For many of us, the phrase ‘compliance training’ conjures feelings of drudgery. Dull, mandatory training that you just want to get out of the way. While it may not be anyone’s favourite part of the job, compliance training is foundational for any business.
Luckily, it doesn't have to be this way! Compliance shouldn't be a slog, as we recently discussed in our article on levelling up your compliance training. We believe it’s time to shatter that stereotype, giving employees the engaging compliance training they deserve. It’s a lofty goal, but maybe, it’s time to make compliance training sexy.
When done right, the benefits of compliance training are significant and far-reaching, ranging from higher productivity and profitability to increased employee engagement and risk reduction. These benefits apply to both small businesses and large global organisations, regardless of industry.
These benefits, coupled with your legal obligations, mean you are doubtless eager to ensure your business complies with state laws and industry regulations. However, like many, you might be unsure where to start. Compliance is a vast, intimidating topic, after all. Where to begin? You understand compliance is essential for the security and reputation of your business, but how can you improve compliance within your organisation? Thankfully, it’s easier than it sounds.
Below, we’ve outlined three essential steps to get started on better compliance for your business. But first, we’ll examine the state of compliance training globally, sharing the key statistics you need to know.
Let’s start with the good news first. Globally, compliance training is maturing. This year, the number of organisations with "mature and advanced" risk and compliance programs grew by 29%. Likewise, the number of compliance programs deemed “reactive and basic” fell by 34%. These statistics are hugely encouraging, showing that organisations are thinking more deeply about their compliance programs to deliver engaging, forward-thinking content.
Even so, there is still work to be done, as just 17% of teams say their compliance culture is ‘fully aligned’ across the company. 70% say their compliance culture is somewhat aligned, while, more concerningly, 13% say it’s not aligned. On a brighter note, Deloitte finds that 57% of organisations rate their compliance culture as either positive or exceptional.
These positive advancements make sense, as organisations lose an average of $4 million in revenue per non-compliance event, making a mature and comprehensive compliance culture essential. Similarly, CEI finds that US businesses spend an average of $10,000 per employee on regulatory costs, while regulatory monitoring can save $1.03 million on average. Moreover, there has been a 45% increase in non-compliance costs in the last decade.
It is also interesting to note that remote work has impacted the cost of non-compliance. According to IBM, data breaches cost over $1 million more on average when remote work is a factor. Put simply, non-compliance is prohibitively expensive, meaning it pays to invest in an up-to-date compliance program.
So, how much do teams invest in compliance? Bloomberg finds that 50% of organisations spend 6-10% of their revenue on compliance costs, while 20% spend less than 5% of their revenue on compliance costs.
Further, according to Deloitte, 72% of teams say their compliance budget has increased over the last five years. Yet, 36% say the level of investment in compliance is inadequate, and it’s hard to argue. When the cost of non-compliance is so high, it’s well worth investing in a dependable compliance program.
In the wake of the pandemic, compliance costs now include 62% of organisations that use eLearning to deliver compliance training. 30% of teams use blended learning for their compliance needs, while 9% favour instructor-led training. Additionally, 34% of organisations outsource some or all of their compliance functionality.
This shift towards eLearning has helped teams streamline their compliance programs, with 70% of compliance experts saying COVID increased their reliance on technology to improve decision-making, performance monitoring, and risk management. Overall, these figures represent a major paradigm shift, with teams discovering the benefits of eLearning for compliance training.
While this shift to eLearning is a broadly positive step, there is still room for improvement, particularly for alignment and capacity. 60% of teams say their compliance training is only “somewhat tailored” to individual business units, while just 13% believe their compliance training is “highly tailored.” Further, 87% of teams say their compliance function has no spare capacity due to being understaffed, which is cause for concern.
With these statistics in mind, it’s worth asking: what challenges are compliance teams facing, and what skills will they need to overcome these challenges?
