feedback. Key components of successful
· Keep it simple and role specific (i.e., don’t
apply a one-size-fits-all approach).
· Build a series of sessions, as opposed to
lengthy marathon, to maintain interest and
ensure information is absorbed.
· Blend training with examinations to
ensure thorough understanding and
execution. Ideally, an examination should
not immediately follow the training
session, but come one or two weeks later,
ensuring information retention.
· Apply a blend of both classroom and
· Never adopt a one-off approach. For
example, training is required immediately
post-hire, following a role change or
promotion, after regulatory or internal
policy changes, or immediately after any
merger or acquisition.
· Maintain an effective tracking program:
TTT (Train, Track, and Test). It is imperative that formal attendance, the specific
subject trained, and the date training was
provided is recorded.
· Make it stimulating and applicable to the
organization and operating environment.
· Provide real-life (sanitized) examples
that the audience can relate to — get their
· Send a message that your organization
employs robust control monitoring
· Make clear the personal impacts for
wrongdoing and the importance placed on
This should be supported with employee
compliance support mechanisms:
· Provide a dedicated compliance training
portal on the business website.
· Give portal access to all appropriate
policies, procedures, codes of conduct, etc.
· Introduce a compliance support line for
· Activate a compliance (whistleblowing)
hotline for actual or suspected incident
· Consider the introduction of departmental
“compliance champions” — individuals
who are specialized on necessary compliance requirements in their area(s) of
· Introduce compliance quizzes with
nominal value prizes.
· Organize themed compliance days/weeks.
It is critical that any compliance program
reports directly to the board, who in turn
commit their oversight to promote a culture
and mind-set, ensure support is visible, con-
tinue development, and deliver justice to
wrongdoers. The board, in turn, must dem-
onstrate their uncompromising compliance
position in practical and observable ways by
being the “voice of compliance.”
The compliance program must be
designed to enable and support informed
decisions and must be an integral component
of the business’s infrastructure. It should be
supported, be adaptable to the dynamic opera-
tional landscape, and be a prerequisite for any
business in both its strategy and operations.
Compliance programs must address the
following core principles to effectively prevent,
detect, and respond to any alerts, suspicions,
or proven incidents of misconduct — endemic
or opportunistic. Key elements of such a
program should be specific to the business’s
Robust change management processes will
ensure changes that may have compliance
impacts are reviewed. Compliance testing
should be performed and confirmed prior to