Building an Effective Corporate Compliance Training Program
-
Upload
navex-global -
Category
Business
-
view
536 -
download
1
description
Transcript of Building an Effective Corporate Compliance Training Program
CLIENT CONFERENCE
Ingrid Fredeen, JD and Mary Bennett, RPh
Building An Effective Compliance Training Curriculum
CLIENT CONFERENCE
CLIENT CONFERENCE
Presenters Ingrid Fredeen JD, VP Ethical Leadership
Group
Mary Bennett RPh, VP Ethical Leadership
Group
CLIENT CONFERENCE
Overview
CLIENT CONFERENCE
Reality Check Reality Check
Too many needs
Too little time
Not enough resources
But training is essential in the compliance world
Communicate values
Meet legal obligations
Mitigate legal and reputational risks
Be thoughtful and thorough
CLIENT CONFERENCE
Curriculum Mapping
Education
Roles
Risks
Curriculum
Map
Education by risk & job role
Education by risk
Education by job role
Risks by job role
CLIENT CONFERENCE
Navex Global client survey results
6
Yes 40%
No 47%
Not sure 13%
Has your organization prepared a formal curriculum map for ethics and compliance
training?
CLIENT CONFERENCE
7
We don't map 38%
Not a total disaster
23%
Good 31%
Extremely well 8%
How well do you think your organization does at curriculum mapping?
Navex Global client survey results
CLIENT CONFERENCE
Effective Methods
Targeting, Depth, and Frequency
Identifying Risks
Curriculum Mapping Process
CLIENT CONFERENCE
Identifying risks and training topics
CLIENT CONFERENCE
Risks areas are determined by: Industry
Legal requirements
Changes in your business (acquisitions, right-sizing, etc.)
Internal drivers (culture, leadership, fear, etc.)
Internal trend data (i.e., litigation and agency proceeding data, hotline data)
Fact gathering & anecdotal evidence
Assessment results
CLIENT CONFERENCE
Assessing compliance risks
• Conduct a formal risk assessment with SMEs and business leaders
• Speak with internal subject matter experts
• Analyze case management data
• Conduct culture assessments, employee surveys and focus groups
• Review policy certification feedback
• Monitor for trends with eLearning
• Review pending laws/regulations
*Be prepared to take action on results.
CLIENT CONFERENCE
Not all risks are created equal. Assess each risk to help guide your level of response.
Consider the following for each identified risk:
• Likelihood/frequency
• Impact (both time and money)
• Who needs the training
• Goal (avoid, reduce, transfer, or retain the risk)
Consider using an attorney to assist with this assessment.
12
Analyze the risks
CLIENT CONFERENCE
What compliance topics are most important to your organization?
13
0% 20% 40% 60% 80%
Other
Union Awareness
Anti-trust
Insider Trading
Violence & Bullying
Reporting & Retaliation
Wage & Hour
Bribery & Corruption
Diversity
IT Security & Privacy
EEO/Discrimination
Harassment
Ethics & Code of Conduct
Source: ELT: Trends in Compliance Training (March 2012)
CLIENT CONFERENCE
Depth & Frequency
CLIENT CONFERENCE
The curriculum map
15
Retaliation
Antitrust
Wage and Hour
Anti-bribery
Harassment
Conflicts of Interest
Ethics & Code
Discrimination
Determine the audience that needs training
on each risk area. Get granular if needed.
Don’t forget about new hires and
promotions.
For each audience,
determine depth and
frequency of training
For each group, determine the method and establish a calendar.
Keep in mind your budget and time
constraints.
Action 1 Action 2 Action 3 Risk Areas
CLIENT CONFERENCE
4/3/2012 INSERT > Header & Footer 16
Risky Role: Employees who by nature of
their role engage in conduct that can create risk in a specified area
Spotters: Those who by nature of their role may see red flags or be able to spot an issue
(witness and report)
Aware: Those who should receive training to
enhance organizational culture and create general awareness
Targeting & Depth
Conduct in-depth training at regular intervals. Augment training with more
frequent, shorter training opportunities
Conduct in-depth training at regular intervals. Augment training with frequent,
shorter training opportunities with a focus on spotting and reporting
Conduct awareness-level training at regular intervals. Augment with reinforcement activities to help maintain culture and
promote reporting
Grouping Your Learners Determining the Depth
GR
OU
P 1
G
RO
UP
2
GR
OU
P 3
CLIENT CONFERENCE
Frequency Critical risk areas
• Full course training at least every 12-24 months
• Augmented with less formal methods of training on a regular basis
• Morgan Stanley did it right
For other risk areas:
• Should still be communicating with employees regularly
• Use more frequent but less extensive solutions to ensure employees understand expectations and resources
• Consider training a smaller audience using deeper dive approach
17
CLIENT CONFERENCE
18
0-3 hours 17%
4-6 hours 67%
11-15 hours 8%
+21 hours 8%
On average how many hours of formal E&C training do you deliver each year to each employee?
