First 90 days
As a new employee, it's important to map out your goals and strategies for the first 90 days of your role. This plan will help you navigate your journey to settling into a new job and maximise your productivity. A 30-60-90 plan will also give your employer an idea of how you intend to contribute to the company over the upcoming months.
The first 30 days involve connecting with other employees which lays the foundation for good communication. These early days should focus on learning about the company, current projects and getting a handle on the org. chart. Establishing yourself in a new role requires structure, especially when in a leadership position.
Within your first 60 days, it is useful to start building on the foundation of the connections you have made. This is the time to start working with others in the organisation to create goals and establish key outcomes that you would like to achieve.
Towards the end of your first 90 days, you should feel relatively established and settled in your role. As a CCO, there's a responsibility to enforce regulations in the company - this is the time to take action. To effectively implement your 30-60-90 day plan, you will need to outline measurable goals and ensure they align with the company's overall mission.
Back to top of page
Auditing compliance processes
Conducting a compliance audit is essential to your role as a CCO, especially at the outset. There are a few points that are essential to consider in the process:
- Decide who will perform the audit.
This is generally a compliance officer. However, if you work for a smaller business with limited resources, you may choose to engage an independent auditor.
- Initial planning
Before any investigation takes place, you need to address some key questions:
- What risks will your audit address?
- What was the outcome of any previous compliance audits?
- Have there been significant changes since the previous audit?
- Meet with key stakeholders
Audits may begin with a meeting between senior stakeholders and auditors to outline compliance checklists, guidelines and the audit scope.
- Evaluate existing processes & controls
The compliance auditor is responsible for assessing the organisation's tone and risk management culture and evaluating and reporting the effectiveness of management policy implementation.
- Assess risks
Some organisations have a higher appetite for risk arising from changing trends and business/economic conditions. Therefore, internal auditing techniques have changed from a reactive and control-based form to a more proactive and risk-based approach. The internal auditor can anticipate possible future concerns and opportunities, providing assurance, advice and insight where it is most needed.
- Analyse operations & confirm information
Achieving objectives and managing valuable organisational resources requires systems, processes and people. Internal auditors work closely with line managers to review operations then report their findings.
- Consider external resources needed
Compliance auditors may work with many assurance providers, including risk management professionals, fraud investigators, quality managers and security experts, to name just a few.
Back to top of page
Understanding policies & processes
When starting at a new company, it's important to get a lay of the land regarding the policies, processes and compliance training. This assessment allows you to offer a fresh perspective and identify problems. During the first 90 days, you can clearly see the size of any problems. You have an opportunity to put these concerns on the radar.
Your assessment should include investigating the number of complaints and regulatory referrals. Important information to know includes how the company reports breaches, the company's breach register and their statements of breaches.
Skillcast offers an online Policy Hub tool that enables you to create, update, approve, communicate and seek attestation for your corporate policies. The tool allows you to demonstrate compliance with both UK and international regulations easily.
Back to top of page
Reviewing compliance training
A new CCO needs to have a grasp of the product or service that the company offers. You'll gain credibility with senior management and regulators if you know the product inside out. This is a key component of working and communicating with the product team. You're more likely to earn the respect of other teams if you show an effort to understand their language.
Within your first 90 days, it is important to get a good understanding of the org chart. Knowing the company structure and culture will go a long way in ensuring you seamlessly adapt to the environment. Embedding compliance training in the company culture is a challenge. However, the challenge of engaging employees in training is greater.
Aligning your goals with those of each team will encourage greater cooperation and enthusiasm. By having a firm grasp on the company culture, you can adapt training to being inclusive and engaging for all employees. It is essential for compliance officers to take the lead on training.
Skillcast Essentials Library includes over 100 e-learning and microlearning courses that cover key compliance and conduct issues facing companies in the UK.
Back to top of page
Setting the tone
As a new CCO, it is valuable to hone in on the traits that will help you execute your role to the best of your ability. There are five key characteristics that every CCO should have to perform their tasks efficiently. CCOs need to have:
- Consistent operational integrity to monitor and enforce training programmes
- The ability to assess risks and communicate their impact efficiently
- Industry knowledge beyond regulatory requirements to the latest criminal tactics
- A respected voice of integrity to be taken seriously at all levels of a company
- The ability to be alert and responsive to keep compliance programmes dynamic
Identifying relevant legislation
CCOs face a huge volume of legislation, regulations and standards. It has become increasingly complex for companies to comply with them, so CCOs need to have their finger on the pulse. It is important to familiarise yourself with key legislation and regulations that define the corporate compliance landscape.
Some industries are more heavily regulated than others such as pharmaceuticals. There are generic regulations that every CCO need to be familiar with that relate to the following areas of compliance:
Back to top of page
Continuously learning
The compliance landscape is always changing, so it is vital that stay up-to-date. That doesn't only mean regulatory changes but also thought leadership and best practices.
We offer 100+ free compliance training aids, including presentations, desk aids, posters and e-learning modules that you can use to help train your staff.
