For the last two decades, companies have been expected to establish effective compliance and ethics programs. The COVID-19 pandemic has highlighted why a compliant ethics program is an absolute business necessity.
Remote workplaces have introduced a new range of compliance risks causing the Department of Justice (DOJ) and Security Exchange Commission (SEC) to issue new guidance on corporate compliance programs. According to a recent Deloitte study, a few factors have led to these new developments, including a significant increase in fraud and whistleblower activity, and disruptions stemming from remote work (workplace safety conditions, cyber security, data protection etc.)
Whether you’re gearing up for an IPO or simply need to refresh your current program, a compliance and ethics program can seem daunting.
Where should you start?
Three main legal frameworks should guide an effective compliance program: U.S. Sentencing Guidelines, Sarbanes Oxley, and Stock Exchange Rules. At its core, an effective and compliant program protects a business and its stakeholders by preventing and detecting improper conduct.
In 1991, the U.S. Sentencing Commission established the most recognized standards for an effective Program within its Sentencing Guidelines Manual, Chapter 8, Part B.
In short, these guidelines state that to have an effective compliance and ethics program, an organization must take reasonable steps to:
In 2002 the Sarbanes-Oxley Act was passed by Congress to help protect investors from fraudulent financial reporting by corporations.
SOX requires companies to establish a Code of Business Conduct and Ethics to cover a Code of Ethics requirement as provided by the SEC’s Section 406 of the Sarbanes-Oxley Act.
Essentially, a public company’s management must establish adequate internal controls, promote honest and ethical conduct, regularly disclose their framework of controls and any waiver in their code of ethics. Employees must have a way to anonymously submit concerns or complaints regarding ethical issues. And, public companies are required to have an always accessible whistleblower hotline.
The Committee of Sponsoring Organizations (COSO) framework serves as the “gold standard” that most public companies in the United States use to satisfy these requirements. COSO is made up of seventeen principles for an effective control environment, divided into five categories (C.R.I.M.E).
If an organization plans to go public, it’ll also need to meet specific compliance rules issued by its stock exchange.
The NASDAQ, under Rule 5610, requires companies to:
The New York Stock Exchange (NYSE), under Rule 303A, requires companies to:
You’ve reviewed the three legal frameworks, the new guidelines, and dozens of pages of documents. What should you do next? Build out your business program and Code of Business Conduct and Ethics.
As long as you keep these three main points in mind, you should be able to establish or effectively update a robust compliance and ethics program.
Once your foundation is established, the final steps are to heighten your company’s diligence and maintenance of the compliant ethics program.
As we prepare to transition into a post-COVID-19 world, it’s clear that programs and cultures of the past may no longer be adequate. But, taking advantage of this opportunity for a new or refreshed compliance program, in considering the new normals to come, will ensure that your company and its stakeholders are well protected and prepared.
The AllVoices platform is SOC2 and SOX compliant yet more modern, mobile, and user-friendly than a typical whistleblower hotline. It is a simple solution to ensure that your company is up to date with the newest DOJ guidelines and values of a modern workplace.
With the help of AllVoices, your compliance team can proactively improve workplace culture and give employees an anonymous way to report or voice their concerns. The incredibly user-friendly design features customizable dashboards that allow companies to be vigilant in staying compliant, following up on reports, and proactively identifying issues.
AllVoices allows you to check the box of being compliant and take it a step further- genuinely benefit from the honest feedback and voices of your employees.