Even the smallest of companies must consider their compliance footprint. Not just something for the to-do list of the giant multinationals, legal compliance is the process by which a company adheres to the complex rules, policies and processes that regulate business practice in a particular jurisdiction.

Without paying attention to measuring compliance, a company can fall foul of regulators and face fines, censures, reputational damage and even jail time for directors in some jurisdictions. Adding to the complexity, every jurisdiction has differing compliance requirements, making evaluating legal compliance a difficult task for entity managers tasked with its tracking. Compliance audits are often a requirement and are always a good idea to keep track of status.

Thomson Reuters Practical Law says that in-house counsel can protect the company, its directors and employees by doing the following:

  • Implementing effective compliance policies
  • Educating employees on those policies
  • Staying informed of the various regulations with which the company must comply across all jurisdictions in which it operates and staying abreast of any changes, and
  • Identifying issues that may turn into potential violations, ensuring there are procedures in place to address the issues.

Compliance involves not only knowing and understanding legislation that applies to the business, but also being able to demonstrate the business and its entities are in compliance at all times—that means keeping records of checks, having policies and procedures around the legislation, and retaining evidence that people are taking responsibility for compliance.

That’s all well and good, but what are the steps for evaluating legal compliance? How can in-house counsel, company secretaries, and legal operations and compliance teams work together to measure compliance, ensure everything is running like clockwork, and keep the company and its entities legally able to operate in every jurisdiction?

Step 1: Know the regulation

There’s no one-size-fits-all approach here, nor is there a simple and clear calendar that can be handed over with big red circles over appropriate deadlines. When asking what the steps are for evaluating legal compliance, the only answer is to do your research: Know the regulations in your industry and jurisdiction, know what’s required of your entity in relation to that regulation, and make plans for how you can fulfill those requirements. Make sure you consider all aspects, including, among others:

  • Data protection
  • Cybersecurity
  • Health and safety
  • Environmental responsibilities
  • Financial and accounting requirements
  • Employment law
  • Tax law
  • Advertising regulation, and, of course,
  • Corporate law, such as the U.S. federal sentencing guidelines for organizations.

Step 2: Know your reporting duties

Reporting requirements will differ depending on the sector, industry and jurisdiction in which your organization operates. The plethora of acronyms—FATCA, CRS, SOX, BEPS—all come with their own reporting duties, but there will be other bodies that require regular filings, too. Consider the terms of any funding, or of any ethical bodies or industry organizations that your company is a member of, and check whether a quarterly or annual report is needed. It’s advised you keep a calendar of reporting deadlines to make sure none slip by without notice.

Step 3: Take stock of policies

All those policies you put in place to drive your legal compliance need to be adhered to and need to remain up to date. While evaluating legal compliance, check that your policies are still fit for purpose. Have there been changes in the business or in the industry that need to be reflected in any updated policies? Are your people aware of and working within the policies? An annual review is essential to the steps for evaluating legal compliance, but more regular spot checks are a good idea, too.

Step 4: Check your records

When asking what the steps are for evaluating legal compliance, all will hinge on the quality of records you keep. Ensure all record keeping within the organization and across all entities is strong, that your compliance teams know what to keep a record of, and that it’s stored safely in an easy-to-access central repository. Entity management is important, yes, but aim higher: Aim for entity governance, where compliance teams have enough strategic oversight of the corporate structure to be able to forecast the downstream effects of changes to regulations and laws. Strong entity governance is driven by evaluating legal compliance regularly.

Step 5: It’s not just about laws

Legal compliance is important, of course—no one wants to see directors fined, after all—but it’s just as important to consider the nonlegal requirements when evaluating your organization’s compliance. Has the company signed up to any industry codes of practice? Are operations following all ethical guidelines? Do you remain compliant to the requirements of any licensing, funding or tenancy agreements? Cast your net wider when taking the steps to evaluate legal compliance and make sure you’re getting the full picture of your company’s compliance health.

Step 6: Remember your employees

You can set up as many policies and processes as you like, but without communicating requirements to everyone in the organization, you’re unlikely to be compliant. Ensure all employees, from the board down to the shop floor, know and understand their responsibilities when it comes to compliance. This will likely involve organizing training and education programs, as well as scheduling regular checkups and pop quizzes to make sure everyone is toeing the line.

Step 7: Schedule regular compliance checks

One of the steps for evaluating legal compliance that can be easily missed is to schedule regular checks throughout the organization—not just to make sure your employees are following process, but also to make sure any automated filings are happening as they should, that there’s no new deadlines or regulations you need to know about, and that your processes are fit for purpose. Ensure you have ready access to real-time data on your entities to get the bigger picture, and be prepared to iron out any kinks in the process you discover in these checkups.

Legal compliance is not a one-off process

When asking what the steps are for evaluating legal compliance, make sure you consider the following elements:

  • Can you demonstrate a commitment to compliance?
  • Have you determined your compliance obligations in each jurisdiction and for each entity?
  • Have you considered the impact the compliance requirements will have on your organization?
  • Have you taken the organizational and technical measures to comply with requirements?
  • Do you have a regular program to self-assess compliance?
  • Can you and have you planned for regular internal audits?
  • Have you put an annual management review for compliance into the board diary?

Remember that size, geography and incentives matter: The size and complexity of your company’s activities may require differences in the design of your compliance program; jurisdictional requirements will differ; and incentives may need to be offered to employees to ensure they remain compliant individually to drive corporate legal compliance.

Legal compliance is the responsibility of everyone in the organization, but those in charge of entity management will often be coordinating the steps for evaluating legal compliance. Ensure you have easy and ready access to all documentation relating to your entities, including filing dates and regulatory requirements.

Working with entity management software can help to ease the burden of legal compliance and make the steps for evaluating it that little bit easier. Blueprint OneWorld’s compliance workflows facilitate the approval process for changes to the corporate database by automating manual processes and establishing customized workflows, while the compliance calendar helps entity managers to keep up with constantly changing labor laws, regulations and reporting requirements to ensure the stretched legal compliance team can stay on top of its duties. Schedule a demo to see how Blueprint OneWorld can help you to both manage and evaluate your legal compliance.