a history of engaging in illegal activities
or other behavior that would defy the tenets of a program. Many organizations
are increasingly outsourcing a variety of
operations to third parties. Outsourcing
functions that are beyond an organization’s core strengths makes good business sense. However, organizations must
also use proper safeguards to ensure
they are dealing with reputable and ethical partners, as they cannot outsource
their liability along with operational
4. Communicate and educate employees on compliance and ethics programs.
The organization must take reasonable
steps to communicate its standards, procedures, and other aspects of its programs
periodically and in a practical manner
throughout all levels.
5. Monitor and audit compliance and
ethics programs for effectiveness.
Organizations must ensure that their employees
follow the guidelines set forth for compliance and ethical behavior, as well as create
mechanisms for auditing and reporting on
the effectiveness of the programs.
6. Ensure consistent enforcement and
discipline of violations. Organizations
should consistently promote the value
and importance of such programs. Organizations can reward those actions that
demonstrate adherence to an ethical culture and discipline individuals who fail to
adhere to the ethical standards in place.
7. Respond appropriately to incidents
and take steps to prevent future incidents. The guidelines require that organizations not only take appropriate investigative actions in response to suspected
compliance and ethics violations, but also
require them to take appropriate measures to preserve the confidentiality of
elements and evaluate existing corporate
programs to ensure that they conform.
In doing so, organizations are eligible
to receive benefits such as reduced fines
and sentences or deferred prosecution.
Aside from gains such as reducing the
likelihood and severity of civil enforce-
ment actions, establishing an effective
compliance and ethics program just
makes good business sense. A sound
compliance regimen can enable insurers
to better protect the corporate brand and
minimize the consequences of any mis-
conduct that occurs. K
Scot McLeod is vice president at Compliance 360, where he is responsible for
marketing and corporate communications. McLeod has more than 20 years of
experience in the software industry. For
more information about the company, visit
Protecting the Corporate Brand
With a “compliance system of record,”
policies, assessments, audits, incidents,
investigations, and corrective action,
plans can be linked back to applicable
laws and regulations to create a dynamic
body of evidence and ensure a continual
audit-ready state for the organization.
As a result of the USSC’s modifications
to the Federal Sentencing Guidelines,
companies should establish compliance
and ethics programs rooted in the seven