Trojan CorporateTrojan Corporate

By Narelle Davidson

The value of monitoring and measuring compliance

Having all compliance boxes ticked is one thing.  Knowing that it can be demonstrated and is adding value is another.

 

Monitoring and measuring compliance is critical to understanding areas for exposure and weakness.  The importance of making regular assessments on the organisations commitment to compliance is invaluable.

While it is important to assess compliance with regulatory obligations, it is equally important to check that the team is on track with the strategic values that have been determined and set down from the top.

Monitoring and measuring compliance is simply self-examination. Self-examination allows us to take a “bird’s eye view” of how we look and put some perspective on what is required to put the wheels back on track, or give ourselves a reward for getting it right.

The monitoring and measuring component of the compliance program will provide a clear picture of where the Club may be exposed.  More importantly it allows for the issue to be addressed before a compliance failure occurs.  It will bring to the forefront, where improvement may be required.

It’s important to remember that once the monitoring and measuring has occurred, the relevant team members are provided a report that details the findings of the review. The report becomes a valuable tool to prioritise, allocate resources and create a plan to address the non-conformities. Compliance is not about one person, it’s about the collective group working to meet the objectives and strategies of the Club. So it makes sense that the monitoring and measuring program should be aiming to prepare the Club for the future.

Compliance shouldn’t be a box ticking exercise. The value of monitoring and measuring compliance is the reassurance that “yes we got it right” or the wake up call to say “we need to apply some focus here”.

By Narelle Davidson

Raising compliance from the bottom of the pile

It is generally quite obvious when a venue has a good grasp on their compliance obligations from the moment you park in the carpark, walk in the front door and are greeted by the team. Strong values create strong standards.  One of the most memorable experiences I have is walking into a venue and smelling rancid deep fryer fat, pushing past empty kegs to make my way to the office area in which chaos can only explain first impressions. My gut told me if it smelt and looked bad it was probably going to be bad. Needless to say compliance was definitely on the bottom of the pile.

In over 9, or so years of reviewing compliance for hospitality venues, I’ve seen instances of complete disregard for company policy and procedure, I’ve listened to many raise cause for the circumvention of compliance and wondered what would happen if the same energy was spent in putting to a plan for complying.  I have also been witness to watching compliance rise from the bottom of to do piles and sit comfortably within club culture. How is it done?

Here are my top 10 suggestions to get you back on track to creating compliance value, attitude, belief and custom.

  1. Set the tone from the top. Communicate the mission, values, and vision for your club.
  2. Dedicate resources – time, financial, people. Assign responsibility – it’s a team effort.
  3. Screen employees. Don’t let one bad egg spoil the basket.
  4. Accountability is great, but make sure it’s achievable. Don’t ask people to do things that can’t be achieved. Break it down into digestible and realistic chunks.
  5. Take time to understand compliance obligations and risks. Undertake a risk assessment or independent review. A fresh set of eyes will identify things that have become invisible on a day to day basis.
  6. Follow up – set reminders for important dates and time frames.
  7. Engage the team to see compliance as an asset not an interruption. Encourage team members to speak up when something is not as it should be. Bottom up approach is critical.
  8. Train team members in company policy and procedure. Try to think of ways that this can be done that are a little out of the box.
  9. Test compliance. Reward the team for compliance met.
  10. Report to the board on the status of compliance within the business.

Achieving compliance culture is not only possible, it is essential to adding business value.

By Narelle Davidson

Is it a policy, procedure, process or something else?

Compliance isn’t about having a policy for everything, it’s about developing and implementing practical policy that will help the venue met with the law, standards and codes, along with community, member and patron expectations. Policy needs to be practical. Policy must be able to be implemented.

What is policy?

A statement, verbal or written, that details the standard, belief or course of action that has been adopted or proposed by the board of directors.

What is procedure?

Procedures detail the steps, order or manner in which tasks or actions are to be conducted. Procedures are used to show employees the correct process to be followed.   Procedures are typically lengthy and offer more detail to the employee.

What is process?