Navex client survey results
CLIENT CONFERENCE
Methods
CLIENT CONFERENCE
Assess Current State
• What methods are being used and how
successful are they
• What methods are most effective for your
audience
• Is training mandatory or optional; do you need to
change this
• How old is the current content; who will update it
or how will you get it refreshed
• Are you planning any technology enhancements
that could change delivery options
• Are current vendor relationships meeting your
needs
CLIENT CONFERENCE
Consider a wide array of methods
Formal
Live & eLearning full course
Manager-led live sessions
Informal
Group/team discussions
Collaborative learning and
social networking
Employee or peer-to-peer
learning
Sharing success stories
Awareness
Policy distribution
Burst learning
Paper/digital documents
CLIENT CONFERENCE
Evolve the way you communicate
22
Internal social networking sites, some with video podcasts on specific topics
“Gamification” and encouraging departments to compete against each other
Manager meeting support materials (such as branching scenarios)
CLIENT CONFERENCE
Assessing effectiveness
CLIENT CONFERENCE
Update the map every 12-18 months
Assess success against prior
goals/objectives
Have any risk areas changed
Has business changed in any
fundamental ways over past 12-18
months
Assess new trends in training delivery
Linking evaluation methods to goals Level 1: Reaction Level 2: Learning Level 3: Behavior Level 4: Results Level 5: ROI
What it measures
• Were the participants pleased?
• Was the design and
presentation of the program engaging?
• What did they remember and learn?
• What skills, knowledge or attitudes have changed? By how much?
• Did participant behavior change?
• Are they more likely to do the right thing?
• Did it yield value for the business or organization?
• Did productivity, morale, and attitude improve?
• Were costly ethics and compliance violations averted?
• Compare program costs to company benefits, often in monetary terms and percentages.
Tools and timing
• Post-training feedback sheets
• Action plans
• Complete immediately or soon after training completion
• Uses surveys, quizzes, case studies, or similar
• Pre-test to establish baseline; post-test to measure change
• Post-test immediately/ up to one year after training
• Direct tools (surveys, progress on action plans) detect changes in learner’s perception of own behavior
• Indirect tools (questionnaire to someone close to learner) typically yield less biased results
• Collective changes detected with standard compliance measures (number and type of legal actions, helpline trends)
• Common tools: surveys, focus groups, and organizational data
• Must gather data pre- and post-training
• Measure over time and across organization
• Measurement examples: trust in management, respect for managers and employees, belief that the company will do the right thing
• Difficult to measure for ethics - can attempt to quantify money saved through avoided legal actions, fines and penalties, and reputational damage
Source: Creating and Measuring Effective Compliance Training, Mary Bennett, Compliance Today, Sept 2009
CLIENT CONFERENCE
Linking evaluation methods to goals
Source: Creating and Measuring Effective Compliance Training, Mary Bennett, Compliance Today, Sept 2009
Level 1: Reaction Level 2: Learning Level 3: Behavior Level 4: Results Level 5: ROI
Practical application
• Tools credible, inexpensive, easy to use
• Satisfaction does not always equal effectiveness
• Level 1 is most
common type of evaluation but cannot measure Guidelines’ effectiveness standards
• Helps improve content, design, venue, and facilitation
• Tools vary in cost and credibility
• Useful for identifying remaining knowledge gaps
• Level 2 evaluation is very useful with high risk audiences who must accurately know the content, as in meeting legal obligations
• Indirect tools difficult to implement
• Difficult to directly link measurements to training alone
• Behavior change is sweet spot for ethics and compliance training.
• Moderately expensive due to scope
• Results give insight to culture and possible impact of the ethics and compliance program
• Levels 2, 3, and 4
evaluation can be done with one well-designed survey –more useful when combined with focus group data
• Business leaders want this information, but most would see hard metrics for what they are – wild guesses
• Best question to ask when faced with ROI request: Will we stop our ethics and compliance program if we can’t show a financial return?
CLIENT CONFERENCE
Measure your training effectiveness
Review data sources for changes post-training
o Helpline data
o Legal actions
o Audit findings
o HR actions
27
CLIENT CONFERENCE
Evaluation common and best practices
Common practice
• Measures of reaction and learning (levels 1&2)
• Feedback sheets immediately after training
• Sometimes a survey or questionnaire at variable interval post- training
Best practice
• Pre-training survey/quiz
• Surveys to evaluate learning, behavior and results 1-3 months post-training
• Supplemental focus groups and analysis of organizational data
28
CLIENT CONFERENCE
Questions
CLIENT CONFERENCE
Thank you