Cheat Sheet: 5 Key Parts of a Robust Compliance Program

Cheat Sheet: 5 Key Parts of a Robust Compliance Program

Background-web-light

Having a solid compliance management system (CMS) in place not only protects consumers, but it shows a good-faith effort to comply and, in turn, protects your organization from possible enforcement actions. By putting more resources into compliance management upfront, your organization can save a lot of time, trouble, and money in the long run.

According to the FDIC, a strong compliance management system (CMS) is composed of three main elements: board oversight, a compliance program, and compliance audits.

Compliance programs offer a planned and organized effort to guide the company’s compliance activities and represent a source document that serves as a training and reference tool for employees. By putting more resources into your CMS and compliance program, your organization can help prevent regulatory violations, provide time and cost savings, while protecting your brand.

 

Policies and Procedures

  • These documents should detail how employees are expected to go about their jobs, including the steps they need to take to ensure that business is conducted ethically and within legal boundaries
  • Provide an outline for:
    • Company goals + the procedures to meet them
    • All information needed for personnel to complete a business transaction
  • Regulatory review written policies and procedures periodically and revise them as necessary to address current issues or concerns, changes in laws or regulations, or changes in your business practices

 

Training

  • Employees must receive training on laws, regulations, and organizational policies that apply to their jobs
  • Training programs should be tailored to meet specific job functions and be designed and documented for both new hires as well as existing employees
  • Training should include information about where to go for help or advice in resolving questions about ethical issues or compliance with applicable laws, regulations, or policies
  • Employees should be trained and kept current on events that impact the business, such as:
    • Important regulations
    • Supervisory updates
    • Recent enforcement actions
  • Provide employees with written material for reference and keep these materials updated regulatory with current, complete, and accurate information

 

Complaint Management and Response

  • Identify and manage consumer complaints submitted internally to your organization (including those submitted via emails, calls, or on social media) and externally to regulatory agencies (like the CFPB and FTC)
    • Check out this cheat sheet on how to use the CFPB’s Consumer Complaint Database in your compliance program
  • Established procedures for addressing complaints and provide sufficient guidance on how to handle complaints internally and externally
  • Provide a timely resolution to all complaints, ideally within 15 days or less to align with the CFPB’s expectations
  • Evaluate complaint trends for insights into risk areas and to identify process improvements

 

Ongoing Monitoring

  • Understand who is doing what in marketing, how they're doing it, and whether or not certain activities may be generating consumer complaints or fall out of compliance with regulatory obligations
  • This kind of monitoring should be ongoing and can help proactively identify procedural or training weaknesses
  • Monitor all marketing channels for adherence to regulatory and brand guidelines, including across the web (including third-party sites), calls, emails, messages, social media, and pre-production marketing assets (like direct mailers)
  • Schedule regular reviews of:
    • Disclosures
    • Document filing and retention purposes
    • Posted notices, marketing content, and advertising
    • State consumer protection laws and regulations
    • Third-party service provider operations
    • Internal compliance communications systems that provide updates and revisions of applicable laws and regulations to management + staff

Stay Current on Industry News and Happenings

  • Monitor relevant industry publications and regulatory updates to ensure that you’re able to anticipate potential issues in advance and have time to implement the necessary changes to your program
  • Stay current on:
    • Lawsuits
    • Supervisory Highlights
    • Enforcement Actions
    • Guidelines
  • Adjust processes and priorities accordingly based on regulatory happenings and trends
Here are the 5 key parts of a well-rounded,

Robust Compliance Program

Policies and Procedures-01 (1)

Policies and Procedures

 

Policies and Procedures

  • These documents should detail how employees are expected to go about their jobs, including the steps they need to take to ensure that business is conducted ethically and within legal boundaries
  • Provide an outline for:
    • Company goals + the procedures to meet them
    • All information needed for personnel to complete a business transaction
  • Regulatory review written policies and procedures periodically and revise them as necessary to address current issues or concerns, changes in laws or regulations, or changes in your business practices
Training-01 (1)

Training

 

Training

  • Employees must receive training on laws, regulations, and organizational policies that apply to their jobs
  • Training programs should be tailored to meet specific job functions and be designed and documented for both new hires as well as existing employees
  • Training should include information about where to go for help or advice in resolving questions about ethical issues or compliance with applicable laws, regulations, or policies
  • Employees should be trained and kept current on events that impact the business, such as:
    • Important regulations
    • Supervisory updates
    • Recent enforcement actions
  • Provide employees with written material for reference and keep these materials updated regulatory with current, complete, and accurate information
Complaint Management-01 (1)-1

Complaint Management and Response

 

Complaint Management and Response

  • Identify and manage consumer complaints submitted internally to your organization (including those submitted via emails, calls, or on social media) and externally to regulatory agencies (like the CFPB and FTC)
    • Check out this cheat sheet on how to use the CFPB’s Consumer Complaint Database in your compliance program
  • Established procedures for addressing complaints and provide sufficient guidance on how to handle complaints internally and externally
  • Provide a timely resolution to all complaints, ideally within 15 days or less to align with the CFPB’s expectations
  • Evaluate complaint trends for insights into risk areas and to identify process improvements
Ongoing Monitoring-01 (1)

Ongoing Monitoring

 

Ongoing Monitoring

  • Understand who is doing what in marketing, how they're doing it, and whether or not certain activities may be generating consumer complaints or fall out of compliance with regulatory obligations
  • This kind of monitoring should be ongoing and can help proactively identify procedural or training weaknesses
  • Monitor all marketing channels for adherence to regulatory and brand guidelines, including across the web (including third-party sites), calls, emails, messages, social media, and pre-production marketing assets (like direct mailers)
  • Schedule regular reviews of:
    • Disclosures
    • Document filing and retention purposes
    • Posted notices, marketing content, and advertising
    • State consumer protection laws and regulations
    • Third-party service provider operations
    • Internal compliance communications systems that provide updates and revisions of applicable laws and regulations to management + staff
Industry News-01 (1)

Stay Current On Industry News

Stay Current on Industry News and Happenings

  • Monitor relevant industry publications and regulatory updates to ensure that you’re able to anticipate potential issues in advance and have time to implement the necessary changes to your program
  • Stay current on:
    • Lawsuits
    • Supervisory Highlights
    • Enforcement Actions
    • Guidelines
  • Adjust processes and priorities accordingly based on regulatory happenings and trends
2022-Marketing-Compliance-Playbook_mockup-book

Get more expert insights on marketing compliance

Get your free copy of PerformLine's Marketing Compliance Playbook which compiles expert insights and advice into one tactical, comprehensive playbook your company can easily adopt into its compliance program.

Looking to optimize and scale your compliance program?

Whether you're looking for comprehensive oversight across all your marketing channels, need extra bandwidth to review and fix compliance issues, or just don't know where to start with your compliance program, we have a solution for you that's customizable, automated, and scalable.