Interrelated tasks, decisions, actions or steps that achieve a specific result.

How do we make sure that policy, and procedure don’t become something else or just another document?

TOP 10 TIPS

  1. Avoid mixing policy and procedure together.
  2. Keep it real. Policy must be practical and able to be implemented.
  3. Keep your policy and procedure current and up to date.
  4. Use language that readers will understand and that is consistent with your venue and industry.
  5. Involve your team in policy development. This will give it credibility.
  6. Publish and communicate policy. Use formats, like noticeboards, staff newsletters, team meetings and team talks. Provide training and where appropriate publish on the clubs website.
  7. For internal policy and procedure, obtain a record of agreement. Use an “I agree” form that acknowledges that the team member has read and understood the document they have been provided.
  8. Is the policy or procedure being implemented effectively? Does it need to be reviewed?
  9. Keep a policy and procedure register.
  10. Policy and procedure are best written in alignment with business strategy, vision and values. Think about why the policy is required and who it is intended for.

You understand your business better than anyone, take the time to read and tailor policy to make sure it’s a good fit.

By Narelle Davidson

“Focus on boring” Focus on compliance

Many of the Club Managers I speak with tell me that the biggest problem with compliance is that:

“it’s really not that exciting…it’s boring”

True, when we are reading pages of legislation, lodging annual compliance reports or sitting through another training course.

Here are my TOP 3 reasons why compliance gets boring and why it needs our attention.

#1 Focusing on the little things and not the bigger picture

Think of compliance as:

  • Commitment to your team and business strategy
  • Implementing a stronger, better, more resilient business model
  • A measure of success
  • Continually improving.

That sounds a little more exciting than temperature checks,  incident registers and signatures on payouts?

#2 Compliance is not an income stream

Ask…what is the worst that can go wrong?  Really think about this, because it is where boring deserves attention.

“If you think compliance is expensive – try non compliance” Paul McNulty

#3 It’s not fun

There are other more exciting things that can be done and we would rather be doing.  When we only focus on what is interesting, the necessary becomes a burden, bogs us down, and hinders our full potential.  Inattentiveness to that which is mandatory creates exposure.  This is when compliance becomes reactive, time consuming and costly.

 

Now is the time to “focus on boring.”  Lindsay Tanner – AHGE Corporate Governance Symposium

 

By Narelle Davidson

Time to get cracking on food safety compliance

On numerous occasions over the last few weeks the topic of food safety has come up, indicating a growing concern about compliance.  Why?

Let’s cast our minds back to earlier this year, when Queensland restaurant Chin Chin (located in Springwood) was involved in a Salmonella poisoning outbreak, with over 100 dinners falling ill.  Things got “berry bad” in mid-February for Nanas and Creative Gourmet, with a nationwide product recall placed on the frozen berry ranges.  Salmonella was an issue for the Brisbane Convention and Exhibition Centre, when 250 conference delegates fell ill.  Just last week Queensland egg producer Darling Downs Fresh Eggs found itself in a product recall, while Grocer and Grind Café, in Broadbeach on the Gold Coast, shut its doors stating that they had not received any product recall information from their supplier.

It’s interesting to look at some statistics from FSANZ.

“Between 1 January 2005 and 31 December 2014, FSANZ was notified of 586 recalls. The average number of recalls per year for the last 10 years is 59 recalls.”

“between 2005 and 2014, there were 126 recalls due to foreign matter. The most common types of foreign matter found in food were plastic (34%), metal (32%) and glass (22%).”

While removing eggs completely from menus may be tempting, it may serve as a timelier reminder about food safety obligations.

Generally speaking most clubs are required to comply with the relevant Food Act and Food Standards Code – Standards 3.2.2 (Food Safety Practices) and 3.2.3 (Food premises and equipment).  What does that really mean?  Without boring you with a food safety 101 compliance lesson, general requirements are briefly listed below:

Part 3.2.2 Food Safety Practices and General Requirements

·        Food handling – skills and knowledge

·        Food handling controls – receipt, storage, processing, display, food packaging, transportation, food disposal, food recall

·        Health and hygiene requirements – requirements for food handlers; general health and hygiene of

·        Requirements for food businesses – health of persons who handle food, duties of food business, hygiene of food handlers

·        Cleaning, sanitising and maintenance

·        Miscellaneous – temperature measuring devices, single use items, animals and pests, alternative methods of compliance.