If you'd like to stay up to date with compliance best practices, industry insights and key trends across regulatory compliance, digital learning, EdTech, and RegTech news, subscribe to the Skillcast Compliance Bulletin.
How to be an Effective Chief Compliance Officer (CCO)
Chief Compliance Officers are responsible for promoting a company's ethical conduct. This task involves overcoming some key challenges.
Managing Key Compliance Challenges
Those working within compliance in the UK face more challenges now than ever before. Our eBook examines 15 of the key challenges facing compliance professionals to help you manage them more effectively.
How to Create a Compliance Culture
Our eBook aims to address some of the key challenges surrounding the quest for 100% compliance so that you can begin taking reasonable steps to implement a culture of compliance.
Compliance Audit Checklist
Here we explain the key steps to completing a compliance audit to identify any gaps in compliance and suggest corrective actions.
101 Compliance Tips for CCOs
It's important to keep your finger on the pulse - stay informed with the latest developments, as there is always something new to learn. We have 101 tips from team building and mentoring to self-development and leadership.
Learning Styles Self-assessment
Providing quality training and development opportunities is one way to improve employee engagement. We have created a self-assessment to help you identify which learning approach would best suit your employees.
Proving Compliance ROI Webinar
In this webinar, we show how you can improve the ROI of compliance spending and demonstrate this to your management.
Back to top of page
Key insights from CCOs
Our CCO roundtable dinners give compliance minds the opportunity to bounce off each other, share knowledge and discuss relevant issues. We've collated some of the most engaging insights.
Challenges in the role
Identifying challenges is the first step in overcoming them. One of the main challenges in the role of a CCO is that it can be isolating. Regardless of whether you have a team around you or not, you have to make tough decisions that are either unpopular with the people or the regulator.
Some other challenges include:
- Potentially dealing with a regulatory mess in the first few days.
- The time it takes to fix critical issues
- Feeling compelled to say something for the sake of saying it
Overcoming these challenges and learning how to allow you to gain trust.
Overcoming the challenges of the first 90 days
- Take time to establish yourself: Transitioning into a new leadership role, especially as a Chief Compliance Officer, presents unique challenges. Success hinges on thoroughly understanding the company's operations and compliance needs, building credibility with the board by aligning with business objectives, and strategically prioritizing changes. It's crucial to approach the role with a fresh perspective while pacing oneself and implementing changes gradually to ensure effective leadership and compliance management.
- Make people rethink compliance: Most people are not interested in the details of the law, but they do care about the consequences of non-compliance. To engage them, CCOs must explain why compliance matters and how it protects both the company and the individual. A CCO needs to be versatile, combining industry and technical expertise with communication skills to show how compliance mitigates risks. When real-world problems arise, they highlight the critical role of compliance, making it more relatable and reinforcing its importance by focusing on the personal impact.
- Build & maintain key relationships: This involves investing time to understand different departments and employees' perspectives, personalising the compliance message to resonate with individuals, and securing support from top executives. By highlighting relevant risks and consequences, leaders can better engage their audience and gain buy-in for compliance initiatives. Understanding relationship dynamics and tailoring communication to specific interests and concerns is key to successful compliance management and implementation.
- Embed a culture of compliance in a company: Company culture plays a crucial role in shaping how compliance functions. Understanding the culture early on helps CCOs identify challenges, such as when management separates itself from compliance, weakening the compliance message as it moves through the layers of leadership. A "good news" culture can also be problematic, as staff may ignore compliance until a serious issue arises. Compliance, however, is about prevention, and avoiding fines can save as much as profits do. CCOs need to break through these cultural barriers by emphasising the real risks and the importance of continuous adherence to regulations.
- Focus on risk management: Effective risk management begins even before assuming a leadership role, with the interview stage offering an opportunity to identify organisational issues and propose mitigation strategies. Developing a comprehensive risk management framework and mediation plan is crucial for addressing these challenges. A key tactic in risk mitigation is focusing on educating junior staff about company policies and procedures, as their daily adherence can significantly reduce overall organisational risk. This approach ensures that risk management is embedded at all levels of the company, creating a more robust compliance culture.
Advice to CCOs new in their role
It is often hard to find someone internal to provide mentorship when you're new in a CCO role and often, there simply isn't the time.
Here are some nuggets of advice from CCOs who are relatively new in their role:
- Remember to listen
- Keep calm
- Record everything - any regulator will want to know what you've done and why
- Be sociable and approachable
- Take your time -unless your instinct tells you something is genuinely urgent, it is not
Learning how to be effective in a CCO role
- Storytelling is an effective tool as everybody can relate.
- Understand that compliance is synonymous with confidence.
- Think of compliance as inspiring people to do the right thing rather than policing.
- Build a rapport with stakeholders - it will be easier to explain tough decisions.
Working in small vs large organisations
Smaller organisations
- More of a visible impact and you actually need to have that impact
- Potential to feel more useful
- Longer term opportunity
Larger organisations
- Can be quite political
- There is often a lot of red tape where it is difficult to get simple things done
- More compensation and security, in some cases