BSBCOM603 Plan and Establish Compliance Management Systems Sample Assignment
Plan and establish compliance management systems
BSBCOM603
Assessment task 1
Compliance is the process by which an organisation ensures that relevant external and internal requirements such as legislation, rules, guidelines, standards, codes, policies, procedures and controls are complied with. The compliance function assists the business in complying as well as gaining assurance from the business that they have complied.
Many compliance functions have traditionally covered only external requirements (external compliance).The wider definition also takes into account compliance with internal requirements (internal compliance). The wider definition is used here and both internal and external will be covered.
Report
1. Compliance Requirements:
Internal Compliance
The objectives of internal compliance are to:
1. Provide assurance that all key internal policies, codes, standards and controls are being complied.
2. Provide a framework to assist in achieving compliance.
External Compliance
The objectives of external compliance are to:
1. provide assurance that the organisation is complying with all material external requirements.
2. provide a framework to assist in achieving that compliance.
External compliance may be achieved using a range of approaches. At the more basic level, periodic manual sign off by management of compliance with external requirements is used. More comprehensive approaches involve regular compliance attestations by a wide group of management andstaff together with inclusion of non-compliance risk into the ongoing risk and control self assessment process.
Industry compliance requirements
1. Informed consent forms are completed correctly;
2. The correct informed consent form is being used;
3. Informed consent forms are being signed and dated by the applicant;
4. Informed consent forms are securely stored as per CrimTrac requirements;
5. There is a valid and specific reason for check provided on the informed consent form (typically their position title and the industry they work in)
6. Proof Of Identity is being carried out in line with CrimTrac requirements (with evidence they have been sighted, signed and dated by an approved employee of your organisation);
7. The correct personnel are ensuring check subject privacy is maintained as per CrimTrac requirements; and
8. Informed consent and proof of idenity is carried out before the lodgment of the police check application trhough the client portal.
9. Police check reports can only be shared with the individual and not any other 3rd party.
2. Compliance Effects:
1. Areas affect
The Charity Care has employs about 50 employees who are assisted in various charity tasks by community volunteers. Charity-Care operates two major front line community services and one service is Community-Care.
- The Community-Care has two 100sqm first floor drop-in office centres operating in Spring Hill on Brisbane’s Northside and Wooloongabba on Brisbane’s Southside and provides counselling services, short term ‘rent loans’ and $20 supermarket gift food vouchers for people in need. Each centre has a manager, receptionist, office clerk and four counselling staff, and is fitted out with a reception/waiting room, two counselling offices and a staff general office area that includes a kitchenette. Private information is collected on people seeking the counselling services and recorded in a central database that can be accessed from all centre computers. Volunteer staff operate the call centre and visits seeking donations from local businesses and households.
- Computer-Care a retail business on the CBD fringe that specialises in selling re-conditioned second-hand ex-government computers to needy families for children’s educational purposes. The small 70sqm shop is supported by a 1,000sqm warehouse and repair centre in Fairfield, a Brisbane suburb. 50% of the computers are picked up from the shop and 50% are delivered from the warehouse. Computers for repair are dropped off and picked up from the warehouse. Repair costs are paid by the customers to the service centre staff. There is a manager of the Computer-Care initiative who manages both the shop with its 15 employees as well as the warehouse (eight employees) and service centre (four employees). Head office for Charity-Care is based in Fortitude Valley. This is where the CEO and you as the business manager have offices. There is a board room, reception/waiting area and an open office area where the accounts payable, accounts receivable, payroll clerk and bookkeeper each have a workstation.
2. Risks
The CEO has explained the organisation has grown quickly and the management and compliance systems have not had a chance to catch up. Issues were found with the last audit and there has been some disquiet from the association’s stakeholders about the way the association has been managed – particularly with the cash handling processes and keeping of transaction records. The business manager is totally focused on providing the best possible outcomes for the clients. He is very passionate about making sure they are looked after but does not really worry too much about issues of control or compliance. The culture of the business is focussed on having a good time while helping the community.
- Effective risk management requires:
§ a strategic focus
§ forward thinking and active approaches to management
§ balance between the cost of managing risk and the anticipated benefits
§ contingency planning in the event that mission critical threats are realised.
3. Risk minimization
The CEO went on to say that many policies are documented; however, there still remains some training and motivational issues in relation to implementing them appropriately.
Some of the policies include:
● risk management policy
● sexual harassment policy
● credit card policy
● expense reimbursement
● financial handling policy
● expenses policy
● equal employment opportunity policy
● work health and safety policy.
