An organization that engages in compliance training typically hopes to accomplish several goals: (1) avoiding and detecting violations by employees that could lead to legal liability for the organization; (2) creating a more hospitable and respectful workplace; (3) laying the groundwork for a partial or complete defense in the event that employee wrongdoing occurs despite the organization’s training efforts; and (4) adding business value and a competitive advantage.
Organizations offer their employee’s compliance training on a wide range of topics, including workplace discrimination and harassment, dealings with competitors, insider trading, protecting trade secrets, records management, bribery, and kickbacks, etc. Typically, most or all of these compliance topics are addressed in an organization’s Code of Conduct, and the organization may offer employees annual or bi-annual Code of Conduct training in lieu of requiring employees to take multiple individual training programs.
Based on the definition of compliance training, it has really been around for as long as employers have been training their employees about company policy and procedures. Compliance training in the U.S. which refer to how employees are to act and be treated in the workplace can also be traced back to the creation of the United States Labor Laws as early as 1914.
“The history of how compliance regulations and mandates came about is not linear and completely clear, however, most refer that it began around the Reagan scandals during his presidency. Moving ahead from that, it was the early 1990’s after the Federal Sentencing Guidelines promised reduced fines for implementing an Effective Compliance and Ethics Program (ECEP). The last phase came from a number of high profile corporate corruption cases that include companies such as Enron, MCI/WorldCom, and Tyco.”
Types of Compliance Training
There are many industries that require highly specialized and unique compliance training. Some of these industries include the medical industry, banking industry, pharmaceutical industry, and the food and beverage industry.
Who is required to have compliance training?
Companies in all business sectors are under pressure to demonstrate that their employees are trained in laws and regulations, and internal policies, that pertain to their roles. Most notably, companies in the financial and healthcare sectors – who face stringent regulations – and publicly regulated companies have taken the lead by instituting firm-wide compliance training programs. For example, WalMart would be required to train their employees on sexual harassment, data security, anti-harassment, and more.
Compliance training can be performed in-house by compliance training specialists or hired out to consultant firms. Some compliance training is done online.
Penalties for non-compliance
While this is entirely tied to the realm of compliance that is being considered, the penalties can range from a Fine, through the seizure of company assets, to jail time for executives of the company at fault. For example, the consequences of not being compliant with Anti Money Laundering cost the Las Vegas Sands Resort to pay $47 Million in penalties for suspicious credit card transactions.
HIPAA fines for lack of compliance can be staggering as well. In the past, the Alaska State Department paid $1,700,000 in fines for an Unencrypted USB hard drive stolen, poor policies and risk analysis.