What is Compliance Management?

  As a company, certain laws and regulations must be complied with. Otherwise, the company may face sanctions. Compliance is understood to mean adherence to those laws, official requirements, regulatory provisions, international standards and agreements that affect the specific company. A Code of Conduct serves as the basis for compliance with all the requirements described above. This sets out basic rules of conduct and guidelines to which each individual employee must adhere. This lays the foundation for compliance management. Compliance management is to take further measures to ensure that all external and supplementary internal requirements are met.  

Compliance management is part of risk management

  Disregarding the law has consequences. This includes not only the costs of fines, but also reputational damage. In addition, under German law for example, in corporations with the legal form of public limited companies and limited liability companies, the executive bodies of the company in the commercial register are liable for damages. In the case of limited liability companies, the managing directors are the executive bodies; in the case of stock corporations, the management boards are the executive bodies (cf. §43 GmbHG § 93 AktG). All other companies or associations may be liable in accordance with §30 OWiG (Law on Regulatory Offenses). Prominent examples also show how expensive it can be if compliance is ignored selectively or completely:

  • 800 million euro fine for Siemens AG due to corruption. The process, which was based on the payment of bribes, even resulted in prison sentences for the management level.
  • 995 million euros in fines were imposed on VW and 866 million euros on Daimler in the wake of the emissions scandal.
  • 13.5 million euro fine for Deutsche Bank for late reporting of suspected money laundering.
  • 746 Millionen Euro Strafe für Amazon aufgrund Online-Targetings, beziehungsweise gezielt personalisierter Werbung

Compliance management comes into play to avoid this. First, a risk analysis is carried out in the area of compliance and all possible compliance violations are analyzed and evaluated. The introduction and active use of a compliance management system (CMS) is recommended in order to maintain an overview of the evaluated risks and to be able to monitor changes. This enables the company to continuously minimize risk.  

Compliance Management Systems

  The compliance management system has a number of tasks. This includes helping companies to avoid compliance violations and meet the requirements. By creating the compliance processes in the system, they are simplified and then automated. In Germany, the introduction of a CMS is currently only required by law for the financial and insurance sectors. Nevertheless, the systems are not subject to any legal regulations or guidelines and are therefore freely adaptable to the respective companies that use them. Even if the introduction of the CMS is time-consuming and costly, it has serious advantages:

  • Preventing reputational damage
  • Prevention of fines, i.e. cost savings
  • Creation of a cross-departmental overview of compliance processes
  • Records of compliance guidelines are audit-proof

 

What are the tasks of a compliance management officer?

  The task of our Compliance Management Officers is to take stock of the company and thus obtain an overview of whether and to what extent the company complies with the applicable regulations and the standards it has set itself. This is followed by the introduction of an internal system to control violations, continuation of the systems and monitoring of the compliance management systems for compliance with laws and guidelines. As the employees are jointly responsible for the company’s compliance-compliant behaviour, the compliance management officer carries out an employee training.  

Building blocks for introducing a compliance management system

 

 

What are the tasks of a compliance officer?

  The compliance officer is responsible for ensuring that both the company and its employees behave in a legally and ethically correct manner, i.e. that they comply with the rules. Depending on the size of the company and the sector, the area of responsibility can be very wide-ranging and confusing. It’s a constant battle between business-appropriate solutions and compliant behavior. We offer compliance as a service. If you have any questions about the CMS, please do not hesitate to contact us.