3.Compliance Systems:
Charity-Care will maintain procedures to provide a systematic view of the risks faced in the Assignment of our business activities.
1. Establish a context: the strategic, organisational and risk management context against which the rest of the risk management process in Charity-Care will take place. Criteria against which risk will be evaluated should be established and the structure of the risk analysis defined.
2. Identify risks: identification of what, why and how events arise as the basis for further analysis.
3. Analyse risks: the determination of existing controls and the analysis of risks in terms of the consequence and likelihood in the context of those controls. The analysis should consider the range of potential consequences and how likely those consequences are to occur. Consequence and likelihood are combined to produce a priority rating for the risk.
4. Treat risks: for higher priority risks, Charity-Care is required to develop and
implement specific risk management plans including funding considerations. Lower priority risks may be accepted and monitored.
5. Monitor and review: oversight and review of the risk management system and any changes that might affect it. Monitoring and reviewing occurs concurrently throughout the risk management process.
6. Communication and consultation: appropriate communication and consultation with internal and external stakeholders should occur at each stage of the risk management process as well as on the process as a whole.
Component in terms
- Cheques
o Any two of the above have the authority to sign cheques.
o Signatories cannot sign a cheque made payable to themselves.
o A list of all cheques issued each month will be provided to the treasurer.
- Credit card
The purpose of this policy is to:
o 1. Ensure that organisational transactions are carried out as efficiently as possible through the use of credit cards and transaction cards as appropriate.
o 2. Guard against any possible abuse of organisational credit cards.
Recommend systems are a subclass of information filtering system that seek to predict the "rating" or "preference" that a user would give to an item. Recommender systems have become extremely common in recent years, and are utilized in a variety of areas: some popular applications include movies, music, news, books, research articles, search queries, social tags, and products in general. However, there are also recommender systems for experts, collaborators, jokes, restaurants, financial services, life insurance, romantic partners (online dating), and Twitter pages.
Research Plan
Research tools
1. How to Deploy the Survey
In the simplest case, you don't need more than a URL to include in an e-mail message along with hand-constructed text like, "Help us decide which hotel to choose for our user group conference!" But to get customers' attention, that e-mail message needs some kind of formatting. You might need to track participation, too, and to send reminders to those who didn't respond. On the other hand, you don't want to "over-touch" the audience by asking the same people to respond too often; that's bad manners, not to mention that you don't want to hear from the same people all the time. SoGoSurvey gets a nod for its email-list tracking in that regard.
2. Where Will People Take the Survey?
All these applications work perfectly in a Web browser. But if your audience of 20-somethings is apt to respond to the survey on their smartphones, it behooves you to test and deploy the survey on that platform. (SurveyGizmo gets top marks for showing a preview on multiple devices. Campaign Monitor GetFeedback shines brightly with a mobile-first design.)
Need to share "take my survey" via social media ? The applications' features vary there, too; not everyone posts survey links directly to Google+. But don't expect much. Even when social media sharing is supported, though, it probably means nothing more than constructing a tweet on your behalf. You easily could do that with social media tracking tools without the survey tool's help.
3. When Should the Survey Stop Accepting Input?
There's no point in wasting anyone's time if nobody looks at the results. All these applications let you close a survey based on date (such as accepting responses until the end of the month). Others, such as SoGoSurvey, permit you to stop when you have "enough" responses (surely, 1,000 people telling you which color they prefer is enough to make a decision?).This requirement doesn't apply to surveys you implement as an ongoing feedback mechanism, such as customer satisfaction research sent automatically after a hotel stay.
4. Look at Data Formats
Sometimes you need "open-ended" data in a particular format. All these applications support data validation in basic forms, such as a date or email ID, but if your needs are specific (for instance, FluidSurveys can check UK post codes and URLs) you may need to spend more money.
5. Slicing and Dicing the Results
Every one of these applications does an admirable job at presenting the results in pretty charts and graphs. Some do impressive things with their analysis, however, such as SurveyGizmo performing text analysis on open-ended questions or Checkbox Survey automatically sending an email to a designated ID based on a survey response (such as a poor mark for customer service).
Quite often, your business or community group's survey needs are met with minimal functionality, and these applications are overkill. But if you really care about learning what customers, users, and employees feel, you'll be sure to appreciate the features in these applications. I know I do.
Procedure
o All cheques must contain two eligible signatures.
o Eligible signatories are board members or staff members who have been previously
o nominated and endorsed by the board.
