|
This article first appeared in E-learning Age, April 2003
By Jan Hagen, Director of Solutions, Wide Learning Ltd
Issuing policies is one thing, ensuring that everyone has a consistent understanding of these policies is quite another. The problem for most businesses is that they don’t have time or skills to create the necessary training or don’t know what best practice is in terms of compliance. Equally, as compliance training has to be consistent, tracked and updated regularly the cost of this by the traditional classroom route is simply prohibitive. Therefore it is makes sense that e-learning can be used to ensure that employees are able to become aware of impending new laws and regulations.
The most important aspect of compliance e-learning is that staff activity is completely trackable. When Sir Howard Davies of the Financial Services Authority, the financial services regulator, spoke about the necessity of compliance training as part of the culture of a financial services firm, he must have had e-learning in mind. The most cost effective solution is a system that delivers, tests, tracks and reports and so proves that everyone in the firm has a demonstrable understanding of a particular policy.
In cases where Health and Safety or diversity training is being provided such a process will ensure that there is evidence that can be used in a tribunal or court of law to demonstrate conclusively that the employer took all the necessary steps to ensure their staff was aware of the content and meaning of the relevant regulations. In the financial services sector the reporting facility enables a firm to demonstrate that its staff has shown an adequate level of competence to carry out their specific tasks and responsibilities.
The new Money Laundering Prevention regulations, which come into force in June 2003, state clearly that an individual either involved in or failing to report suspicious transactional activity, has a defence when he or she has not been provided with adequate training. In this instance the liability transfers automatically to the employer. A recent case against a lawyer who failed to report a suspicious transaction incriminated the lawyer because, although he did not knowingly break the rules, he was reasonably expected to know what he should have done. The new regulations as described above would have provided him with a defence. It is therefore crucial to firms to sort out their compliance training so that this exposure is hedged.
Preventing big compensation pay-outs
All areas of compliance, money laundering prevention, diversity, data protection, health & safety have something crucially important in common. The commonality is that breach leads to damage to reputation. This makes hedging compliance risk very important to organisations in the financial and professional services sectors, as often their only differentiator in their positioning is reputation.
Therefore it is surprising that research we carried out last year highlights that in response to the FSA requirement for `auditable tracking of competence` in compliance for employees at all levels, many financial services organisations seem to be taking a low key approach. Only one quarter of those who specified an answer were aware that FSA regulations dictate that all financial services employees have some degree of individual responsibility and accountability for compliance.
How can e-learning reduce the risk of big compensation pay-outs? Having a policy in place is great, but this is meaningless on its own. An accompanying learning product, together with a testing engine, can deliver a demonstrable understanding of this policy, which can be used to pass on breach of this policy to the individual in breach, rather than the company.
Mistakes will always be made and that will never change. This in turn can lead to compensation claims if staff fail to abide by the company complaints handling policy. More broadly, organisations face a plethora of potential compensation claims issues from discrimination to harassment and unfair dismissal. All with the potential to negatively impact the brand of that organisation as a good employer. A compliance process through e-learning can help to reduce the risk to the company as a whole as well as to reduce the risk of a breach happening in the first place.
The first obvious step to prevent the above problems is to have well defined policies in place. What you need next, however, is proof that every single employee in the organisation is not only aware of the policy, but also understands the spirit of the policy. Without this documented evidence of understanding, failure to comply with policies will normally be viewed as a supervisory problem and therefore an organisational one.
Obviously this supervisory responsibility does not disappear when an organisation has evidence that all staff know and understand its policies and procedures, but a two tier risk reduction process will exist in addition to the normal supervisory responsibilities. Firstly, an understanding of policies and procedures will encourage compliance, and secondly, staff will start policing each other, as knowingly allowing breach to take place can often be implication in itself.
There's no doubt that budgets have been cut and departments are under pressure to justify any investment in training. Increasingly, we are being asked by HR to help put a business case together to show ROI on e-learning programmes.
Even though the traditional route of listening for half an hour and sign a register is less and less the main delivery method for compliance training, it is still very much happening. In the financial services sector regulations state clearly that financial institutions need to show that their staff are competent and that their competency is maintained. The only way to audit competence is through testing someone’s understanding, skill and behaviour.
Firms need to recognise the commercial importance of compliance training rather than just seeing as a regulator driven costly diversion from their strategy. Only when this is fully recognised can compliance and HR departments start working effectively together to achieve firm-wide competence that enables organisations to reduce operational and compliance exposures.
Fostering an ethical culture
Just training staff in understanding the policies is not enough. The training needs to explain the policies as well as the commercially sound reason why compliance with the relevant policies makes the firm a more competitive player. It’s important to create a positive neighbourhood watch culture so as to facilitate an ethical business environment. To achieve a positive neighbourhood watch culture, in any financial institution, the first step is to communicate clear objectives to the entire organisation. Secondly, a thorough education strategy needs to be rolled out to ensure that everyone in the organisation has a basic understanding of those key areas where non-compliance tends to take place. This needs to include examples of these actions in the context of the day-to-day job of the different roles in the organisation. Finally, everyone needs to understand what to do if they suspect that something fishy is going on, as well as what it means if they fail to report this.
In order to achieve a solid audit trail that ensures and demonstrates an understanding of a firm’s policies and procedures, a need for a comprehensive testing strategy has emerged. This should, however, not be seen as an irritating diversion from a company’s core business, with the simple objective to satisfy the FSA. This testing strategy is, for compliance risk management and fraud prevention, the key tool to identify exposures so that these can be hedged. Also, identification of exposures ensures that training is only delivered to those individuals who have knowledge gaps, rather than having a need to roll out all training to everyone, this not only avoids education fatigue, it can also save money.
Too often strategies like these are driven by compliance departments alone or sometimes even by a sole HR professional. This is simply not good enough. Anyone with a vested interest in a company should drive this, everyone who does not want to be implicated or associated with criminal activity should drive this and the key driver needs to be at the very top of the organisation. The senior management of an organisation needs to make a positive statement why compliance risks need to be managed. They need to communicate to the entire organisation why they need everyone’s help to achieve a safe and successful environment.
Compliance in Professional Services
Emerging legislation in the professional services sector drives another growth area for e-learning. The penalties suffered by business for non-compliance with new laws can be harsh and legislation such as the Data Protection Act which came into force in March 2000 affects every business who employs or keeps details of their customers.
It has been reported recently that the national criminal intelligence service is frustrated that many legal and accounting firms are failing to be diligent and make the appropriate checks in relation to money laundering prevention. New online courses for professional services firms on money laundering prevention and data protection issues have been created to meet this need. The courses ensure that lawyers and accountants are firstly more aware of the threat of money laundering and the importance of protection information. Secondly they are made aware that client confidentiality is no longer a defence in many instances and finally it introduces the firm’s specific views, policies and procedures in the relevant area.
|
