn’t think we’d publish a post without a gif, did you?
This is you, once you start taking an unconventional approach. ⬆️
| Source: Paramount Pictures
Thank you, Keith, for the most excellent post!