Identify the compliance
1. Internal compliance requirement as describe by organizational
Employment opportunity policy
In keeping with the federal government legislation to promote equal employment opportunity Charity-Care is committed to the promotion of equal opportunity for all
persons including women, people of Aboriginal and Torres Strait Island descent, people of all racial and ethnic groups and people with disabilities. Equal employment opportunity means that merit and equity will form the basis of all employment, training, and promotion decisions that affect employees at the workplace.
Charity-Care accepts that as an employer it has a responsibility to eliminate and ensure the continued absence from within its structure any source of direct or indirect discrimination on the basis of any factors not related to work performance including race,
colour, national or ethnic origin, nationality, sex, marital status, pregnancy, age, status as a parent or carer, political conviction, social origin or impairment. In practice, Charity-Care’s EEO policy means:
● For job applicants:
○ fair recruitment procedures
○ opportunities for non-traditional jobs for women and men
○ merit-based access to jobs for members of designated groups including people of Aboriginal and Torres Strait Island descent, people of all racial and ethnic groups and people with disabilities.
● For employees:
○ no unjustified barriers to advancement for all members of staff
○ elimination of unjustified discrimination in selection and promotion processes
○ appropriate training and development opportunities for all staff, including women and members of designated groups
○ opening up of business decision making processes to staff.
2. External compliance requirement as describe by organizational
Customer/ client inquires
The intent of all interactions between Charity-Care staff and customers or clients of Charity-Care is that all inquires are to be handled in a tactful and diplomatic manner.
Procedure
1. Collect details from client, without offering comment or opinion.
2. Confirm that you or another Charity-Care representative will get back to them within 24 hours to speak with them on the matter.
3. Review the client/customer file:
a. If the matter is the result of a data entry error:
– correct the error
– notify your direct supervisor in an emailed report, and ask for
confirmation of your actions
– when you receive confirmation, contact the client/customer by phone
(or other means if no contact number) to inform them of changes.
b. If the matter is not related to a data entry error:
– collate all details of the matter
– outline possible causes or reasons
– notify your direct supervisor in an emailed report, and ask them to
manage the issue or for clear direction for you to manage it.
Budget Allocation
The Charity Care has to do budget by follow this step:
- Definition
A budget is a financial plan used to estimate revenues and expenditures for a specific period of time. It is a management and planning tool, not just an accounting document. It assists in the allocation of resources. A budget allocation is the amount of funding designated to each expenditure line. It designates the maximum amount of funding an organization is willing to spend on a given item or program, and it is a limit that is not to be exceeded by the employee authorized to charge expenses to a particular budget line.
· Developing Budgetary Allocations
Budgets are usually developed for 12-month periods. When developing a budget, revenues are usually estimated first to determine the level of resources that will be available in the upcoming budget year. Based on the estimated resources, expenditure limits, also called budgetary allocations, are assigned to each budget category. When developing budgetary allocations, all needs of the organization are taken into account and decisions are made where best to allocate available money.
· Budget Category Allocations
Budgets are usually divided into departments and program units. This allows for easier identification of the resources allocated to specific programs and functions. Each category can be made of several budget allocations, referred to as line items, for the specific needs necessary to support the program or overall department operation.
· Adjusting Budgetary Allocations
Budgetary allocations might not always be sufficiently estimated. This can happen when adequate funding for predictable or reoccurring expenses are not included in the budget. This might require the budget to be modified after adoption to account for the shortfall. Typical corrections will include transferring funds from other allocation categories or from the organization's surplus, sometimes referred to as savings. Just as budgetary allocation estimates can be insufficient, revenues can be underestimated. This can happen if a downturn in the economy occurs after a budget is adopted, thus harming revenue streams. Insufficient revenues might require the need to reduce budgetary allocations in order for expenditures not to exceed revenues at the end of the budget year.
· Monitoring Budgetary Allocations
Budgetary allocations should be routinely monitored to ensure the amounts budgeted are sufficient to meet expenditures. It is important to have a tracking system in place for all purchase orders and bills. The purchase orders and bills should be matched regularly against the budgetary allocation to ensure sufficient funds exist for the remainder of the budget year.
Reflection
Type of research undertaken
Basic Research
The research which is done for knowledge enhancement, the research which does not have immediate commercial potential. The research which is done for human welfare, animal welfare and plant kingdom welfare. It is called basic,pure,fundamental research. The main motivation is to expand man's knowledge, not to create or invent something.According to Travers, “Basic Research is designed to add to an organized body of scientific knowledge and does not necessarily produce results of immediate practical value.” Such a research is time and cost intensive.