Standard 3.2.3 Food Premises and Equipment

·        Design and construction of food premises – general requirements, water supply, sewage and waste water disposal, storage of garbage and recyclable matter, ventilation, lighting

·        Floors, walls and ceilings

·        Fixtures, fittings and equipment – general requirements, connections for specific fixtures, fittings and equipment and washing facilities

·       Miscellaneous – storage facilities, toilet facilities, food transport vehicles.

Food that is subject to recall is considered ‘food for disposal’ and food businesses are required to comply with clause 11 of the Standard 3.2.2.  Clause 11 basically requires that food, which has been recalled, must be:

·       Held and kept separate until it is destroyed, or

·       Disposed of, or

·       Returned to its supplier.

The food must be clearly identified as returned, recalled, or unsafe.  While it is not a requirement of a food business to subscribe to the food standards recall, it is a great business tool for staying on top of recalled products.  You can follow this link and set up a subscription – http://www.foodstandards.gov.au/industry/foodrecalls/recalls/pages/default.aspx

It is also a timely reminder to consider developing a standard operating procedure for food poisoning claims.  Once a food poisoning claim has been made, the food becomes ‘food for disposal’ and those requirements of clause 11 apply.  QLD Health recommend that two or more complaints should be notified to the authorities.

Regardless of whether the club engages a contract caterer or not, take the time to review the food licence and compliance with it. Ensuring food safety is a mandatory requirement.  Protecting your brand is critical.

By Narelle Davidson

I think I know my compliance obligations; but I just want to check on…..

I think I know my compliance obligations; but I just want to check on…..

One of the most common questions we are asked is “What is this ALMTFC stuff all about anyway?”   So, ALM is the company that supplies liquor and TFC is short for total fixed compensation. So liquor supplied with total fixed compensation….sounds pretty interesting?

Just to clarify, the correct acronym is AML/CTF – Anti-Money Laundering and Counter-Terrorism Financing. Possibly not the most exciting item on your to do list, but nonetheless a compliance obligation with quite an assertive regulator.

The Club industry has had obligations to comply since 2008 – 7 years to get it right. Yet aside from WHS, it is quite possibly the most misunderstood and inadequately resourced legislative obligation that clubs have.

If you don’t have a grasp on what is required (and you won’t be alone), then it’s time to make a start. My challenge is to tell you in 300 words how to make a start.

Clubs with 15 or more gaming machines need to have a compliance program that has been risk assessed and written in 2 parts. The program must address the following key points:

  • Appointment of an AML/CTF Compliance Officer – this person needs to have access to the Board. They should have independence, seniority and accountability. They will require the relevant skills and experience so may need some additional training and a PD.
  • Risk awareness training that meets with the 4 key points of chapter 8.2 of the AML/CTF Rules.
  • Pre-screening and rescreening of employees who perform at risk roles (gaming). A solid procedure is to perform police history checks.
  • Board oversight – an AML/CTF agenda item for consideration at monthly Board meetings
  • Regular and independent review. Tip: The AML/CTF Compliance Officer is not the appropriate person. Reports must be presented to the governing board.
  • Policies and procedures for dealing with feedback from AUSTRAC.
  • Procedures for reporting suspicious matters and annual compliance reports due by 31 March annually.
  • Procedures for ongoing customer due diligence; monitoring transactions, additional KYC information required for high risk customers.
  • Part B will need to include customer identification procedures. Look at the existing procedure used for payments above the venues cash approved limit. Tip: A membership card is not acceptable ID.

 

Remember that a current privacy policy (March 12 2014 – new privacy laws came into effect) needs to be in place, understood by all and implemented.

