In our last post on establishing an ethics and compliance programme, we listed risk assessment as one of the essential elements.

Building a culture of compliance won’t happen overnight, so if the company is at the very start of its programme, it will be imperative to know where the key risks lie. This is a practical and recommended starting block for a company before it can start to build on any of the remaining best practice elements to work towards an ethical corporate culture.

An incidental but major benefit of conducting a risk assessment is that it will introduce the compliance ‘department’ to the company. It acts as a method of communicating why compliance exists as a service to help protect the company rather than an obstacle course for business development.

A practical risk assessment doesn’t have to be complicated or cost an inordinate amount of time or money. These are the basic factors you need to know:

what are the major ethics and compliance risks facing your organisation?

which employees are likely to be affected?

what actions can you take to minimise exposure to the company’s major risks?

who will be responsible, or help, manage those risks?

Once you know this, you can develop an action plan and timetable to get the compliance programme underway.

Stay tuned for next week’s blog which will address how to further develop your ethics and compliance programme.