Regulations abound in the business world and compliance managers are responsible for ensuring that companies are compliant with both external regulations and company policy. A compliance manager, or compliance officer, must be well versed in both in order to keep the company out of trouble with regulatory agencies and external auditors. The U.S. Bureau of Labor Statistics reported that the average annual salary for a compliance officer as of 2011 was $63,760.
Compliance officers are responsible for developing policy based on executive or regulatory directives. Some policies are based on what the company's executive management deems appropriate, while other policies are required by legislation or regulations affecting the company. In either case, a clear written policy goes a long way in cutting through the confusing verbiage of regulations or executive management.
Training is one of the best ways to ensure that employees are aware of new policies and procedures. Compliance managers sometimes develop and present training for both new and existing employees on critical policies, ensuring that the employees are at least aware of the company's policies. Good policy training focuses on the origin of the policy, the reasons for its implementation and the consequences for violations.
Compliance managers investigate reported compliance issues to discern whether there is a true violation of regulation or policy. This includes interviewing personnel involved, reviewing existing documentation and observing actual practices. They may also initiate investigations on their own if they become aware of a situation that warrants it. The point of the investigation is to determine whether an actual violation has occurred.
Documentation and Reporting
One of the most important aspects of the compliance manager's job is documenting findings from investigations and reporting the findings to the appropriate people. Documentation should outline the policy in question, the personnel involved and any action that the company has taken or plans to take to fix the problem. Good documentation is critical in the event that a legal problem arises from the violation or corrective action.
Alan Hughes has more than 30 years of experience in IT including mainframes, programming, client/server, networks, project management, security, disaster recovery, information systems and hardware. He holds a master's degree in applied computer science and several certifications. He currently teaches information technology at the university level.