Enhancing Regulatory Compliance with Your Intranet
By Mark Anderson, CEO/CFO | Posted November 28, 2016
Regulatory compliance may not be a warm, fuzzy concept—but it’s a necessary one for many businesses.
In general, regulatory compliance involves all the efforts organizations make to follow relevant laws, rules and standards. And compliance is become more and more challenging as regulations keep increasing. So it’s important for organizations to implement controls that ensure governance requirements can be effectively met.
Some of the most heavily-regulated industries are banking, financing, health care and real estate. For instance, regulators expect bank management to be able to collect and analyze data across the enterprise. And all of this has to be done in a way that meets the formal expectations of the Federal Reserve Board and the Office of the Comptroller of the Currency.
As another example, the Health Insurance Portability and Accountability Act (HIPPA) maintains strict laws to protect the privacy of personal health information. These standards, which cover electronic data, are designed to provide for the confidentiality and integrity of your health data while it’s being transmitted and stored.
In addition, all public corporations have to follow specific reporting requirements under the Sarbanes-Oxley Act. SOX, as the law is often called, oversees the reporting requirements of financial professionals. It tightens accountability standards for directors and officers, auditors, securities analysts and legal counsel.
Compliance Goes Beyond the Financial Side
Regardless of the industry, compliance affects more than just the financial side. It also impacts the IT departments charged with storing company records. Under SOX, for example, all business records—including electronic records and messages—must be saved for “not less than five years.”
Because of this, many IT departments are being tasked with maintaining a corporate records archive that not only satisfies legal requirements, but does so in an efficient and cost-effective manner. When it comes to the storage of business records and communications, companies are generally expected to implement best practices that prevent the destruction, alteration or falsification of corporate information. Accomplishing this takes a concerted effort.
Perhaps one of the best ways to ensure regulatory compliance is to establish an operating environment that fosters compliance throughout the entire organization. Everyone from the board and senior management on down has to make compliance a top priority. Business activities should be reviewed by internal and external compliance experts who understand what regulators require. A compliance officer or third-party expert should monitor all operations to ensure they conform to a consistent set of compliant policies and procedures. And periodic audits should also be conducted.
How Your Intranet Enhances Regulatory Compliance
So how can an intranet help with enhancing regulatory compliance? It depends on the organization. But, generally speaking, compliance involves many corporate responsibilities and financial reporting issues, and an intranet can be an invaluable tool for addressing these areas. One of the key places where an intranet can help with compliance is policies/procedures. Employees need to be able to review policies on a constant basis, and an intranet can automate this process. An intranet can deliver notifications about policies and procedures, including updates, electronically to each employee and record who has read and agreed to them. This type of online reporting creates the documentation you need for regulatory compliance.
Another important area where an intranet can help is centralized documentation. An intranet creates a place where you have centralized documentation organized in an audit-ready format that can give regulatory inspectors quick access to requested data. This also reduces the potential of records being unavailable, incomplete, inaccurate or even lost. Having centralized records is especially critical when regulations change, and you need to update the individuals who will be impacted by the change.
Consistent messaging is also a key area where an intranet can be beneficial. Using an intranet to provide consistent messages is especially important in cases where a company has multiple locations, employees of different cultures, undergone a merger or acquisition, and has a changing workforce with diverse skills, education and industry background. Consistent messaging can also help you create a more well-informed and culturally-cohesive workforce.
Last, but certainly not least, is the area of employee training. An intranet can make regulatory compliance easier because it centralizes all your employee training initiatives. It provides for the online validation and reporting of employee training, certifications, skills and experience for effective promotion or reassignment. Real-time reporting gives management up-to-date and detailed training records to support regulatory compliance.
Of course, achieving absolute compliance may not be possible—but an intranet can certainly facilitate the process. By combining the experience of your compliance department, IT department and other resources, you can establish best practices that can help you achieve a higher level of compliance for your organization.
|Previously:||Choosing the Right Name for Your Employee Portal||Next Up:||Intranets, Your Online Hub|