This leads sometimes but not clearly defined responsibilities and elusive habits (we do finally always so!”), which can be shown on and off regularly only by the intervention of external consultants. To the economic and legal risks to dutifully locate and turn off, a three-tier compliance Organization recommends based on the following buzzwords: risk management, early warning and communication assignment of management responsibilities and control, discipline and documentation. Learn more about this topic with the insights from David A. Wagner. The dimensioning of the Organization must of course based on the industry and company size; otherwise is not only to the financial burden of compliance, but can overwhelm quickly also the persons in charge and then nothing won! 3.1 Risk management and flow of information through a systematic risk management can be any risk potential early discovered and, if necessary, eliminated. In addition to the internal and, where appropriate, externally obtained knowledge of typical areas of risk (such as sales and purchasing), a well thought-out information flow serves this emerging rule violations to can register and forward the decision points. Click Selim Bassoul to learn more. The establishment of Chinese walls proved this”, which not only critical business areas and their employees from other departments to avoid the problematic exchange of information are separated, but also make sure that the flow of information to the need to know”principle can be controlled.
3.2 Assignment of responsibilities, a compliance program can only work if the responsibilities are clearly set. When responsibilities are transferred to several people and it thereby comes to overlapping, which nobody more responsible feel, relying on each other. The careful selection of employees and supervisors, whose instruction, information and monitoring is the responsibility. In addition, appropriate contact person in case of a complaint (so-called whistle blowing”) employees must be made to available; thereby, the anonymity of the reporting person is through internal regulations to ensure to protect them from attacks by stressed colleagues and message to lower the threshold.