Would you spend more than $7,500 to buy a coffee maker? Or $435 on a hammer? Or $600 on a toilet seat?
Probably not. But what if you worked for a company that sold items like those and you had a customer who was so desperate or disorganized that they’d pay those grossly inflated prices? What would stop you from making the sale other than your conscience?
That was essentially the situation discovered some 40 years ago at the U.S. Department of Defense (DoD): lax procurement policies enabled vendors to rake in billions of dollars annually by selling the DoD spare parts at highly inflated prices.
In this article
The rise of the compliance manager
The scandal that ensued was a real eye-opener, especially the realization that the problem was ethical, not legal. Who oversaw ethics? Overcharging for something isn’t unlawful, so it wasn’t necessarily the job of the lawyers. No accounting practices were violated, so the auditors were off the hook. Under pressure from lawmakers, the defense contractors ultimately came together to form an Ethics and Compliance Organization (ECOA). And so, the idea of the compliance manager role was born.
Compliance manager jobs are found across a wide range of industries today. They sometimes come under other titles such as compliance officer, compliance specialist, security compliance manager, or compliance coordinator. It is a recognized function in today’s enterprise, and often the holders of these jobs have a compliance certificate. But what is a compliance manager? What does a compliance manager do? What are the compliance manager requirements?
Defining the compliance manager’s role
The original and prevailing idea of the compliance manager job was to put someone in charge of the processes for managing risk and compliance and maintaining ethical (and legal) integrity:
- Identifying the risks that could cause ethical lapses (risk management);
- Designing and implementing controls to prevent those risks from becoming a reality (project management);
- Continuously monitoring for weaknesses (operations management); and
- Advising the c-suite and the board of directors to ensure ongoing compliance.
It hasn’t been easy going. Since the defense department debacle, there has been the savings and loan scandal, the junk bond scandal, the Enron scandal, and the historic financial crisis of 2007-08 that included revelations of misconduct at a wide range of financial firms.
Lawmakers, regulators, and industry associations have responded with more policies and laws, such as Sarbanes Oxley. Also, add in the plethora of regulations including HIPAA (healthcare), ISO-27001 (IT), PCI DSS (credit card transactions) and GDPR (data protection) prompted by the privacy and other concerns surrounding the growing use of digital technology.
As a result, there is growing pressure on compliance managers to understand a broader range of risks and have the expertise to implement a variety of controls.
Tools to make a compliance manager’s job easier
In a small company, keeping track of compliance issues might be handled with ad-hoc tools such as spreadsheets. But as a business grows and adds both employees and customers—making more sales, collecting more data and coming under the purview of more standards and regulations—the risk of noncompliance grows.
What is a compliance manager to do?
Some baseline tools for the compliance manager include ones that establish core capabilities for storage management and security management—helping you keep the required information stored and protected as per the legal requirements.
Another critical tool in the compliance manager’s arsenal includes governance, risk management, and compliance (GRC) software solutions. GRC solutions help automate much of the work associated with documentation and reporting, providing a manager with checklists, apps, workflows, and other capabilities to ensure that the right processes are in place to address key compliance requirements.
GRC solutions are increasingly using technology such as natural language processing and artificial intelligence to sort through business data and proactively identify compliance risks.
Just as enterprise resource planning (ERP) became the foundation for supply chain intelligence, and customer relationship management (CRM) became the building block of customer intelligence, GRC is becoming essential to compliance intelligence. Increasingly GRC solutions are becoming available as cloud-based solutions, making it easier for customers to access various auditing and risk management capabilities on the fly.
Templafy’s value to compliance managers
Reducing the risk of incompliant documents being produced in your organization is a key value Templafy offers.
Due to increased regulation, the legal language included in documents has become more critical. This is a major challenge. Even something as seemingly innocent as typographical error can expose an organization to legal repercussions, especially when it is repeated across scores of documents.
Centralized solution
Templafy provides a comprehensive enterprise-wide solution for dynamically managing document templates and their related digital assets, including compliance language and legal disclaimers.
With Templafy, compliance managers can centrally manage access to compliant document templates for all employees. Templafy can automatically attach an organization’s most up-to-date legal disclaimers to document templates and emails.
With Templafy’s Builder feature, employees at all levels can easily create complex contracts that follow the latest regulations. Compliance managers can also create legally compliant text elements which employees can insert into documents with just a click. With Templafy, compliance managers can trust that all employees have the tools they need to create compliant documents.
Easy to roll-out updates and changes
In the event of a regulatory change, Templafy’s centralized administration platform makes it easy to roll out updates to the whole company or just specific users filtered by department, country, etc. The need for IT involvement is removed, and all document templates and content assets are accessible locally or through the cloud.
Filtered access
With Templafy, you can ensure compliance even further by filtering access to templates and content according to user profiles, which is a key requirement of the GDPR. Employees will only see and have access to content that’s relevant to them, reducing the risk of incorrect templates and elements being used, and saving users time when searching for document templates and content.
Easy to use
Templafy does not replace your use of popular document creation programs such as Word or PowerPoint—it enhances what you can do with them. Templafy is an add-in inside Microsoft Office, SharePoint, Google Drive, etc. so when a user accesses the program, Templafy makes templates with up-to-date legal disclaimers easily available. Employees are likely to use the most up-to-date document templates because they are made instantly available right within the office application they are already using.
Drag-and-drop access to repeatedly used text elements eliminates repetitive tasks for companies and teams with significant compliance challenges, such as HR and legal.
Different industries have different compliance requirements—Templafy’s document creation solution can be adapted to any and all of them. That’s why Templafy should be part of the toolset for today’s compliance manager. Get in touch and let us show you how Templafy can help you address your specific compliance requirements.