“Even if the company is convinced of the necessity to have a compliance strategy, it is always necessary to fight for and find striking arguments to reach the expected awareness.”
Failures and success
Let’s talk about complexity, success, and failure. In your role, what was the biggest challenge in implementing a compliance management system for companies?
Bénédicte: I experienced the greatest biggest difficulty some years ago, which was definitively to deploy a compliance program from a French group in their subsidiaries located around the world – that is to say in 60 different countries. We truly started from scratch as no structured compliance standards were available at the group level in France, which is a reality for quite the majority of French groups (except for banking companies since the Basel Accords from the nineties) and is quite different than for their counterparts in Germany. This time, I defined all compliance processes, guidelines and the implementation of a whistleblowing system with partners having differing cultures and with entities having specific legal prerequisites. A challenging and know-worthy experience which made me sure that I wanted to continue strengthening my compliance expertise.
Maria: First of all, it depends on the personality of the persons with whom you must deal. Even if the company is convinced of the necessity to have a compliance strategy, it is always necessary to fight for and find striking arguments to reach the expected awareness. Resources matter also in order to implement the adequate compliance program: Doing business integrity check requires access to databases; building anticorruption trainings adapted to the riskiest targeted units in the company such as sales, marketing and procurement.
Maria, in your former position as an in-house compliance manager, did you have any difficulties in convincing your counterparts to abide by data protection compliance rules and internal processes?
Maria: The cliché of the carrot and the stick remains true in this constellation. Indeed, in 95% of the cases I was able to convince managers to enforce or respect compliance processes when I reminded them of the possible financial fines, criminal responsibility (custody, jail) and disciplinary sanctions including dismissal. It is a persuasive argument for any person with common sense. Compliance is a procedure of change mentality that requires professionality, endurance and conviction from the compliance officer. It takes time.
What was your biggest success for which you can say “Wow, we managed to do it!”?
Bénédicte: My big successes have been those I previously mentioned in the challenges encountered when I implemented compliance programs for German subsidiaries of French groups not having pre-existing compliance standards.
Erfolg braucht Regeln!
Haufe Compliance Office Online
Mit dem Haufe Compliance Office minimieren Sie ganz einfach Ihr Haftungsrisiko. Denn alle Ihre Mitarbeiter kennen, verstehen und erfüllen rechtliche Vorgaben sowie unternehmensinterne Verhaltensstandards und Richtlinien.
Schlagworte zum Thema: Compliance-Beauftragter, Compliance-Management, Compliance, Compliance-Kultur, Whistleblowing
- Compliance Regeln und Richtlinien
- Corporate Compliance
- Compliance Management System
- Aufbau eines Compliance Management Systems
- Behörden warnen vor gefährliche Maleware-Mails und Online-Betrug via Pop-ups
- Legal Compliance
- Walk the Talk - Führungskräfte als Vorbild
- Compliance Abteilung aufbauen
- Treuepflicht des Gesellschafters in der Krise: "sanieren oder ausscheiden"
- Existenzstrategie: Risikoanalyse
- Wie lange dürfen Bewerbungsunterlagen gespeichert werden?
- Wann muss eine öffentliche Ausschreibung erfolgen?
- Compliance Regeln und Richtlinien
- Last Minute DSGVO-Informationsangebot für Vereine und Klein(st)unternehmen
- Compliance Officer: Aufgaben und Berufsbild
- Welche Formulierungen in einer Stellenausschreibung können diskriminierend sein?
- Bring Your Own Device: Vorteile, Nachteile, Rechtsrahmen
- Dürfen Teilnehmerdaten an Referenten weitergeben werden?
- Geschenke und Einladungen: Was lässt Compliance zu und was ist tabu?
- Berufsgeheimnisträger müssen E-Mails mit sensiblen Daten verschlüsseln