JOIN US FOR A WEBINAR | Shifting your Compliance Strategy from passive to aggressive | 8-17-2022
JOIN US FOR A WEBINAR | Shifting your Compliance Strategy from passive to aggressive | 8-17-2022

Operationalizing Compliance: Strategies and Tips from Experts  

Jul 21, 2022

One of the most prominent challenges organizations face today is operationalizing and managing compliance programs and holding stakeholders accountable. Given the complexity of the compliance landscape, professionals in this field have different views on the concept of “operationalizing compliance management”.

Operationalizing Compliance Strategies

How do we operationalize compliance management? How can VComply help us in operationalizing compliance? Or what are the best practices for operationalizing compliance management? These are the questions most compliance professionals ask our compliance solution experts.  

We wanted to clarify the concept of operationalizing compliance programs; hence, we organized an online webinar hosted by two of the most respected compliance experts in the field, Jennifer Code, SVP, Governance & Strategic Relationships at Synchrony, and Ella Conrad, Director of Compliance, Risk, and Quality Management at Planned Parenthood Gulf Coast. Harsh, CEO VComply also shared his insights on how his customers use VComply to operationalize compliance. The hosts also touched upon the balance between human and technological factors in compliance.   

You can operationalize compliance by incorporating compliance processes into ongoing business processes and making it a part of everyday tasks. Integrating compliance into different lines in the business, combined with robust processes, standards, and policy awareness can help enhance your workforce’s accountability and ensure that you achieve your compliance goals.  

Now, let’s dive into and understand what the webinar discussion is all about. Here’ is an abstract of the webinar:  

Major Compliance Challenges Posed by Organizations 

Jennifer Code: What are the big challenges your customers are looking to solve for compliance automation?  

Harsh: I think one thing that I’ve seen consistently come up and is on the top of the mind for most compliance officers that I’ve spoken to is how we get more consistency and visibility on compliance processes? How do we ensure we’re not missing out on all the important stuff while getting all day-to-day stuff done in our compliance program? How do we make sure that things don’t slip through the cracks? Some of the compliance officers still use spreadsheets and are unable to scale. What should be the right level of automation when setting up and operationalizing compliance processes? These are the concerns and challenges that are consistent across.  

Coping with Key Regulatory and Operational Challenges 

Jennifer Code: What are the internal and external regulatory and operational challenges?  

Ella Conrad: Well, yes, the reality is that in some operational areas, there is just zero tolerance for non-compliance. The Board of Directors has a fiduciary responsibility to provide the appropriate oversight of compliance; therefore, having the ability to measure and report on the effectiveness of a compliance program is critical. Something as simple as missing the filing of a 990 on your tax return could result in a nonprofit organization losing their tax-exempt status, which you know could stop their operations.  

Compliance Automation – Why It’s Crucial? 

Jennifer Code: What are the key factors for the rising need for automation in compliance?  

Ella Conrad: Well, automating the assignment of the compliance responsibilities is the key. If someone who takes care of a compliance obligation moves on, that task needs to be done by someone. It’s hard to delegate responsibility manually or ask someone else to take care of it until that position is filled. So, in today’s age, especially as a result of the pandemic, we’ve learned, you know, in the age of “great resignation”, people are moving quickly. As a compliance professional, keeping your hands around everything and make sure that all the compliance obligations are done is time-consuming. So having an automated platform that can identify exactly who is responsible or who is in the chain of command and then routes or transfers the responsibility can take so much weight off of the compliance officer’s shoulders, just to be able to know that that’s taken care of and can be accessed with just a click of a button.  

Compliance Automation Use Cases

Jennifer Code: What are the prominent use cases for compliance automation?  

Harsh: Just knowing what you need to be complying with and then having a person owning that process is the most important thing. In the entire realm of things, with a lot to be complying with in a short span, you can almost get lost in the thick of things. When you start with it, you will feel that compliance is like a maze where you are only trying to figure things out. Have I complied with this? Have I completed a federal reporting requirement? If you are not careful, you can get lost in the process. And the other thing is having a single source of truth for your entire compliance program. The critical factor is knowing where the evidence is and demonstrating you are compliant; how do you demonstrate you are compliant if you suddenly get audited by auditors or have an inspection come up. At that point, you can’t be looking through your email trails, looking at spreadsheets, or trying to find the evidence in some email that might be lost within the organization. 