Development of the research plan
The research plan should include the overall purpose of the research and how the outputs will be used and communicated; the types and sources of data needed (including any secondary sources and definitions of the subjects of the research); the means by which the data will be collected and analysed; the scale of research (i.e. the numbers and spread of the research subjects and the populations that want to draw conclusions about); the resources available (including time); and, a clear indication of the stakeholders in the process. Basically, the research plan should provide answers to the following questions.
Qualitative and Quantitative analysis
Corpus analysis can be broadly categorised as consisting of qualitative and quantitative analysis. In this section we'll look at both types and see the pros and cons associated with each. You should bear in mind that these two types of data analysis form different, but not necessary incompatible perspectives on corpus data.
The aim of qualitative analysis is a complete, detailed description. No attempt is made to assign frequencies to the linguistic features which are identified in the data, and rare phenomena receives (or should receive) the same amount of attention as more frequent phenomena. Qualitative analysis allows for fine distinctions to be drawn because it is not necessary to shoehorn the data into a finite number of classifications. Ambiguities, which are inherent in human language, can be recognised in the analysis. For example, the word "red" could be used in a corpus to signify the colour red, or as a political cateogorisation (e.g. socialism or communism). In a qualitative analysis both senses of red in the phrase "the red flag" could be recognised.
Qualitative analysis: Richness and Precision.
The main disadvantage of qualitative approaches to corpus analysis is that their findings can not be extended to wider populations with the same degree of certainty that quantitative analyses can. This is because the findings of the research are not tested to discover whether they are statistically significant or due to chance.
Quantitative analysis: Statistically reliable and generalisable results.
In quantitative research we classify features, count them, and even construct more complex statistical models in an attempt to explain what is observed. Findings can be generalised to a larger population, and direct comparisons can be made between two corpora, so long as valid sampling and significance techniques have been used. Thus, quantitative analysis allows us to discover which phenomena are likely to be genuine reflections of the behaviour of a language or variety, and which are merely chance occurences. The more basic task of just looking at a single language variety allows one to get a precise picture of the frequency and rarity of particular phenomena, and thus their relative normality or abnomrality.
However, the picture of the data which emerges from quantitative analysis is less rich than that obtained from qualitative analysis. For statistical purposes, classifications have to be of the hard-and-fast (so-called "Aristotelian" type). An item either belongs to class x or it doesn't. So in the above example about the phrase "the red flag" we would have to decide whether to classify "red" as "politics" or "colour". As can be seen, many linguistic terms and phenomena do not therefore belong to simple, single categories: rather they are more consistent with the recent notion of "fuzzy sets" as in the red example. Quantatitive analysis is therefore an idealisation of the data in some cases. Also, quantatitve analysis tends to sideline rare occurences. To ensure that certain statistical tests (such as chi-squared) provide reliable results, it is essential that minimum frequencies are obtained - meaning that categories may have to be collapsed into one another resulting in a loss of data richness.
A recent trend
From this brief discussion it can be appreciated that both qualitative and quantitative analyses have something to contribute to corpus study. There has been a recent move in social science towards multi-method approaches which tend to reject the narrow analytical paradigms in favour of the breadth of information which the use of more than one method may provide. In any case, as Schmied (1993) notes, a stage of qualitative research is often a precursor for quantitative analysis, since before linguistic phenomena can be classified and counted, the categories for classification must first be identified. Schmied demonstrates that corpus linguistics could benefit as much as any field from multi-method research.
Assessment task 2
Charity Care Implementation planning
1.Compliance management system
A management information system (MIS) focuses on the management of information systems to provide efficiency and effectiveness of strategic decision making. The concept may include systems termed transaction processing system, decision support system, expert system, or executive information system. The term is often used in the academic study of businesses and has connections with other areas, such as information systems, information technology, informatics, e-commerce and computer science; as a result, the term is used interchangeably with some of these areas.
The Compliance Management System
The Charity-Care has the following components:
- A formal compliance program that includes detailed written policies and procedures set forth in a flexible structure that allows for revision and updating as risks evolve and/or are identified;
- Regular, specific and comprehensive employee, officer and director training that addresses all aspect of consumer financial protection laws;
- Board and management oversight of the creation of the compliance function, approval of compliance policies, selection of the compliance officer, and routine review of the company’s compliance status;
- Organized and risk-focused internal controls that include frequent and ongoing internal monitoring, oversight, independent testing, compliance auditing, recording of results, and the reporting of results to the management and board such that compliance issues are self-identified and corrective action self-initiated;
- Recordkeeping and review.