This legislation is risk based and constantly changing. This is one thing you cannot set and forget. Getting this ALMTFC stuff into perspective isn’t too hard. It just takes a little bit of commitment and conversation to eliminate the confusion.

 

By Narelle Davidson

Have I got your compliance attention? Top 10 hospitality tips in 2015

#1

Ensure that you have an efficient compliance system, not just short term solutions to legal problems. It’s easy to get distracted from “big picture” compliance because of all the “noise” that is created from trying to understand what the bloody hell were supposed to do. When we focus on what our legal obligations are, it’s easy to forget about implementing efficient systems and often we can complicate it more. Sure we might avoid some fines and keep the regulator off our back, but compliance is a lot more than that.

#2

A limited approach could limit the results. Compliance is a profession within itself. Having said that, there aren’t a great number of venue operators in the hospitality industry that employ full time compliance officers or managers. Many quiet simply can’t afford it. What seems to happen is that when a venue recognises that it has a compliance need, they will quiet often look towards existing staff and lay the folder, whatever it may be, in front of them and say, “you need to read that”. Sound familiar? A person with interest or knowledge in this area can bring about effective compliance for the business.

#3

Senior management and boards need to endorse compliance. A solid compliance program can help you achieve business strategy, values and objectives; provided it is aligned to them. Without the commitment from “the top”, achieving a compliance culture will be a struggle. It will be difficult to implement any policy and it will be a bigger challenge to create that “walk it like you talk it” culture.

#4

Policy must be practical. Compliance isn’t about having a policy for everything, it’s about developing and implementing practical policy that will help the venue met with the law, standards, codes, along with community, member and patron expectations. Policy needs to be written for your business needs not your oppositions. You understand your business better than anyone, take the time to read that policy and make sure it’s a good fit.

#5

Skilled people should be in demand. 2014, saw a number of changes to legislation that affect hospitality venues, including AML/CTF, liquor, superannuation, privacy, and fair work and just to name a few. Even those with dedicated resources for compliance still have some way to go and will admit to challenges along the way.

Those who haven’t recognised or dealt with those changes will continue to struggle on, but don’t need to.

#6

Compliance really is a team effort. Understanding that compliance is not the responsibility of one person is critical to success. Sure, if you’re employing a compliance manager they will be responsible for the compliance program within your business; but, every other person has compliance responsibilities. They must know what these are and the responsibility needs to be assigned. Position descriptions need to be reviewed and address this.

#7

Compliance needs to be commercially viable. Careful consideration needs to be given to what a document says will be done and what is practical.   Compliance should not need to be that complicated that it needs a lawyer to understand it. There should be flexibility, sure it will need to meet a standard; but, you don’t want to go so far over the top that you spend more time trying to meet that standard, causing complete business overload to do so. Make sure that you can identify what is a legal obligation and what is a compliance responsibility. Don’t assume everything is a legal obligation.

#8

Compliance is pretty serious stuff, it’s time to get geared up. The compliance function aims to help the business, not hinder. The compliance resource is there to help you; they understand what is required and they will do their best to make sure that the business is prepared. Remember the 6 P’s.

#9

Consider the compliance training program. Make sure it provides your staff the basic knowledge they need to complete their job? Bogging staff down with legislative requirements may not be the best option. Make it engaging.

“Communication is just one element that makes for effective implementation. The mature organisations also know how to align their compliance training to business goals. They know how to engage all stakeholders and they know how to deliver the right content for the right people.” Towards Maturity ‘In Focus Report Reinvigorating Compliance Training’ (June 2013)

 

#10

Compliance professionals are not lawyers. Don’t expect your compliance person or team to provide legal advice, that’s a job for lawyers. Generally, you will need a lawyer when you need legal representation, or advice on legal matters. Your compliance person or team should be able to take the law and put it into a language that the business will understand. This can be huge benefit to business, when change is constantly occurring and systems need to be reviewed, updated and monitored.

Having a dedicated compliance resource could be the best investment you make in 2015.

1 2 3