Trojan CorporateTrojan Corporate

By Narelle Davidson

Opportunity #1 – Invest in compliance resources

Opportunity #1 – Invest in compliance resources

Resourcing compliance can be costly in terms of time and budgets.  Failing to invest in compliance resources can be a liability with potential for financial loss and reputational damage.

Compliance happens when your venue meets with its obligations.  These obligations can include legislative requirements, codes of practice, standards and even venue policies and procedures.  Compliance shouldn’t be a burden; however, for many, it is. Compliance should align to the core values of the business.  Compliance is driven by leadership.  Team engagement results in compliance.

We need practical, simple and credible solutions to assist in meeting our compliance obligations.  We need systems that add value to our everyday operations.

Why invest in compliance resources?

A good compliance management system should prepare the business to meet its compliance obligations. The compliance management system should provide an accessible knowledge base and customised information for authorised team members that will help them to perform their role and meet standards to ensure compliance.

ISO 19600:2014 provides guidance on the establishment, implementation, evaluation, maintenance of an effective and responsive compliance management system.  These guidelines can help with the principles of good governance, sustainability and ensure the long-term success of your venue. Like anything, it will take time, effort and human resources of specific skills to implement this standard to your operations and procedures.

In order to manage strategic and regulatory compliance obligations as efficiently as possible, a centralised system is best.  The benefits of implementing a compliance management system can include:

  • Leadership focus
  • Improved and informed planning
  • Business support and organisational knowledge retention
  • Greater control of documented information
  • Improved operational planning and control
  • Improved communication
  • Performance evaluation
  • Continual improvement.

Investing in an implementing a centralised management system provides an organised repository for policies, procedures and practices including training, incidents and reports.   It will ensure that every team member has access, to important compliance information they need to be prepared and deliver results.

A centralised management system is a compliance resource that cannot be overlooked.

 

By Narelle Davidson

What is your compliance risk appetite?

How much risk is your venue prepared to adopt?  This is a great question to ask when assessing risk appetite.

It is important to take the time and understand your greatest risks and there is no time like now.  The Allianz Risk Barometer Report 2017 includes some interesting content on business risk. Page 18 of the Risk Barometer Report 2017 lists the top 10 most important business risks in the Asia-Pacific region as:

  1. Business interruption and supply chain 56%
  2. Market developments 55%
  3. Natural catastrophes 36%
  4. Macroeconomic developments 35%
  5. Cyber incident 32%
  6. Loss of reputation or brand value 26%
  7. Changes in legislation and regulation 25%
  8. Fire, explosion 20%
  9. Talent shortage, ageing workforce 14%
  10. Political risks 12%

Interesting that legislation change or regulation continues to remain in the top 10 risks; globally it sits at number 5 – 25%.  Let’s have a look what is happening locally.

WHS Risk

Fire and explosion risks rate highly, both globally and nationally, it is also a business interruption risk that has the potential for high-cost (life and financial).  There were 26 matters referred to Queensland Fire & Emergency Service as outcomes of investigation and inspections conducted on licensed premises in 2015-16.  The penalties associated with non-compliance and category 1, 2 and 3 WHS offences are considerable.

How long is it since you visited your Fire & Emergency Management Plan? 

Have you considered other emergencies like violent and aggressive patrons, or an “active shooter”,  floods and severe weather?

Liquor & Gaming risk

The recently released OLGR Annual Statistical Report 2015-2016 shows us that there was an increase in compliance inspections over three years across the state of Queensland by 20%, along with an increase of compliance investigations by 45%.   From a total of 13376 inspections and investigations conducted, 5239 of these resulted in no breach detected (approximately 39%).

Risk is also about opportunity.  Welcome news for some that the proposed 1 am lock-outs (from 1 July 2017) in venues located in Safe Night Precincts will no longer proceed.

Food Safety risk

The Gold Coast City Council has launched a “star rating” program, similar to that as implemented by the Brisbane City Council.  The program will see food businesses on the GC issued with “star ratings”.  Star ratings are issued based on an assessment of the food safety management practices in place.  The rating system is set to be in place by November 2017.

How many stars would your food premise score?

Food allergies are becoming increasingly common.  Food businesses are encouraged to have procedures or management plans in place to deal with food allergy intolerance (FAI).

Does your food safety program include FAI procedures?

AML/CTF risk

AUSTRAC have recently created a series of fact sheets aimed to dispel some myths about money laundering.  Those fact sheets may have been emailed to the AML/CTF Compliance Officer. Have them check their email box and take a look at this recent case study involving gambling services.  Consider using them as training tools with the team.

The 2016 AUSTRAC reporting period ended on 31 December 2016 and the annual compliance report is due to be lodged by 31 March 2017.

Have you lodged your 2016 annual compliance report?

What’s next?

All of the above have potential to cause reputational loss and impact on brand value.