Transforming from Spreadsheets to an Automated Platform  

Jennifer Code: Ella, could you please explain your transformation from spreadsheets to an automated platform?  

Ella Conrad: Let me talk briefly about how our compliance program has evolved. Like many of us, we developed a comprehensive Excel spreadsheet listing the things that needed to be done. We created a new sheet every year with responsibilities and the people responsible for accomplishing it. The spreadsheet is cost-effective, but it wasn’t particularly effective when reviewing historic data or finding documentation to confirm the completion of the responsibility. And there was no way to truly hold teammates accountable for timely and accurate completion of the requirements. So next, as we evolved, we moved to use a simple access database and created outcome variation forms so that teammates could attest to completing our responsibility and document when a corrective action plan is put in place. And again, the solution was cost-effective. However, this solution produced an abundance of electronic files, and it was so time-consuming for our teammates and for our compliance team to manage. So, we started looking for automated solutions.  

Using VComply to Drive Efficiency and Value 

Jennifer Code: How does VComply help in operationalizing and managing compliance well?  

Ella Conrad: We took demos of a few platforms with varied capabilities, system requirements, and prices. VComply offered a simple, affordable solution that would provide automated emails, non-compliance notifications, and historic data at a glance easily. It provided the ability to organize responsibilities by individual categories -, responsibility and risk categories. It offered improved accountability for teams and individuals with due diligence scores and an individualized dashboard with monthly trending graphs and monthly non-compliance reports. And it’s easy to manage the changes and deactivation of users and responsibilities as of today with our organization having a head count of just under 200. We currently have 106 active Vcomply users. And that means that everything has been directly delegated to 100 and six of our approximately 200 teammates. And recently our senior leadership team decided to include each compliance report and due diligence score as part of the annual performance evaluation, which further strengthens our culture of compliance.  

Jennifer Code: How hard is it to administer compliance using VComply?  

Ella Conrad: Vcomply is incredibly easy to administer, so all it takes is the individual’s name in their email address to enter them into the system. What works well for that is once they are in the system, any responsibility can be assigned directly, regardless of which responsibility center it’s assigned. And then what’s also very useful and easy is a transfer of responsibilities, again, with turnover being what it is in this day and age, if a person or an individual has 15 responsibilities assigned directly to them, and then they leave the organization with a click of a button, and you just transfer it to another person or next up in the chain of command. And also, I’ll highlight here the automated notifications, so an individual is notified of it in its set setup specific to your organization or business entity. It’s automated, that’s what makes it so unique and useful.  

As of today, our compliance platform has 488 active responsibilities, so over time again, people learn from their experience which all are the controls they really should be monitoring. Now regulations are getting stronger and stronger across the board and as a compliance professional, keeping your arms around who’s doing what and when it’s being done is really great. I can’t imagine walking into an organization that doesn’t have an online compliance platform management system. And people are constantly moving right now, making it harder and harder to keep tabs on who’s doing what and ensuring things are getting done. So, I think a compliance management platform is critical to ensuring that you’re complying with everything that needs to be complied with.  

Harsh: When you’re looking to automate compliance, there’s a human aspect to compliance that can’t get automated, and there are things that they can get automated.? What’s the right level of automation to have in a place?

Jennifer Code: Yeah, it’s a tricky balance. I think it’s a business decision. Consider the human factor and have a system in place that helps you manage work well and automate the mundane tasks like following up, pulling data, and generating reports at the end of the quarter.  

Check out for more webinars, insights on compliance, risk management, and more in the VComply Resources section. 

Recent Articles
What is IRM? What is the difference between GRC and IRM(Integrated Risk Management)?
Why Policy Management is the Infrastructure of ESG
Establishing Effective Third Party Risk Management (TPRM) Policies in a Modern Era
Compliance Through Policy Design: Managing Information Security
Compliance Through Policy Design: Managing Remote First Compliance
75%
reduction in non-compliance penalties using VComply’s integrated solution.
Ready to get Started?

Experience our Award-winning GRC platform!

Drive efficiency and value across your business with VComply’s user-friendly platform.
Product Enquiry
For any product enquiries, get in touch with a product specialist today!
Help Desk
Find your answers in our expansive knowledge base.
Start for Free
Speak to Our Compliance Expert
Start a Free Trial