Compliance is primarily understood to mean that all of a company’s processes and products conform to the rules. Of course, this is particularly important in order to avoid legal consequences. The fact that a company moves within the framework of the guidelines is kept in mind above all by the company management and the legal department.
Compliance is a management task
Compliance must be observed out of ethical conviction, not due to legality. The basic attitude of leadership sets the tone for the entire company. However, employees must support them. In order to be able to guarantee this successfully, it is important to clearly explain the regulations and risks to them so that violations of the rules can be avoided. Through comprehensive, detailed training – which can be made particularly clear using negative examples – your colleagues can also recognize the relevance of compliance management and the personal responsibility associated with it.
The idea that the responsibility for successful compliance is the responsibility of the legal department is obvious. Consequently, this also falls to the task of ensuring compliance with the rules and training the employees accordingly. However, the company’s lawyers are often unable to do justice to this on their own. Depending on the size of the company, it is therefore useful to implement a separate department for compliance management within the legal department. It is also important to equip them well. Understanding in the CM area poses a high risk as potential rule violations may fall through the coarse screen, which cannot be narrowed down due to lack of resources. The consequences are unpleasant or even catastrophic consequences for which the company has to take responsibility.
This danger exists even if your company is based on high quality assurance standards. (Technical) quality assurance is not completely error-free, which is why constant monitoring and control by compliance managers is essential. Neglect can result in scandals, costly corrective actions and tarnished image. Compliance management is therefore part of quality management . If compliance is not already considered here, additional technical and financial work can become necessary, which can have fatal consequences for the reputation and liquidity of a group.
A well-established compliance department is therefore a worthwhile investment of human, financial and professional resources that ensures compliance and avoids difficulties in advance. The tasks that it can take on in the company include:
- Advice and coordination of necessary compliance aspects and safeguarding
- Examination of all safety aspects, systems and devices, as well as carrying out tests
- Risk assessment of new ideas, concepts, changes
- Acknowledgment and notification of the latest legal requirements
- Handling compliance cases by guiding corrective and preventive actions
- Conducting compliance audits (part of the process audits)
- Data management of technical and regulatory documentation
Compliance managers in this department do not necessarily have to be technically or legally trained. However, further training to become a QM manager or risk manager is recommended. In legal problem cases, legal advice cannot be avoided. What is particularly important in this role, however, is that you have experience and commitment and that you are willing to stay up to date through constant further training. Ideally, a compliance department can already be integrated into the development phases of new ideas and help to take all necessary legal and standardized bases into account.
It makes sense to formulate clear guidelines for the first presentation and to integrate training concepts and a complete documentation process. If compliance is not considered from the outset when something is new in your company, there will be weaknesses and gaps that can be exploited. The corresponding preparatory work, on the other hand, significantly reduces the risk of being prosecuted and losing your good reputation. Likewise, the subsequent damage limitation is of course reduced in this way.
So compliance management isn’t just about being law-abiding or taking corrective action in the event of an indictment or scandal. Internally as well as externally, it is important to be careful from the start to manifest compliance seamlessly in employees, processes and products in order to guarantee optimal results.