What is a suggested Compliance & Ethics Framework?

Last month the Project Post-Gazette ( http://projectgazette.com ) Compliance Central provided an overview of how the United States Federal Sentencing Guidelines gives the basic elements essential to a successful compliance and ethics (C&E) program.

Corporations that are convicted of a violation may have their penalty reduced if it has an effective compliance and ethics program in place at the time of the conviction.  Just as an organization can be held civilly liable for harassment by low-level supervisors, it also can be held criminally responsible for acts committed by employees acting within the scope of their duties when the acts were intended in part to benefit the employer. When the federal government prosecutes organizations for these crimes, it looks to see if the organization has a C&E program established and if they are active in their efforts to prevent criminal and unethical conduct in the workplace.

A C&E framework provides a healthy environment for organizations officers, principals’ and employee’s to:

–       Encourage  a commitment to integrity, honesty, and compliancy with appropriate regulations and legislation,

–       Promote an ethical organizational culture

–       Encourage ethical conduct,

–       Provide an avenue for concerns or complaints and

–       Deters and detects violations.


A solid C&E framework should contain at a minimum the following seven (7) core elements taken from the Federal Sentencing Guidelines:

1.  Written compliance standards, policies and procedures;

–       Standards of Conduct/Code of Conduct.

  • Employees certify once a year that they will adhere to the Code of Conduct (CC)
  • C/C outlines the ethical business conduct required of employees in the performance of their company responsibilities. Individuals certify that they will not engage in conduct or activity that may raise questions as to the company’s honesty, impartiality or reputation.

–       Ethical Business Conduct Guidelines

  • Includes the Company’s Code of Conduct,  values, a summary of key policies and procedures, examples of ethical questions employee’s might face, information about business compliance issues, and
  • Listing of resources to turn to for ethical advice or help.


2.  Effective compliance oversight;

–       Tone at the Top

–       Designated Compliance and Ethics Officer

3.  Effective training and education for roles and responsibilities;

–       Ethics

–       New Employee Training

–       Existing Employee Training

–       Targeted Subject Training

–       Sub-contractor Training

–       Senior Management Briefings

4.  Reporting and Investigation: Publicized and effective Lines of communications

–       Incident Reporting & Help Line (Integrity Line)

–       Anonymous reporting and help line

–       Case tracking software (confidential)

–       Metrics for company reporting on the Program effectiveness

5.  Enforcement for violations; well communicated disciplinary guidelines

6.  Strong internal monitoring and auditing program

–       Equitable and consistent investigations are being done

–       The program is evaluated periodically the effectiveness of the Program

–       The Program recognizes positive and supportive employee behavior

–       Screening of new employees

7.  Corrective action; prompt response to detected offences

In closing, the role of the Compliance and Ethics Officer is critical to the success of the C&E Program. The Compliance and Ethics Officer will have the following responsibilities:

–       Implement the Compliance and Ethics Program if applicable

–       Manage the Compliance and Ethics Program

–       Maintain confidentiality of investigations

–       Evaluate the Compliance and Ethics Program

–       Report  to CEO (or Board) and is responsible for implementing and managing the Program

–       Has the full authority of the Company principals to implement, support, and adjudicate the operations of the Program within the Company.

Next month we will discuss the process for developing a compliance risk assessment as a first step to a proactive compliance plan.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s