A communications plan for your compliance programme is essential for both internal and external stakeholders. Think of a communications plan as a three level plan: firstly, understand the audience; secondly, think about the way in which you will communicate with them; and thirdly, how often you will do so. For the communications plan to be effective it is important that you always consider these three elements.
Things that should be considered when building a compliance communications plan
Engaging communication specialists
The communication of a compliance programme requires skillsets from specialist communicators. Look to your marketing, PR or corporate communications department to gain advice and assistance if you are at all uncomfortable about putting your communications plan together. Having a communications specialist on board can add significant value to your communications plan, and consulting them is a valuable step in the development process.
Consider the range of communication methods available
Email isn’t the only way to communicate your compliance programme – it is, in fact, often seen as one of the worst ways to communicate. Think of other ways, such as:
- one on one meetings
- group meetings
- conference calls
- video conference
- town-halls and brown bag lunches
- radio messages
- the company intranet
- internal magazines
- posters or flyers.
- Identify your audience
Identify your audience
Your audience is likely to be made up of multiple parties, including:
- internal stakeholders:
- board members
- the executive team
- the management team
- employees at all levels
- international, non-English speaking employees
- employees in different timezones
- the media
- customers and third parties
- shareholders and investors
Decode how often you are going to communicate
One of the key challenges in compliance is a lack of communication. You can never over-communicate when it comes to compliance messaging – when you think you have communicated enough, do some more. Your plan should include details on each of the above and how often you will communicate and by what method. For example, for the executive level managers, you might decide to communicate via a group meeting once per month. However, for other managers, you might communicate using the intranet or the internal newsletter once per quarter.
Tips on communicating to internal stakeholders
Some basic tips on communicating with internal stakeholders include:
- keep the message short and basic
- communicate often using different media
- engage senior executives to communicate on your behalf
- change your messaging for different groups of employees based on their roles and job scope (for example, tailor a message just for members of the human resources department)
- Ensure that the messaging always includes reference material and links of where to go to get help (for example, details of an anonymous helpline)”.
Tips on building a communications plan for external parties
The external stakeholders your compliance programme should be communicated to include auditors, media, shareholders, customers, key partners and, in some cases, regulators. Each of these parties holds a stake in the success of your company’s compliance programme. Effective communication of that programme can build shareholder value.
Auditors are responsible for reviewing a company’s books and records and making an assessment on the health of the company as it relates to material risks, particularly financial ones. Communicating your compliance programme to auditors is essential to help them understand the company’s approach at managing and interpreting risks in compliance failures. Communicating the programme may also help when compliance issues are being internally investigated.
It is important to make your compliance system known to the media or, at the very least, ensure the system is media-ready. A media-ready compliance system is one that has pre-prepared statements to be released if the company is questioned about a critical compliance issue. This gives the media a reportable statement about the compliance systems that are in place and allows the company to show that it has an active compliance system, despite the issue. In many cases, a well-drafted, media-ready compliance system can help turn negative attention about the compliance crisis into positive attention about the company’s compliance system.
Compliance can be a competitive advantage. A good compliance system shows that a company is less likely to be subject to downswings in stock prices if a compliance violation occurs. A good compliance system also reduces exposures of risk to the company’s balance sheets. Many companies market their compliance systems on the investor relations pages of their websites; this is a good way of communicating compliance systems to shareholders and linking the value of compliance programmes to shareholder value. Just like communicating to shareholders is important in building shareholder value, communicating to customers and key third parties is equally important.
- Third parties
Allowing third parties to feel comfortable that their risk is being addressed by the company is essential. Changes to your compliance system (for example, requiring additional personal information from third parties or asking them to complete new annual forms) should be communicated to the third parties in advance. This communication should outline why the changes are being made and the benefits they have for them, such as greater security control.
For companies regulated by industry or government regulators, it is often advisable to meet with the regulators to talk them through your compliance programme. Having this sort of dialogue often builds essential relationships and may potentially smooth things over if enforcement issues arise. While not strictly required under the law, in some cases regulators are keen to see that companies are on top of compliance of the law that the regulator enforces. Doing so may avoid costly audits.
Communicating your compliance programme to multiple parties can be a great advantage to all stakeholders. This is an essential part of every compliance programme and should be clearly documented and constantly updated.