Employee Compliance Training: Five Steps to Do It Right

In our article in a recent edition of this journal, we covered the role of top management in creating effective corporate compliance/anti-corruption program. In this article, we continue sharing insights and practical recommendations which are helpful in building another pillar of the compliance temple — employee corporate compliance training.

Similar to the “tone at the top” element discussed in our previous article, staff training is  highlighted in the U.S Department of Justice “Evaluation of Corporate Compliance Program” guidance¹ (the Guidance), which is currently considered to be the minimum standard for companies aiming to meet the expectations of U.S. enforcement authorities from an effective compliance program.

We focus our attention on U.S. regulations because the problem of corruption these days is no longer viewed merely from the perspective of local legislation, and the U.S. is a leader in shaping the matter. In addition, certain factors, like the use of email or settlement through a foreign bank, can trigger liability for corruption offences under foreign laws even for Ukrainian companies without a presence in other jurisdictions, let alone local branches of multinational corporations which are always under the enforcement radar. That’s why international approaches in this regard become critically important.

Ukrainian law and the competent authorities had not shed much light on anti-corruption training until September 2017, when the National Agency on Prevention of Corruption (NAPC) issued recommendations² for persons conducting anti-corruption training (the Recommendations). Though the Recommendations are for the public sector, some tips offered by them are relevant to business and are discussed in this article.

The Guidance offers a creative approach to training — it suggests that compliance personnel ask themselves some sample questions which the U.S. Department of Justice itself found relevant in evaluating a corporate compliance program in a particular training. We grouped these questions into five steps.

Step 1: Assessing the Level of Current Knowledge

At the outset, one needs to identify what is the level of current knowledge on the offered subject amongst a company’s employees and what kind of training they have already had. Simply speaking, if staff have already received some guidance it would not be worth allocating too much time to cover basics, otherwise the trainer faces the risk of losing the audience’s attention from the very start.

The Recommendations offer collecting information about historic knowledge and training by completing a dedicated questionnaire; the Recommendations also suggest a questionnaire template.

Step 2: Training Tailored to Risk Areas

This is the most important step. One would imagine that levels of risk exposed by a company’s sales and, for example, the HR department would be different.
It is, therefore, crucial to tailor the training to a particular risk the company may face in different areas of its business.

The Guidance indirectly hints that a one-size-fits-all approach does not work and is explicit that the company should conduct training for its key gatekeepers — persons who issue payments or review approvals. Targeted training will help employees to better understand their role in the company’s corporate compliance system, and arm them with the right practical tools they can use when facing a specific risk relevant to their function. However, if the company has a history of misconduct, the failing areas should receive a particular review and consideration before the training initiative is rolled out.

Though the Guidance is silent on this, in our view special attention should be dedicated to training senior management, which is quite often neglected.

The Recommendations suggest that a company’s officer may be invited for a welcome word at the training. In our view, it should be the obligation of an officer to attend or be involved in training and the management should focus, inter alia, on its role in communicating compliance values and setting the standard of behavior for other employees. If management is not engaged in training it not only sends the wrong message to employees but would also mean that application of the training outcome is not mandatory.

Step 3: Training Language and Form

All efforts might end up being a waste of time if messages to employees are not clear or training materials are overcomplicated. That’s why the Guidance emphasizes that both the form and the language of the training should be appropriate for the intended audience. What is clear for lawyers, who in most cases would prepare training materials, may not be obvious for other employees who may rarely come across with legal issues.

From our experience, face-to-face training sessions are prone to be more engaging and effective, but they work well for an audience of not more than 20 people.
If training is to be delivered to a bigger audience, it is preferable to opt for an online alternative, as it can encompass many employees, is more flexible in time, and the company can track attendance.

If the training is based on case studies, the examples should be relevant to the functional duties of employees. If no tailored case study is available, the Recommendations offer some case examples which may be adapted for training needs.

Step 4: Assessing the Training Effectiveness

Once the training is completed, the company should not hurry to tick the box — one needs to understand and assess whether the initiative was effective. The assessment can be conducted in different ways but we believe that the most effective (albeit rarely used) would be to end each training with key questions to be answered by attendees. Based on the responses, the company can assess the quality of responses per attendee and decide whether a follow-up is needed for the entire audience or just a few employees.

The Recommendations stipulate that in addition to assessing whether the audience received the intended messages, the company should assess the quality and relevance of training materials as such feedback is crucial for improving future training.

Step 5: Extending Training Initiative Outside the Company

Incorporating anti-corruption wordings into contracts and requesting that a supplier or client sign acknowledgement of your company’s Code of Conduct rules does not help much in raising your counterparty’s compliance awareness. The wording and acknowledgement is viewed quite often in practice as yet another routine procedure on the path to getting the client. Therefore, training should not be limited to a company’s personnel, but also should encompass a company’s suppliers and clients; for example, by means of online training followed by a test session.

The Guidance separately suggests conducting training for relationship managers in terms of what compliance risks are and how they can be managed.

Concluding Remarks

While there is no universal recipe for a successful corporate compliance training program, it should always rest on proper planning, thoughtful implementation, follow-up assessment and feedback. A program depends on many factors and its proper preparation means spending time and human resources, though we hope that our recommendations in these five steps will be helpful in designing and providing training and, ultimately, in building an effective and sustainable corporate compliance system.

¹ 1 https://www.justice.gov/criminal-fraud/page/file/937501/download

² 2 http://parusconsultant.com/?doc=0AVK76CB4B&abz=JZVXH