After the whirlwind of the last 18 months, now is a good time for compliance professionals to take stock.
The Compliance profession is ever-changing, and the latest developments in remote and hybrid working continue to pose challenges and increased risk from data security breaches. Teams who work efficiently and effectively when office based now face the struggle of maintaining a collaborative work environment remotely.
This article explores the compliance challenges of remote working, as well as some ways you can address them.
Review Remote Working and Connected Policies
Was it a scramble to revise or create your Remote Working Policy for the first lockdown? If so it may be time to update the policy with what has been learned, including the interaction with other Company policies which may not have been considered at outset. A robust annual policy review, whether in-house or independent, will allow you to:
· Ensure your policies remain current and in line with what happens. It is easy for a policy or procedure to become detached from how staff are applying the requirement
· Revisit and address compliance risks associated with remote working
· Ensure staff have a clear understanding of those policies and have received relevant training.
Use of Monitoring Software
There is a difficult balance to achieve here. Employees need to feel trusted and at the same time we have an obligation to maintain compliant operations, stay abreast of technology risks and data breaches.
Regular reviews will ensure that the Compliance Program is not becoming too heavy handed in its use of monitoring.
“Regulators are not interested in the geography of where individuals are working but rather in a firm’s ability to have fit-for-purpose procedures in place to minimize the potential for misconduct.” [Thomson Reuters Cost of Compliance 2021: Shaping the Future].
Investment in monitoring solutions can help to ensure compliance responsibilities are met. As things evolve, the skills overlap between CCO and CISO roles will continue to increase.
New Mediums of Communication
Zoom and Teams are now a part of our everyday work life, introducing cost savings through reduced travel, but increasing security risk. Early in the life of Zoom people uninvited to meetings were able to access the call, increasing the risk that confidential calls were listened to.
The UK Financial Conduct Authority (FCA) published a Market Watch Newsletter looking at the greater risk of misconduct associated with remote working.
The final summary of the Newsletter reads “There is no specific restriction on the technologies or apps firms can use for communications. However, in all cases firms must understand the recording obligations and have effective policies, controls and oversight to ensure that these are met.”
Whilst Manx financial services companies look to the Isle of Man Financial Services Authority for guidance, your Enterprise Risk Management Framework must take into consideration the use of technologies and how any introduced risk is mitigated.
Communication for a Strong Culture
Businesses with strong values and culture will have more success managing remote employees. Finding ways to nurture a strong, unified culture will be important.
Never underestimate the power of regular communication – written, phone calls, video calls and in person – to strengthen relationships.
Allowing mistrust and feelings of being out of the loop to develop can lead to big problems down the line.
As remote working is set to continue, doubling down on efforts to strengthen a unified compliance culture also becomes more important. This includes raising the awareness of ethical behaviour.
With face-to-face interaction ever diminishing, compliance professionals need to get creative in how they exert influence on existing and new employees. Trust and transparency within relationships with employees are more important than ever.
We talked about the importance of a strong compliance culture in our last blog post ‘Ensuring Your Business has a Positive Compliance Culture‘.
Finally
If you require an independent review of any of your policies, in light of increased and ongoing remote working, our expert team is happy to assist, initially during a free, one hour consultation. Book your free compliance consultation today.
Impact Professional Services is a Compliance and Risk Consultancy based in the Douglas, Isle of Man.
