Building a robust ethics and compliance program is key to managing risk in today’s complex world of global business. That is why understanding best practices and the state of compliance infrastructure among companies is an important step toward better compliance across the board.
Society of Corporate Compliance and Ethics (SCCE) and NYSE Governance Services recently surveyed a variety of organizations — ranging in size from 100 employees to more than 100,000 — in various industries such as healthcare, manufacturing, utilities, finance and insurance, and educational services. The respondents were Chief Compliance Officers or the person responsible for the day-to-day operation of the ethics and compliance program.
Findings are presented in the 2014 Compliance and Ethics Program Environment Survey Report.
Here are some highlights:
63% of surveyed organizations indicate that the same person assumes overall and the day-to-day operational responsibility of compliance and ethics program.
38% of those with overall program responsibility report directly to their company’s CEO, while just 18 percent report to the general counsel or chief legal officer.
19% of the chief compliance officers report directly to the board of directors
Of those who don’t report directly to the board, 79% said they have “dotted line” reporting to the board.
The rest of the respondents report to a vice president of finance, financial controller, or other vice president.
Standards and documentation
Though 93% of surveyed organizations maintain an organization-wide employee code of conduct, only 41% meet the best practice standard of rewriting or updating their code at least every two years.
While 33% surveyed companies maintain a third party or supplier Code of Conduct, nearly 44% of these companies do require third parties to sign an agreement stating that they will adhere to compliance standards.
90% of surveyed organizations conduct background checks for some or all individuals in positions of trust.
Only 38% of surveyed companies track both gifts and entertainments.
96% of organizations offer ethics and compliance training to employees. Of these organizations, 81% invest the time and the resources to measure its effectiveness.
Monitoring and auditing
A majority of the organizations (98%) use systems that allow for anonymous communication. In addition, 68% have made a reporting system available to third parties.
54% of organizations conduct risks assessment on an annual basis.
Response and prevention
40% of organizations state that misconduct investigations are lead primarily by staff in the compliance department. Thirty-three percent track reports received by hotline but do not track open door reports.
The top five most common allegations reported are discrimination, harassment, and/or bullying, employee conflicts of interest, confidential information breach; employee theft or fraud; and work place safety issues.
40% of boards have received training on the code Conduct within the two past years;
52% do not conduct periodic performance evaluation on each Board member. Of the rest that do perform Board evaluation, 72% are done annually.
This survey can provide a useful benchmark for companies that are serious about strengthening all the elements of their compliance program and tracking their progress against peers. The results show encouraging progress in how the compliance profession is increasingly valued and appropriately positioned within companies, as well as the prevalence of compliance training. The majority of surveyed companies offering access to anonymous reporting channels for third parties is also a welcome development. At the same time, there still remains significant room for improvement in the areas such as making the code of conduct a living document, or tracking gifts and entertainment.
Junior Kayembe N’Kashama is a fellow with Young African Leaders Initiative from the Democratic Republic of the Congo.