For starters, MetricStream identified some of the top challenges compliance managers face. These are: handling compliance assessments, undergoing control testing, and implementing policy and process updates.
Likewise, Deloitte identified the biggest challenges compliance teams face:
Similarly, Deloitte found that the three most important skills for compliance teams in the future will be: influencing skills, communication skills, and stakeholder management. Future-ready compliance teams would be wise to start developing these skills.
Now that we have a broad overview of the state of the compliance industry, the question becomes: how can my business deliver better compliance training? Here are three steps to exceptional compliance training.
Compliance communication means informing staff of all policies, processes, and procedures that apply to an employee's industry and role. Essentially, it’s about getting staff to read, understand, and comply with relevant legislation and regulations. This can include anything from fire safety to cybersecurity, and everything in between.
To achieve this clear communication, you must tell all staff that a compliance program is in place and ensure compliance regulations and policy changes are distributed, received, understood, and acknowledged by each employee. Many compliance programs focus on changing employee behaviour, while also communicating what to do in the event of non-compliance.
At this point, getting employee buy-in can often be challenging. Many employees may associate compliance training with negative stereotypes, such as wading through pages of legal jargon to understand the latest compliance updates.
Other challenges include competing priorities, which mean employees might not have time to read long compliance updates. Others still may be unaware of where updates are shared. Therefore, sharing compliance updates in plain, decipherable language is vital. You can also try summarising the key points of your compliance updates to ease time pressures. Finally, ensure all employees know where to access the latest compliance updates.
Thus, to create an effective compliance communication strategy, EQS recommends taking the following steps:
1. Maintain a central source of information so employees always know where to look if they’re confused.
2. Establish a mechanism to communicate new regulations and amendments (i.e. a Slack channel, monthly meeting, or email updates).
3. Align compliance messages across internal communication channels to ensure everyone sees them.
4.Generate continued interest in compliance topics by prompting employees to engage in continuous learning and upskilling.
5. Harness the potential of microlearning to make compliance training seem less intimidating and time-sensitive.
6. Make sure your compliance trainers also receive regular training to stay up-to-date with current information and trends.
Most importantly, your compliance communication materials must carry the same key messages repeated over time to encourage behavioural change.
Compliance training for all employees is essential to make your company more compliant.
Investing time and money into your compliance program to teach staff about company regulations and standards will ensure your organisation stays up-to-date, relevant, and on top of compliance issues, while also minimising the risk of legal problems. As outlined above, non-compliance can be exceptionally costly, so it’s never worth the risk.
Satisfactory training coverage is an important measure of an effective compliance program, so you must ensure that all staff receive ongoing, relevant training on your company’s policies and procedures.
The easiest way to achieve this is via eLearning. As mentioned, 62% of organisations already use eLearning to deliver compliance training. Online training courses are available for all areas of compliance, making training incredibly easy, convenient, and effective. To learn more, check out Go1’s vast library of compliance training courses.
Developing an effective feedback channel is a critical aspect of any compliance program.
Collecting feedback tells you what is really going on in your organisation, allowing you to identify problems before they become a risk. For example, you might want to ask some of the following questions:
These questions are only the tip of the iceberg, providing a wealth of practical, actionable insights that tell you exactly how your employees engage with your compliance training and how you could optimise your training in the future.
By encouraging staff to provide honest feedback and report any concerns, you can improve your processes, thereby improving your compliance.
It’s also essential to have a process that allows ‘whistleblowing’ without fear of retribution. Encourage employees to report any compliance failures or unethical behaviour and have clearly-communicated consequences in place for non-compliance.
By following these steps, you’ll provide employees with clear communication, training, and feedback channels. Accordingly, you will be well on your way to building a stronger culture of compliance.
Keeping on top of compliance ensures greater transparency in the way your business operates, allowing you to improve your processes and efficiency. Improving your compliance training will also allow you to relax, knowing you’re doing the right thing for your staff and organisation.