Compliance refers to the proper behaviour of companies, their bodies and their employees as an indispensable component of good business management. Boards and managing directors are obliged to ensure legal compliance throughout the whole company, and their overall legal and organisational obligations make them responsible for ensuring compliance.
We support companies in the introduction of suitable compliance management systems. We generally plan four phases, whereby we tailor measures to suit your company together with you:
- Analysis and review in the form of a compliance audit. Review of structural, organisational and HR measures that the company has already implemented regarding compliance. The audit is based on the ‘maturity model’, which is used to establish the company’s ‘compliance maturity level’ based on set criteria.
- Risk audit to identify and evaluate relevant compliance risks. The risk audit is carried out using the most important business processes starting from the company’s value chain. It will take all regulatory requirements such as laws, statutory orders, norms, internal regulations etc. into account. After risks have been identified and evaluated, suitable measures will be established to effectively tackle these risks using a defined risk strategy.
- Based on the results of these two audits, the company’s individual compliance management system (CMS) will be set up and implemented. The CMS includes important aspects such as culture, aims, organisation and communication. The CMS also includes measures to ensure compliant behaviour from both the company and its employees.
- Implementation of monitoring mechanisms for the long-term monitoring of introduced measures. The effectiveness of the CMS will also be reviewed via internal audits and an annual review.
As part of phase three or as a separate module, we will also sensitise and train managers and employees within the company (in-house training).