Step 1 – Know the rules you need to comply with
Regulatory compliance is a significant business issue, partly because of the ever-increasing number of regulations that require businesses to be vigilant about maintaining a full understanding of their duties, partly because of the penalties that can be imposed by regulators, but perhaps most importantly because of the damage to reputation that can result from compliance failures.
- Compliance areas identified
- Not recently reviewed
- Unclear on compliance areas
Are the identified areas:
- Understood by senior management;
- Communicated properly to those with a need to know; and
- Reviewed regularly.
If not we can help you. To find out how:
YOU ARE AT MEDIUM RISK.
You should keep this area under regular review so that it remains reflective of your business activities.
We can help you. To find out how:
To keep on top of compliance please:
YOU ARE AT HIGH RISK.
You need to take urgent action.
We can help you implement appropriate processes.
Step 2 – Carry out an assessment of compliance risks
You need to have a system to enable you to understand the risk of each of the potential compliance areas to your operations.
- Risk assessment
- Risk awareness
- Unaware of risks
Can you demonstrate to outside scrutiny that you have a system in place which supports you in identifying the risk posed by compliance requirements?
We can help you implement an appropriate system. To find out how:
YOU ARE AT MEDIUM RISK.
Being aware of the risks which could cause harm to your business or its reputation is a good start but you also need to understand the risk that each poses to your business.
We can help. To find out how:
To keep on top of compliance please:
YOU ARE AT HIGH RISK.
Not considering or choosing to ignore your compliance risks to your operations could cause significant reputational harm to your business which may be difficult to recover from.
You need to take urgent action.
We can help you identify and manage your compliance risks.
Step 3 – Proactively manage compliance
Being able to demonstrate management of the compliance risks to your operations is critical to the smooth operation and avoidance of show-stopping regulatory interventions.
- Risk management
- Ad hoc management
- No risk management
Are you able to demonstrate that you have a system in place which manages all foreseeable compliance risk to your business?
Are you also be able to demonstrate that you are reducing the level of risk exposure related to the identified areas?
We can help you implement an appropriate system. To find out how:
YOU ARE AT MEDIUM RISK.
Being aware of the compliance risks to your operations is the first step in achieving compliance, the next step is being able to demonstrate that you are managing them.
We can help you implement processes to manage compliance risks. To find out how:
To keep on top of compliance please:
YOU ARE AT HIGH RISK.
Not considering or choosing to ignore compliance risks is a risky business strategy. Businesses may get away with it for a long time, but do you want to do business with an unethical, non-compliant or irresponsible business?
You need to take urgent action.
We can help you implement a compliance risk management process.
Step 4 – Take all reasonable precautions
Most business-related legislation imposes liability that does not depend on actual negligence or intent to harm. To offset this the legislation often contains a two-part statutory defense. The first step is to set up a system of control.
- Robust controls in place
- Some controls in place
- No controls in place
Are you able to demonstrate that you have taken reasonable steps to avoid breaching the legislation?
We can help you implement appropriate control processes. To find out how:
YOU ARE AT MEDIUM RISK.
Some controls are better than none but you need to be sure that you have not been overtaken by new developments in best practice. So, it is a good starting point in achieving compliance, but are you doing enough?
We can help you review your systems. To find out how:
To keep on top of compliance please:
YOU ARE AT HIGH RISK.
To establish a defense to any regulatory action it is really important to ensure that the right control measures are in place.
You need to take urgent action.
We can help you set up a system of control measures that have due regard to the risks and the law involved.
Step 5 – Exercise all due diligence
To exercise diligence is to operate an appropriate level of caution or investigation prior to acting or making a decision.
In practice, this means that if you have developed a program of checks it must work.
Having a system in place that is not followed is perhaps worse than having no system at all.
- Comprehensive audits
- Unrecorded checks
- No checks
Are you regularly reviewing the outcomes of your checks to identify negative trends and areas for improvement?
We can help you with your reviews. To find out how:
YOU ARE AT MEDIUM RISK.
It is essential that you keep on top of the documentation of checks to ensure that no opportunity for improvement or preventing an issue is missed.
We can help. To find out how:
To keep on top of compliance please:
YOU ARE AT HIGH RISK.
Choosing to not carry out due diligence is a risky strategy. It could mean that any systems you have in place to deal with compliance is useless and will not afford you any defence if a regulator decides to take enforcement measures.
You need to take urgent action.
We can provide access to competent help.