In this article, Thomas Fox, Compliance Evangelist based in Houston, TX, discusses the requirements for creating and managing an up-to-date, effective and efficient compliance training program. The design of a compliance training program must be rigorous and utterly professional - there is no place for amateurism.
The article is written for US compliance L&D professionals, but the lessons drawn from it are universal.
Shawn Rogers, Senior Director, Global Training & Awareness, Walmart, has developed ten design objectives for establishing your compliance program training design objectives. You should consider doing the same for your organization.
- Align your compliance training top compliance risks – The 2020 Update and 2020 FCPA Resource Guide are only the two latest in a long line of Department of Justice (DOJ) documents and pronouncements that your compliance program should be based on the risks that your organization faces. It is critical that you design your program to directly address these risks.
- Professionally designed – More and more the training experience of the workforce is to expect professional quality training. This is tempered with the fact that anyone with an iPhone can create a professional level video. But the days of compliance training by static PowerPoint have long since passed. Indeed, compliance training will not be taken seriously if its quality is substandard.
- Applicable to adult learners – There is a lot of debate about “adult learning theory” and strategies that appeal to various demographics. The courses should speak intelligently to a sophisticated and experienced professional audience. Companies have different cultures, different styles, and different tastes. This can mean formal, but conversational; serious, but not stuffy. You must guard against talking down to employees or treating them like children.
- Standardized – There are some things that really irritate learners. One of those is a lack of standards between course offerings. Here Rogers noted, “Learners don’t want to have to learn how to use different navigation techniques in different courses. This is as simple as standardizing on look-and-feel, location of forward and back buttons, location of resources, types of test questions.” Moreover, if all your courses have a standard look-and-feel, similar learning exercises and knowledge checks, the vast majority of employees will spend the time learning rather than trying to figure out how to move through the course.
- Strategically Planned – Once again, the DOJ wants to see your organization train to its compliance risks. Under the 2020 Update this means you have to start an analysis to determine who should be trained and on what subjects. From there you need to consider if employees in relevant control functions have received training? Have you provided tailored training for high-risk and control employees, including training that addresses risks in the area where the misconduct occurred? Finally, have supervisory employees received different or supplementary training?
- Engaging – In the 2020 Update, the DOJ for the first time focused on compliance training which would hold the audience’s attention, stating “companies have invested in shorter, more targeted training sessions to enable employees to timely identify and raise issues to appropriate compliance, internal audit, or other risk management functions.” As Rogers said, “We want the courses to be relevant to the audience’s situations. We want them to make the learner think.”
- Frequently updated – One thing you should not have is the exact same course over and over again. Just as you need to assess your risk on a timelier basis, your compliance training needs to be updated for employee engagement. While some topics are so important that they have to be repeated, this does not mean you cannot keep the courses fresh with different scenarios, different approaches to the risks, different videos, different learning checks. Rogers cautioned, “To me, nothing screams “check the box” program than requiring the identical course year over year.”
- Non-Legalistic – My first Foreign Corrupt Practices Act (FCPA) training was a 278 PowerPoint slide, 7.5 hour in length, written by lawyers, for lawyers. While learning about all the relevant FCPA cases and enforcement actions to date was mildly interesting to me, all the business guys had lost interest after the first 20 minutes and were lost completely. The bottom line is tailor your compliance training to your audience, not your audience to your compliance training.
- Eliminate Redundancy – When you require multiple courses in the same year, there is bound to be some redundancy. This means you should map out the training portfolio throughout the year. As important as a non-retaliation policy is, do you really need to cover it as a learning objective in every single course? Perhaps you can cover non-retaliation in your Code courses, and then just do a short pop-out reminder that we do not retaliate in a wide variety of areas in other courses. Rogers said, “Your overall goal is to cover the topics adequately while minimizing seat time to respect the employee’s time and company resources.”
- Flexibility – Finally, your compliance training program should be designed for flexibility. Simply consider the year 2020 and the changes in risk management every compliance professional has been required to focus on. As this pace of change may well become the new normal, you now have to expect that you will determine a new or different risk which you must expect to train on. Simply think about the social justice movement after the murder of George Floyd.
It may well be that your organization may value other objectives. What the government has told us since the original FCPA Resource Guide back in 2012 is that it expects a well-reasoned and thorough approach. If you consider your design objectives early in the planning phase, it will not only meet this requirement but also become a roadmap for easier program implementation. Lastly, in this new era, you will have the ability to pivot more quickly as new compliance risks emerge.
The Compliance Evangelist
Founder, The Compliance Podcast Network
GRC Solutions' suite of compliance training courses allow you to target your business' top compliance risks. The courses are:
- backed by lawyers and compliance professionals, but written and published by qualified training experts
- kept up to date and regularly renewed
- crafted to balance liveliness of design with a respect for the professionalism of the learners
See our course library here
The Salt® learning platform offers the capacity to tailor our courses to suit your business' individual needs or to quickly roll out professional-looking training on current policy developments.
For more information go here