As companies ramp up compliance and risk management training in 2021, one key question emerges.
With data breach incidents and compliance audits rising and as regulators demand stricter rules on how sensitive information is shared, how can companies properly train team members to be good stewards of customer data – and do so for the long haul?
That’s a question compliance officers are asking their teams in early 2021 – and they don’t like the answers they’re getting.
Case in point: A 2020 Brandon Hall study noted that 77 percent of companies say they deal with an external audit at least annually, yet only 48 percent of managers say they’re company is “fully prepared” for a compliance audit.
Building Sustainable Compliance Training Programs
One way to properly ensure that your company can glide through a compliance audit is to provide employee compliance training that “sticks.”
That task isn’t always easy, but with some fresh thinking and disciplined training protocols, getting staffers to really engage with company compliance programs is easier than you may think. Start with these action steps.
Engage your team members. While compliance officers undoubtedly recognize the importance of a robust internal compliance program, the average employee likely does not – or at least underestimates its importance.
Change that scenario by creating ongoing compliance training that engages staffers and that builds compliance as a company-wide priority for the long haul.
Do that by meeting today’s workforce where it’s most comfortable – in the digital domain.
Instead of old school classroom sessions where lectures dry up any potential employee enthusiasm for compliance, apply e-learning tools like mobile phones and apps, social media, video libraries that are easily accessible to workers, and even online game-like interactions. The digital tools will appeal to workers (especially younger ones) and enable compliance managers to more easily test staffers’ knowledge of company compliance issues against other employees.
Make compliance learning accessible to staffers. A big part of the compliance training problem is that training is structured as a “one-off” classroom model, where employees meet every quarter or so to learn more about company compliance issues and goals. Odds are, once they leave the classroom setting, any supporting materials – and any enthusiasm – are discarded promptly.
Avoid shifting your company’s compliance training to 24/7 mode, with full and easy access to mobile apps and alerts that enable a staffer to check in when he or she has an hour free to do so. Companies should make it mandatory that employees put the time in on compliance study on a regular basis to boost compliance training outcomes.
Mobile apps – another digital platform that most employees are used to using – are a great way to keep learning effective and sustainable.
Make management walk the walk. Company employees tend to follow the company’s culture and think and act in the same way they see managers do.
That’s a problem if a company’s highest-profile talent minimizes or ignores compliance training concepts, which usually leads to minimizing or ignoring organizational compliance policies. Fix that issue by prioritizing management adherence to internal compliance rules and building compliance training programs that ensure the engagement and buy-in of top company talent.
For example, if your training module in a remote working environment emphasizes full compliance with company offsite data handling, managers should lead the way and promote the training and tools needed to ensure full data management compliance.
When you take a “top down” company culture approach to compliance training, you’re getting the persuaders and influencers needed to spread your compliance training message across the company – ensuring more robust company-wide adherence to organizational compliance training.
Test and verify training results – constantly. The best way to see if your long-term compliance training is “sticking” is to install a policy of frequent assessments and program testing.
The fact is, your company should be conducting tests and audits on compliance training – government regulations mandate internal control programs, including compliance training, for proper compliance purposes. Companies should both accelerate and improve those verification programs and take compliance training protocols beyond government mandates.
How best to do so? Start with these tips:
— Obtain evidence that not only are employees completing compliance training programs, they’re using the information they’ve learned every day in the workplace. That’s the best way to demonstrate internally that staffers are following training lessons and are engaging in compliant behavior.
— Leverage mock audits. Using audits – especially surprise audits – can up your company’s compliance training game. A good audit should reveal any problems or areas of potential risk, thus giving your company a “heads up” on compliance weaknesses along with a clear path to solving those problems.
— Surveying and testing employees who’ve undergone compliance training is another valid way to benchmark training outcomes. Even a short quiz issued on a weekly or bi-weekly basis can be enough to see where your compliance training program stands.
Ideally, it’s best to quiz or test employees in the immediate aftermath of a compliance training session or module. If a staffer doesn’t pass muster on a compliance test, have that employee take the same program again.
The employee won’t like it, but will know the way forward is to plug into compliance training and pass company tests.