This post is written as a letter in response to typical inquiries from organizations looking to make improvements to their compliance. While this letter is fictitious it is representative of common situations facing businesses today.
Dear Business Owner,
Thank you for reaching out to me about your compliance situation. I agree with you that the risk and compliance landscape is overly complicated and it makes sense that you now find yourself frustrated, overwhelmed, and unsure you are meeting all your obligations.
The advice you received to adopt a management standard and implement a compliance system for every compliance objective: safety, security, sustainability, quality, legal, and so on is not unusual and for large organizations is common practice. At the same time, your comment that your budget does not support this approach is a very real concern shared by many.
You also mentioned your organizational culture is mostly negative towards compliance and sees it as a non-value add and a tax on production. This is also commonplace particularly for organizations that are new to compliance or have taken a check-box or reactive approach to compliance.
Now, with respect to your specific question as to what you should do; here is what I recommend:
Start with making a commitment to own all your obligations. This is necessary before any meaningful change can occur. Ownership of obligations leads to greater levels of accountability and proactivity so its important to start there.
Develop an integrative roadmap. This step maps your current capabilities to what is needed to meet all your obligations and keep all your promises on a continuous basis. This will form the basis for an overarching compliance program. During this step you should also learn essential concepts and principles as you create your road map towards greater proactivity and certainty in meeting all your obligations and keeping all your promises.
Operationalize your compliance. This step is where you build what’s essential to operationalize your obligations. A minimum level of operability, Minimum Viable Compliance (MVC), is necessary before actual benefits can be realized. During this step your team should establish essential functions, behaviours, and interactions to achieve Minimal Viable Compliance (MVC) to begin enjoying the benefits that come from staying between the lines and ahead of risk.
Elevate your compliance. This step focuses on continual improvement raising the bar to new heights of effectiveness and value. This means more than incremental improvements. To advance compliance outcomes you need to advance compliance capabilities. That’s why this step is a game changer. It takes everything to the next level.
These four steps will help you develop essential capabilities along with building a culture of compliance that generates compounding benefits over time with lower risk, reduced cost, and greater assurance. I believe this will provide greater value to you than just passing an audit or achieving certification alone.
To help work through these steps, I designed “The Proactive Certainty Program™” which follows these steps in a structured manner facilitated by myself or one of our compliance experts.
You don’t have to wait to get started. You can become a member of this program by completing our Proactive Certainty Scorecard and participating in a free orientation session. During this session we will review your results, discuss opportunities to improve your compliance, and decide together if this program is right for you.
I realize this program is not for everyone as many are unable to take the first step of owning their obligations. However, for those that do, this program helps them garner greater stakeholder trust and achieve greater business success in the marketplace.
I trust I have addressed your concerns and provided a path forward to help you deliver compliance value.
I look forward to helping you achieve compliance success.
Be Proactive,
Raimund Laqua, PMP, P.Eng.
Founder, Chief Compliance Engineer
Lean Compliance
