Compliance Program Assessment
One of the seven elements of an “effective compliance program, ” as defined by the Federal Sentencing Commission more than a decade ago, is a periodic critical review of the program to ensure it meets its objectives and accurately reflects the organization’s operations and compliance risks. Our comprehensive assessment process is designed to conduct such a compliance program review, and provide practical advice on how a client’s compliance program can better address the business and management needs of the organization.
With the increased focus on corporate governance and board oversight of management practices, the compliance program can play an important role in ensuring that an organization’s corporate governance structure is effective. Our assessment report gives the compliance officer, the board of directors and executive management guidance on how the organization’s compliance program can be fortified to ensure that it meets its objectives.
Program Assessment Applications:
The Program Assessment tool is a valuable measure of the program’s success in meeting its objectives in light of the organization’s business operations and compliance challenges. The assessment also provides documented evidence of the organization’s corporate commitment to business integrity. The assessment report helps focus management’s attention and compliance program resources where the needs and risks are greatest. If there have been changes in the regulatory climate or in the organization’s structure and business, the assessment allows you to determine the impact these changes may have on the organization’s compliance efforts. The report also provides the board and management with necessary validation that the program is supporting the governance structure of the organization.
Program Assessment Process:
Our assessment process begins with a desk review of organization policies, procedures and compliance-related reports. This is followed by on-site interviews to obtain a representative sample of employee perception of the effectiveness of the program and the compliance staff. We interview both executive, management and line employees in order to determine strengths and weaknesses of the existing compliance efforts.
Our assessment protocol includes an in depth review of your entire compliance program, beginning with a focus on the seven elements of an effective effort. We critically assess the program in light of your organization’s current operations, potential risk areas for non-compliance, and annual objectives. In addition, we compare your program to those of organizations which, in our opinion, have achieved a level of performance commensurate with “best practice” for that program element. Finally, we make specific recommendations on how your program can be modified to enable you to achieve best practice, and to maintain a viable and valuable compliance program for your organization.
The Program Assessment process concludes with a comprehensive written report on the organization’s compliance program. This includes an analysis of how well the program compares to “best practices,” and areas of particular strength and weakness. We include specific recommendations on how each element of the program can be enhanced or modified to more effectively meet the organization’s compliance goals. We can also provide an in-person presentation of our findings to the board and/or executive management to provide an opportunity for a frank and open discussion of the results and our recommendations.
Click here to learn about specific areas we focus on when conducting program assessments.
Oversight and support for the compliance program:
- Governance structure of the organization and the program
- Management support of the compliance efforts
Corporate compliance officer and staff:
- Compliance function status within the corporate organization
- Structure and resources of compliance office
- Delegated compliance responsibilities
Code of Conduct and compliance-related corporate policies:
- Content and effectiveness of Code of Conduct
- Distribution of Code and employee awareness
- Review of corporate policies and procedures
- Review of compliance-related policies and procedures
Internal reporting process:
- “Hotline” or other formal reporting mechanisms
- Informal reporting processes
- Effectiveness of review process and procedures
Compliance education and training:
- Effectiveness of training program in light of corporate values
- Content and adequacy of subject matter
- Delivery and audit of training program
Internal controls and corrective action:
- Adequacy of internal audit process
- Compliance audit protocols
- Implementation of corrective actions
- Discipline process
Periodic review of compliance program:
- Relevance to current operations
- Implementation of modifications to reflect business changes,regulatory requirements, etc.