We highlight below nine pillars for implementing or improving a compliance program:
- Commitment and support of top management
Initiative and unequivocal commitment of the company’s top management, evidenced by visible support to the program, as well as allocation of adequate resources.
- Risk Assessment
Conducting a risk analysis and its periodic reassessment, involving planning, interviewing, documentation and establishing the necessary cure measures. Risk assessment must consider each company in its individuality, objectives, size, structure, market where it operates, level of interaction with the public sector, among others.
- Rules and instruments
Creation or improvement of conduct standards, code of ethics, integrity policies and procedures, applicable to all employees, regardless of the position or function, extended, when necessary, to third parties, such as suppliers, service providers and agents.
- Internal Controls
Internal controls are mechanisms that, in addition to minimizing operational risks, ensure that the company’s documents and records fully and accurate reflect its business operations, ensuring the reliability of the information provided.
- Training and communication
Dissemination of the company’s values, standards, policies, procedures and ethical and integrity conduct. Implementation of training to employees, which may be extended to third parties. Continuous reinforcement through materials and news.
- Whistleblowing channels
Implementation of a mechanism for anonymous report of misconduct or suspicion of misconduct.
- Internal investigations
Processes allowing investigations to promptly respond to reports of illicit or unethical behavior. Fact-finding, determination of what occurred, if there was improper conduct, what the circumstances and people involved were, and if laws or policies were violated.
- Due diligence
Evaluation prior to contracting commercial partners or suppliers to verify their integrity, which may include: corporate and financial structure, history of unethical commercial practices, involvement in lawsuits, among others.
- Continuous monitoring
Process of constant evaluation for improvement of the compliance program. Verify if the implemented pillars are working as planned, if the expected effects are materializing and the risks are being controlled. Measure to manage.
Montgomery is able to assist its clients in the implementation or improvement of the compliance program.
We remain at your disposal for any clarification.
MONTGOMERY