Ihre Browserversion ist veraltet. Wir empfehlen, Ihren Browser auf die neueste Version zu aktualisieren.

Prevention

A core task of compliance is to avoid reputational, liability and criminal liability risks for the company, the management and the employees. This is done by preventive measures such as

  • Establishment of a compliance organization structure: Management decideds about the form of a compliance organization and establishes, for example, a compliance function whose tasks are well defined. The existing structures play an essential role, where and in what manner compliance functions can be settled. Independence and reporting lines to senior management and the supervisory board and the interface in areas such as legal, audit or data protection issues should be included in the considerations.
  • Risk analysis: A risk analysis provides an overview of all existing risks, their probability of occurrence and impact. Are the measures sufficient that have been taken, or is there more need for action? An evaluation shows the status quo, progress in the compliance system or weaknesses that should be eliminated.
  • Design and implementation of guidelines and codes: Ethical values ​​must be lived, but which are of importance for a company? Often regulations can be found in the so-called Code of Conduct / Code of Ethics or as part of other policies on the following topics :
    • Accepting and giving gifts
    • Invitations to events (including the tax rules - distinction between entertainment, conference and mixed forms - or for procurement)
    • Dealing with customers and business partners
    • Donations and sponsorship
    • Avoid conflicts of interest - separation of private and business (e.g. the combination of business and leisure travel )
    • Dealing with ( "insiders" - ) Information and Privacy
    • Competition and Antitrust
    • Anti-bribery / corruption , money laundering, economic crime
    • Prevention of violations of financial sanctions
    • etc.

    The right design should be based on business and market benchmarks. A regular communication and training are examples of a suitable implementation
  • Communication and training: The management sets the tone. A compliance culture must be daily lived and communicated. Employees and managers should always be aware of, what is the significance Compliance for the company and their own daily work.

    All media should be open for communication of compliance issues. One should have to always be aware that, for example an intranet does not reach all employees and sometimes goes down even an e-mail in the floods of information. Therefore, a personal approach of our colleagues through training or meetings in departmental or teammeatings is a very important medium.

    Training must be designed and tailored to the respective recipients. Depending on the size of the company training may be offered by the compliance function or by the executives (" train the trainer"). In addition, web-based training tools can be used. The participation and understanding of the trained topics should be documented.
  • etc.