Compliance programs for small businesses don’t need to be complicated, overly formal or expensive. There is no need to hire a dedicated staff of internal compliance professionals. However, you should seek expert advice as you develop your program because Federal regulations of the U.S. Sentencing Commission require that a business maintain an effective compliance program to qualify for steeply reduced legal penalties should you violate federal law.
This is true even for small businesses, which are required to demonstrate the same degree of commitment to compliance as large organizations. You may not think that your business touches federal law but, think again. When you use the phone, coverage crosses state lines and the same holds true if you use the postal service and mail something out of state. Don’t be complacent and assume your small business is exempt.
Hard Law Mandates
If you are in a regulated industry such as banking, telecom or insurance, there are governing bodies that have been created to monitor and oversee expected norms of behavior through legislation. Standards often seem to change daily depending upon the political climate (both locally and abroad), a wide array of changing laws, innovations in technology and, ultimately, their degree of “hotness” on the issue list.
Depending on your business sector and whether you have a presence in the global market, you may be faced with shipping logistics, anti-bribery regulations, privacy and cybersecurity issues or local labor laws, just to name a few. Ultimately, your team must know and comply with the laws anywhere you do business and often anywhere you impact business – the ripple effect is real!
As transparency and accountability become the buzzwords of this decade, many companies are self-regulating through the use of best practices before government regulations are enforced. Creating strict internal policies and procedures, guidelines and directives, corporate compliance programs serve a number of different purposes:
To avoid regulatory penalties
To minimize the risk of litigation
To increase investor value
To act as common guideposts for the team
To uphold the business reputation of the company
Soft Law and Third-Party Standards
Many companies in industries such as electronics, telecom, energy or hospitality are using third party service providers with expert knowledge in their industries to track and measure both their compliance efforts and those of their vendors. Their goal is to improve the processes of the industry as a whole in the social impact space. Because these providers are independent, the government has no role in determining whether a selected third-party standard is acceptable or whether a business has actually met its own internal goals or that of the third party.
The ratings and standards industry is growing daily and there are a number of different metrics used that focus on different aspects of corporate accountability. Industries may have specific governing and licensing bodies or membership organizations with their own rules and regulations.
Or, third party service providers may use commonly known metrics such as the B Impact Assessment, the Ceres Roadmap to Sustainability, the Global Reporting Initiative, Good Guide Company Ratings, ISO 26000,14000 and SA8000, just to name a few.
In many instances, we are seeing that the “soft law” that is self-imposed eventually becomes the social norm and the government steps in with legislation. One perfect example of this is B Lab’s B corp certification which is voluntary but an excellent indicator to show that a company is committed to conscious and socially responsible business. Through B Lab’s advocacy, over 30 states now have legislation or “hard law” allowing companies to elect to become Benefit Corporations also known as special purpose corporations.
Just when you think you have it figured out, you will be reminded that the business of doing business is ever changing and moving. In order to be successful, you will need to be adaptable as rules become law and social norms change and evolve. Ultimately, your compliance and ethics program should continually be refined to support your company’s business objectives, identify your legal and ethical boundaries and, establish a system to alert management when that boundary is about to be crossed.
Copyright © 2019
All rights reserved – Linda Lattimore