What does compliance mean?
The English term “compliance” generally describes behavior that conforms to the rules. However, compliance means more than just adhering to the rules. The degree of compliance is also very important. “Compliant” is anyone who adheres to the law and order and – in a business context – ideally to the guidelines and value system of the company or organization. For full compliance, a company must therefore ensure that all employees and the organization at a higher level
- legal,
- ethical,
- economic
- and, where applicable, internal
principles. One example is the data protection of personal data prescribed by the EU’s General Data Protection Regulation. It is intended to help companies handle sensitive customer and business partner data ethically.
Why is compliance important?
Compliance with legal regulations and rules is particularly important in the business sector. After all, compliance means more than just avoiding violations of the law. There are various reasons for this:
- Legal certainty: among other things, compliance means that companies avoid violating legal regulations – and protect themselves from the legal consequences. This is because non-compliance (i.e. not following laws and guidelines) can have far-reaching consequences for employees and entire companies.
- Business continuity and reputation: Mandatory rules and rules to which a company voluntarily submits (such as standards or within the framework of the German Corporate Governance Code) lead to reliability and continuity of the organization or company as well as greater trust on the part of customers and partners. This is of central importance for the long-term and sustainable success of the company.
- Workflow efficiency: If the company introduces an effective compliance management system, employees learn fixed guidelines and procedures. Standardized, regulated processes can lead to increased efficiency in the long term and thus to an economic competitive advantage.
- Sustainability: If the corporate culture of compliance also includes internal guidelines or external regulations on environmental protection, it also contributes to sustainability throughout the company.
Compliance therefore helps companies to minimize legal risks and avoid damage to their image. However, compliance also serves the strategic implementation of sustainability efforts and can have economic benefits.
Legal basis and regulations
In a democratic state governed by the rule of law, compliance is of central importance – and thus the adherence to legal regulations for a company. This is especially true if it wants to accept public contracts. Companies should therefore always ensure that they comply with national and international law. Important:
- It is mandatory to comply with all criminal law standards
- The requirements and guidelines vary depending on the company’s sector
- Foreign law is also often relevant for comprehensive compliance
Compliance risk: Possible penalties for non-compliance
Those who do not observe compliance rules bear a great risk. This is because criminal acts such as fraud, corruption, insider trading, unfair competition, money laundering and violations of any other kind lead to criminal liability for those involved and the company management. Violations of laws and regulations can result in civil and criminal penalties, such as
- severe fines
- claims for damages
- massive loss of reputation for the company
- responsible persons in the company face imprisonment or fines, but also consequences under employment law, including dismissal
Compliance in companies
Importance of compliance management
Ethical, economic and legal compliance management is essential in a business context. This is because the objectives of compliance – protecting business interests, safeguarding employees, preventing white-collar crime and export violations – make a significant contribution to the company’s existence and success. Companies must therefore work proactively to comply with laws and guidelines.
Various measures are usually necessary as part of strategic compliance management:
- Firstly, companies should examine the relevant legal basis for compliance and draw up internal company rules accordingly
- A clear system should then be established within the company structure to ensure that compliance management functions properly. For example, a compliance officer
- can ensure that all compliance requirements are clear and can be implemented in day-to-day business
- Board members and managing directors must monitor that the internal compliance rules are adhered to
- If necessary, these measures can be developed further if deficits in the regulations are identified
In which areas is compliance particularly important?
- Pursuit of a corporate mission statement and compliance with:
- Employee regulations such as minimum wage, Working Hours Act, Occupational Health and Safety Act
- Law against unfair competition (UWG)
- Anti-discrimination law
- Prevention of criminal offenses in the area of corruption
- Data protection and data security
- Environmental protection and sustainability
- Tax control (tax compliance – compliance with tax law)
- Monitoring the business environment
- Adherence to compliance requirements on the part of business partners and suppliers
- Selection of the customer base (know your customer, KYC)
- Export control
- Sanctions list check
- Embargo control
- Goods control
Case study: EU compliance plan for greater environmental protection
EU Trade and Sustainable Development Action Plan
On June 22, 2022, the European Commission presented a compliance plan, which now serves as the basis for new EU trade agreements.
- The aim is to make companies more accountable when it comes to issues such as climate protection and workers’ rights. In the plan, the EU Commission describes how these goals should be implemented and enforced and how green, fair economic growth should be promoted.
- Content:
- The plan places a new emphasis on the fact that a breach of key Trade and Sustainable Development (TSD) provisions can lead to a trade sanction for the party concerned.
- Improved bilateral cooperation and closer coordination within the EU are identified as key to better monitoring and enforcement of TSD guidelines.
- In the event of breaches of sustainability commitments, complaints can be submitted and must be processed by the Commission within a certain period of time. The aim of this rule is to encourage companies to comply, including in the area of environmental protection, through close scrutiny.
Importance of the EU compliance plan
Generally speaking, the example of these EU regulations illustrates how important compliance is in the business environment. If companies adhere to the guidelines, they contribute to environmental protection and better conditions for employees’ daily work. Conversely, breaches of these regulations pose major risks for companies: Legally, non-compliance with the requirements can be prosecuted. This is why every company should develop a compliance management system for its corporate structures.
Compliance management in foreign trade
Compliance is particularly important for companies that conduct export business. For “foreign trade compliance”, the Federal Office of Economics and Export Control (BAFA) recommends setting up internal compliance programs (so-called Internal Compliance Programs – ICP). The procedure for this is summarized in a BAFA guideline for ICPs. However, there is no universal ICP for all companies. The Federal Office points out in detail that implementation always depends on the company’s business cases. Aspects such as: Type of goods, use, country group as well as total and quantity of exports.