Governance, risk and compliance are serious stuff.  This is a good reminder to consider governance, compliance and risk along with the systems that are in place to manage them. Compliance doesn’t need to be hard work; however, it does require a consistent and realistic approach.

Does your venue have a compliance and risk policy?  Are compliance and risk being managed by informed decision making?

Compliance is a function aimed to help business, not hinder. Having a compliance manager who understands the big picture is a great start.  Implementing a compliance and risk management system can add value to your business and help you manage compliance and risk appetite.

How hungry are you?

By Narelle Davidson

Make time to test compliance performance

Mistake #4 – Failing to test compliance performance

Failing to test compliance systems is a recipe for malfunction.  We must monitor, evaluate and review our compliance management system.

We take the time to set smart business goals.  It is critical to monitor and measure these regularly.  We must test compliance and make assessment to ensure sufficient resources are allocated.  The performance of the system should be reviewed regularly, along with those who use it.

The compliance program must be documented, communicated, implemented, monitored and measured. The compliance management system should demonstrate performance of the compliance program.

A major incident, or compliance failure is not the ideal way to find out that there is a problem with your compliance management system.  Test compliance to prevent a systemic failure.

Solution:

Ensure that your compliance management system is regularly monitored, evaluated and reviewed.  Test the system. Does it pass or fail?

Work out your points of vulnerability.

Put a plan in place to address the non-compliances or weaknesses in your system.  This will ensure informed, considered and effective results.  Achieving business goals becomes possible.

By Narelle Davidson

How to demonstrate compliance

Mistake #3 – The compliance management system doesn’t demonstrate compliance

How to demonstrate compliance response ability?

The compliance management system must allow the business to respond to what needs to be done.  An unresponsive system, leaves room for error and important items to be overlooked.

There is a risk of compliance obligations slipping through the cracks and falling to the bottom of the pile. Paper based models are antiquated and ineffective.  Paperwork bogs business down making for an ineffective system.

The compliance management system should allow the business to respond to events and tasks due.  Compliance should be demonstrated by corrective actions taken within reasonably efficient time frames.   Does your compliance management system demonstrate compliance? Does it:

  • Send automated alerts and workflows?
  • Provide task status updates?
  • Send reminders for incomplete tasks?

Compliance management systems collect information.  This information should be easily extracted into reports for the team, management, or Board.

Being able to respond to a question of status regarding an incident, policy review or even a customer complaint will demonstrate compliance.  A responsive system provides:

  • Informed decision making.
  • Improved performance management of team members.
  • An assessment of business strategy.

Solution:

To alleviate compliance burden, consider how technology is being used within other areas of the business. Can it be extended to the compliance management system? The answer is yes!! Talk to the IT department and get some tech savvy advice on what options are available and will best fit with existing systems.  Simplifying compliance will allow for greater time to be spent profitably.

By Narelle Davidson

Seven mistakes club managers make with their compliance management systems

Mistake #2 – The compliance management system doesn’t protect the club

As a club manager you need a compliance management system that  offers protection for both yourself and the club.

You want your team to focus on member and guest satisfaction; not being reactive to out of hand compliance issues.  Imagine the value of compliance documentation, records and reports in one central location.   Even more value in being able to check the status of compliance tasks and know that the compliance management system is protecting the club.

The compliance management system should protect the business.  It should demonstrate an audit trail. It should be a repository of records and include a schedule of calendar events that serve as timely reminders of tasks due, done, or delegated.

Does the existing system at your club allow compliance tasks to be ignored, or to remain incomplete? Are there compliance tasks that are outstanding, or outdated policies and procedures that need reviewing, incidents that are unresolved? If the system doesn’t record the status of the task or corrective actions; can you demonstrate and evidence it?

The compliance management system must be active and functional. Every member of the team should know what is required of them by the management system and understand the consequences of non-action.

Solution:

Calendar and email reminders should trigger an action to get things done. This might include; delegating certain tasks, attending a workshop or training session, submitting a report to a regulator.   Meeting compliance.

Implement a system that allows for tasks to:

  1. Be done.
  2. Be delegated.
  3. Be deferred (but not forgotten).
  4. Followed up and reported on.

By Narelle Davidson

Seven mistakes club managers make with their compliance management systems

Mistake #1 – The compliance management system doesn’t prepare the business to meet compliance obligations

A good compliance management system should prepare the business to meet its compliance obligations. The compliance management system should provide an accessible knowledge base for team members and customised information that will help them to perform their role and attain the necessary standards to ensure compliance.

In order to manage strategic and regulatory compliance obligations as efficiently as possible, a centralised system is best.

Solution:

Implementing a centralised, organised repository for policies, procedures and practices including training, incidents, reports, review and continual improvement will ensure that every team member has access, to important compliance information they need to get them prepared.

Opportunity #1 – Invest in compliance resources
What is your compliance risk appetite?