Getting the left hand to know what the right hand is doing is a huge issue in most companies. In today’s regulatory environment having iron clad systems, will serve you well when the examiners come to pay you a visit. Those who have been before you in the exam process, recommend the following:
- Designate one point person or one department to handle compliance issues and communication of the compliance policies and procedures.
- All departments within the company should assemble their policies, procedures and documents they use to communicate with the consumer. These materials should be given to the point person or department to be compared to compliance regulation.
- A department liaison should be appointed to serve as the point person for each department. They will be responsible for communicating changes, filtering information up to the compliance department for review and any department updates. They will also serve on the company compliance team, which should meet regularly for updates and changes.
- Establish outside legal consultants who can serve to interpret your policies and outline any potential risk you may face, as a result of those policies. As we all know, regulations aren’t written with precise boundaries, so exhibiting to an examiner that you performed due diligence, prior to execution of a policy is a very prudent practice.
- Give staff rule scenarios for each procedure or policy. Look at what you are requesting them to do and then ask “if this” than “that”, unless “xyz”. Typically we deal with finite situations in our industry, so a little thought will go a long way in communicating your expectations.
- Each time a new policy or procedure is introduced, it will be up to the compliance team (compliance plus one liaison from each department) to determine which departments are touched by this change. They then identify how it fits into their workflow, how it will be implemented and how department members will be tested for adherence to the new policy or procedure.
- Make it the goal of all compliance team meetings to come up with gaps, issues, solutions to the issues and a level of risk associated with any new policy or procedure.
Finally, have the team establish how documents, policies, procedures and updates will be changed, communicated and tracked. That reminds me of the times when we used to pass a memo around the office and everyone had to initial that they read it! In today’s world you want to verify that they read it, have implemented it, understand why it is important and have been tested on it.
A little organization, will go a long way in helping you with all of the changes our industry is about to face over the next 6 months. I hope you find this information helpful in setting up your own internal compliance program.