Duties of the ICP according to BAFA specifications:
- Obligation to select personnel: appoint qualified personnel
- Staff training obligation: ensure regular further training
- Organizational obligation: organizational structure
- Assignment of responsibilities: Process organization
- System to prevent violations: Monitoring obligations
- Control measures: regular review of the ICP
Compliance guidelines – planning and implementation
Internal Compliance Officer
The customs administration expects companies involved in foreign trade to have an internal guideline structure with the following objectives:
- Prevention of breaches of regulations
- Timely recognition of risks
- Compliance with and monitoring of fixed process structures
- Analysis routines for possible causes and sources of error
First and foremost, the task is to establish internally transparent objectives that make it possible to prevent legal and regulatory violations as far as possible from the outset. A compliance officer is often appointed to coordinate this task.
Important organizational aids
Apart from the introduction of a compliance manager, all relevant departments and functionaries in the company should have suitable organizational aids at their disposal:
- checklists
- Guidelines and manuals
- Further and advanced training opportunities
- Supporting IT systems and software
To this end, objectives must be defined, areas of competence and specific work and organizational instructions developed and adhered to.
Establishing a culture of compliance within the company: Practical examples
1. Setting goals
Practical examples:
- An automotive supplier defines its goal as: “Zero violations of export control regulations for deliveries to third countries by the end of the fiscal year.”
- A pharmaceutical company stipulates: “100% compliance with GDP (Good Distribution Practice) guidelines for all drug deliveries.”
- A mechanical engineering company sets itself the goal: “Reduction of customs surcharges by 80% within two years through optimized compliance processes.”
- An IT service provider defines: “Complete documentation of all cross-border data transfers in accordance with GDPR and international data protection regulations.”
2. Development and introduction of a compliance program (with external consulting if necessary)
Practical examples:
- A medium-sized company commissions a specialized consulting firm to develop a customized export control program that covers industry-specific risks
- A logistics company introduces a digital compliance management system that automatically checks shipments against sanctions lists
- A chemical company implements a multi-level compliance program with special modules for dual-use goods, hazardous goods transport, and customs clearance
- An international corporation sets up a group-wide whistleblower system that enables employees to report potential compliance violations anonymously
3. Definition of responsibilities according to specialist areas and their representatives
Practical examples:
- An electronics company appoints an export control officer who reports directly to senior management and two trained deputies
- A trading company creates a compliance matrix that clearly defines the responsible persons and their deputies for each business area
- A software company implements a “dual control principle” for all export-related decisions with documented responsibilities
- An industrial company sets up a compliance committee in which representatives from sales, logistics, legal, and finance meet regularly to coordinate responsibilities
4. Determination of documentation requirements and reporting channels
Practical examples:
- A textile company introduces a digital system that automatically archives all supply chain documentation in accordance with the Supply Chain Due Diligence Act.
- A mechanical engineering company implements a standardized procedure for documenting all export control checks with monthly reporting to management.
- A trading company develops a traffic light system for customs risks that is updated daily and automatically escalates critical cases to the responsible managers.
- A logistics service provider introduces a seamless tracking system that digitally archives all customs-related documents for 10 years and makes them immediately accessible when needed
5. Participation in qualifying continuing education measures
Practical examples:
- An industrial company requires all employees with export responsibilities to participate in certified training courses on current export control regulations on an annual basis.
- A pharmaceutical company conducts quarterly internal workshops on compliance topics, led by external experts.
- A technology company implements an e-learning program with mandatory modules on customs and export control, which concludes with tests.
- A trading company regularly sends its customs officers to Chamber of Commerce seminars and specialist conferences and requires them to pass on their knowledge in internal training courses.
6. Determination of procedures for identified rule violations
Practical examples:
- An automotive supplier establishes a three-step escalation process: 1) Immediate reporting to the compliance officer, 2) Convening a crisis team in the event of serious violations, 3) Self-reporting to the authorities in the event of relevant violations
- A chemical company introduces an anonymous reporting system that enables employees to report violations without fear of reprisals
- A mechanical engineering company implements a “no-blame” procedure for self-reported violations to promote transparency, combined with clear consequences for intentional violations
- A trading company develops standard procedures for different types of violations, which contain clear instructions for remediation, documentation, and prevention of similar cases in the future
Conclusion: These practical examples show how companies in various industries can establish an effective compliance culture, which is particularly essential in the area of customs and export control in order to minimize legal risks and obtain and maintain customs simplification procedures such as Authorized Exporter (EA) or Authorized Economic Operator (AEO) status.
Sources:
- https://compliance.spongelearning.com/compliance-themen/was-ist-compliance.html
- https://www.offenbach.ihk.de/recht-und-steuern/unternehmensrecht/unternehmensrecht-von-a-z/compliance-ueberblick/#:~:text=Als%20Rechtsgrundlage%20der%20Compliance%20sind,Regelm%C3%A4%C3%9Figkeit%20der%20Wertpapierdienstleistungen%20zu%20gew%C3%A4hrleisten
- https://www.validatis.de/kyc-prozess/news-fachwissen/compliance/
- https://www.hza-seminare.de/zoll-news/486/compliance-neuer-ansatz-fuer-gruene-gerechte-handelsabkommen
