The Secret to Successful Compliance Management? It's Not the System

  • by gcarroll@fasttrackaust.com (Greg Carroll)
  • 14 Jul, 2013
The key isn't filling forms, it's tapping into what motivates your employees

I'm often asked how do you get quality systems to work. That's an aspect of Corporate Governance that's usually left out of the hundreds of articles all over the Internet. Sure, they talk about all the same old benefits of quality management, risk management, compliance or related governance systems. That's a bit like telling someone the benefits of being rich. What we really want to know is how to get there!

Stop setting rules

The simple answer is: employees must adopt the system as an endemic part of their job. The rest you can get out of a book.

So how do you achieve this elusive end? Anyone involved with change management will tell you that to change a person’s behaviour, the person must see a personal benefit. So stop drawing flow charts and setting rules. Get out and talk to HR. Better yet, skip HR and talk to your staff.

Once you grasp this secret, the process of achieving success is fairly straightforward.

  1. Identify your staff motivations
  2. Pick compliance framework elements that support these motivations
  3. Involve staff in the method of implementing those elements
  4. Setup a feedback mechanism to report on the implementation success
  5. Reward and publicize

The idea here is to forget the formal framework and implement employee issues first. You will find it much easier to introduce the more pedantic elements once you have a core group of supporters and advocates.

To get you started I have borrowed the results of the 2010 employee survey published by Seek, Australia’s largest employment site. On the left, I list the things that most strongly motivate employees. On the right, I've listed some obvious benefits for Compliance, Quality Management, Occupational Health and Safety System, or any change management project. Just substitute the applicable system goals against the related behaviour. After all, good management is about ensuring staff satisfaction.

Employee motivators in descending order of importance

Rank Motivator Benefits for  Compliance, Quality Management, OHS
1 People I work with Form small teams to look at individual elements based on interest groups, but make sure teams have goals and timelines
2 Work environment Empower people to improve their work environment by having them set their own GRC goals. Have them start with a risk assessment. 
3 Proximity to home Not all motivations can be related, but try being creative. 
4 Variety and content of work An April 2013 Harvard Business Review article “The Happiest People Pursue the Most Difficult Problems.” suggests that the key to job satisfaction is involving staff in problem-solving. Get them heavily involved in CAR or Improvement teams. (see 1 above) 
5 Benefits (leave, flex time, etc) Think up non-salary bonuses for achieving GRC milestones. 
6 Hours of work Look at the reason for long hours. Commonly it’s due to fire-fighting and rework. Match implementation tasks that will have a direct and immediate effect on reducing those causes. 
7 Level of job security Publicize industry statistics (hard numbers, not generalities) on effectiveness of GRC on business success. (See our earlier blog post titled “Building Shareholder Value through Good Governance”). Remember, frame it in terms of job security and advancement opportunities, not company profits. 
8 My direct manager This is a multi-layer issue, covering appreciation and acknowledgement, respect and support, empowerment, image and standing. All should be workshopped heavily in consultation with individual managers. 
9 Company culture Identify both the existing perceived and actual cultures. Then identify the desired culture and get staff to buy in by offering a road map (through GRC) to obtaining it. 
10 Workplace morale level Winners are grinners, and nothing draws a crowd like a crowd. Publicity is the key. Get your marketing people to work on setting up internal communication and feedback channels. 
11 Quality of overall management Promote management. Set up continuous training, where managers hold a 50-minute drill-down on a topic. This motivation shows it is important to impress your staff.  
12 Feeback/ appreciation Include review and feedback steps in all workflow. Name individuals and their GRC contributions weekly. The best companies schedule time to share exceptional stories of innovation, customer service, product development and dedication with all employees. 
13 Salary Notice that salary is all the way down at Number 13! Use the fact that measurement gives strong evidence to argue performance increases during job reviews.  This is the best reason to get people to record activities but first set up effective KPIs that works for both the business and employee.

If you look at what is involved in satisfying these 13 motivations, you have covered risk management, continuous improvement, skill and competency, process management, communication, and reporting. This is a good start. All you need now is to get management’s support.

Compensating for SharePoint Document Control Deficiencies

by gcarroll@fasttrackaust.com (Greg Carroll) 5 April 2017
The benefits of SharePoint as a content management system and information portal tool are indisputable.  With great search functionality and user definable portal pages SharePoint is now the leading Content Management solution chosen by most IT departments. But what if your business demands strict document controls protocols, not just because it’s good practice but life depends on it?  Unfortunately there is generally a poor appreciation by IT departments of the importance of document control in mission critical business. 

Integrating ISO 9001:2015 with ISO 17025

by gcarroll@fasttrackaust.com (Greg Carroll) 11 October 2016
It is not uncommon for laboratories to be saddled with maintaining both ISO 17025 and ISO 9001 certification. Although it is simpler to create and implement two QMS – and to "merge" those activities which can be merged – this approach is arduous, inefficient, and prone to mistakes.

The Future of Digital Transformation

by gcarroll@fasttrackaust.com (Greg Carroll) 15 September 2016
Senior management have to come to grips with the fact that Digital Transformation is not an Event but rather the operating environment of 21st century business. 

Misunderstanding Innovation

by gcarroll@fasttrackaust.com (Greg Carroll) 22 August 2016
Last week saw the latest in misguided innovation talkfests, the AFR Innovation Summit #Innovation16.  For several days academics, public servants, journalists, and corporate employees put forward their insights into how Australia can develop an Innovation culture. 

How to make Audit Management Effective

by gcarroll@fasttrackaust.com (Greg Carroll) 25 July 2016
Effectiveness is the holy grail of Compliance Management.  Whether regulatory or ERM, ensuring business is conducted as intended is the base requirement to optimising your organization’s performance.

Behind compliance management failures at Mitsubishi, VW, Target

by gcarroll@fasttrackaust.com (Greg Carroll) 17 June 2016
2016 has seen a virtual tsunami of compliance failures involving some of our largest companies. From Mitsubishi to VW, from ANZ to Target, almost weekly there have been media reports about some company employees having run amok – unbeknownst to their executives and boards. People are asking: “What happened to the compliance management systems that are supposed to monitor and prevent such abuses?” Executives and boards are naturally starting to question the entire compliance management function. 

Compliance Manager role in modern organizations-Empower decision makers

by gcarroll@fasttrackaust.com (Greg Carroll) 7 September 2015
The Compliance Manager’s role in the modern organization is to enable/empower decision makers to take action and leave the building defensive walls to the Risk Manager with his heat maps. So how can compliance managers start realising their value adding role?

How to Implement Risk Based Audits & Inspections

by gcarroll@fasttrackaust.com (Greg Carroll) 18 July 2015
With the release of the Final Draft of ISO9001:2015 this week and its focus on risk-based Compliance Management, I thought I would share our approach to Risk-Based Auditing from our experience with the likes of Defence Aviation and the Australian Quarantine Inspection Service, both leaders in the field.

The 4 Biggest Mistakes in Compliance Management

by gcarroll@fasttrackaust.com (Greg Carroll) 3 July 2015
Mere compliance with a Framework is an insufficient audit approach; it is critical to assess whether it is current, timely, communicated broadly, and meets the needs of the business. The 4 biggest mistakes are:       Not being Outcome focused      Not using Risk base targeting      Not Value Adding      Not being timely

Why Corporate Governance is broken and how to fix it

by gcarroll@fasttrackaust.com (Greg Carroll) 28 May 2015
Why, with the number of fertile minds that exist in our field, is it still a case of an irresistible force meeting an immovable object.  The paradox I believe, like our would-be entrepreneurs, is one of approach.
Show More
Share by: