In this blog post we look at answers from two representative companies to the question:
What is the status of your compliance?
Both organizations are "in compliance" using Compliance 1 measures, however, they are both not doing compliance the same way.
Which company do you think is doing compliance better and does it matter?
The answers are fictional but based on an aggregate from conversations I have had over the years.
Here are answers from 5 compliance roles at "We Make Things, Inc."
We Make Things, Inc.
What is the status of your compliance?
CEO, We Make Things, Inc.
Answer: We have someone who looks after compliance.
Chief Compliance Officer, We Make Things, Inc,
Answer: We are always in compliance with all applicable laws and regulations as far we know.
Safety Manager, We Make Things, Inc.
Answer: We passed our last audit.
Quality Manager, We Make Things, Inc.
Answer: We are certified to ISO 9001.
Environmental Manager, We Make Things, Inc.
Answer: We comply with all greenhouse gas emissions reporting.
This company is in compliance and doing what they believe they need to do. On paper everything looks just fine.
Now, let's look at the answers from our second organization for the same roles:
We Make Other Things, Inc.
What is the status of your compliance?
CEO, We Make Other Things, Inc.
Answer: I take a personal interest to ensure that we meet all our obligations. To ensure that we do, we choose higher standards than asked of us. Our customers are delighted with our products, our shareholders want to invest more, our employees see a future with us, and our communities are happy to have us operate. If we are not living up to our standards let me know and I will make sure that we do better. You can hold me accountable to that.
Chief Compliance Officer, We Make Other Things, Inc.
Answer: We have a high level of confidence that we will meet all our obligations based on consistently achieving measures of effectiveness, performance, and conformance year over year. We communicate all our measures of assurance to our stakeholders to keep us accountable and on track.
Safety Manager, We Make Other Things, Inc.
Answer: All our safety obligations, commitments, risk and measures are documented, measured, controlled and continuously improved to meet higher standards of safety. We are making continued progress evidenced by fewer incidents and lower risk which we continuously measure and evaluate. We are very proud of our results. Would you like to see them?
Quality Manager, We Make Other Things, Inc.
Answer: All our quality obligations, commitments, risk and measures are documented, measured, controlled and continuously improved to meet higher standards of quality. We are making continued progress evidenced by fewer defects and lower risk which we continuously measure and evaluate. We are very proud of our quality just talk to our customers.
Environmental Manager, We Make Other Things, Inc.
Answer: All our environmental obligations, commitments, risk and measures are documented, measured, controlled and continuously improved to better our environmental stewardship. We are making continued progress evidenced by lower emissions, lower risk and reduced impact on the environment which we continuously measure and evaluate. We are very proud of our progress. We plan to meet net carbon neutrality early.
Which one does compliance better?
Clearly, there is a difference from the previous answers.
The first organization:
is doing the minimum and perhaps less than that
probably considers compliance as a necessary evil (a tax on production)
is not viewing compliance as mission critical
Is reactive with their compliance
Does not really know how well they are doing.
Most likely is not realizing any of the benefits from being in compliance
The second organization:
is taking ownership for their obligations across all levels of the organization
treats compliance as mission critical
provides a greater measure of assurance that value (in the broadest sense of the word) is protected.
is proactive with their approach to compliance
measures how well they are doing with their compliance
is realizing the benefits from their compliance effort
Do you think these differences matter?
Which company would you want to work for or buy products from? If you were an investor which one would you rather invest in? Which one do believe will reach their mission goals and objectives?
This is the climate that organizations are facing and these are the some of the questions that stakeholders (customers, employees, communities, shareholders, suppliers, etc.) are asking.
How would you answer these questions for your organization? What is the status of your compliance and do you think it matters?