- A CMS should be integrated into the overarching framework of the institution and applied to the entire product and service lifecycle (including product development, design, delivery, administration, and marketing practices).
2.Personnel
Personnel requirements
The Charity-Care owner should base the firm's personnel policies on explicit, well-proven principles. Small businesses that follow these principles have higher performance and growth rates than those that do not follow them. The most important of these principles are
- All positions should be filled with people who are both willing and able to do the job.
- The more accurate and realistic the specifications of and skill requirements for each job, the more likely it is that workers will be matched to the right job and, therefore, be more competent in that job.
- A written job description and definition are the keys to communicating job expectations to people. Do the best job the can! is terrible job guidance.
- Employees chosen on the basis of the best person available are more effective than those chosen on the basis of friendship or expediency.
- If specific job expectations are clearly spelled out, and if performance appraisals are based on these expectations, performance is higher. Also, employee training results in higher performance if it is based on measurable learning objectives.
- The first step in assessing personnel needs for the small business is to conduct an audit of future personnel needs. Ask theself
- Can the workload the visualize be accomplished by the present work force. Will more or fewer employees be needed. Consider seasonal patterns of demand and probable turnover rates.
- Can any jobs be eliminated to free people for other work.
- What balance of full-time or part-time, temporary or permanent, hourly or salaried personnel do the need.
- What does the labor supply look like in the future.
- Will the be able to fill some of the jobs the've identified? How easily.
- What qualifications are needed in the personnel.
Select suitable personnel
The Charity-Care have to follow this step:
Interviewing
The purpose of an interview is to elicit information from an applicant to determine his or her ability to perform the job. Successful interviewers learn how to ask the right kind of questions, how to keep the applicant talking about relevant information, and how to listen.
Much of what is learned about applicants in an interview is based on their past experience. Past performance is our best indicator of future performance. This does not mean that someone who had performed poorly in the past cannot improve in skills and attitude. Generally, however, the can see a trend in performance through several jobs or assignments. Sometimes interviewers assume that a candidate who has done something has done it well or that longevity on a position is a sign of success. These are not well founded assumptions! A reference check can verify the quality of the work performance.
Non-Directive and Directive Questions
How to phrase a question can affect the type and amount of information we get from the candidate. The main characteristic of non-directive questions is that they do not give the applicant any indication of the desired answer. Structurally, the questions are in the news reporter's style of who, what, when, where and how. Often they begin with the words "describe" or "explain".
We may need to ask follow-up questions if the responses to the questions are unclear or incomplete. Clarify and verify any piece of information we do not understand by asking the candidate to explain his or her answer again or to elaborate on the given answer.
Directive questions are useful for drawing out specific information. In direct questioning, the interviewer asks, directs, or guides the applicant to specifics. Often, these questions result in a "yes"; or "no" response.
Training
Training & Development Implementing an Employee Training & Development Program
The employee training and development process
Learning happens all the time whether or not the are fully aware of it. Are the a person who forgets to save the work on the computer on a regular basis? If a power failure occurs and the loose some data, do the learn anything? If the say to theself, "I must remember to save more often", the have done some learning. This type of learning is called incidental learning; the have learned without really thinking about it or meaning to. On the other hand, intentional learning happens when the engage in activities with an attitude of "what can I learn from this?" Employee development requires the to approach everyday activity with the intention of learning from what is going on around the.
Who is responsible for employee training and development.
Employee training is the responsibility of the organization. Employee development is a shared responsibility of management and the individual employee. The responsibility of management is to provide the right resources and an environment that supports the growth and development needs of the individual employee.
For employee training and development to be successful, management should:
- Provide a well-crafted job description - it is the foundation upon which employee training and development activities are built
- Provide training required by employees to meet the basic competencies for the job. This is usually the supervisor's responsibility
- Develop a good understanding of the knowledge, skills and abilities that the organization will need in the future. What are the long-term goals of the organization and what are the implications of these goals for employee development? Share this knowledge with staff
- Look for learning opportunities in every-day activity. Was there an incident with a client that everyone could learn from? Is there a new government report with implications for the organization?
- Explain the employee development process and encourage staff to develop individual development plans
- Support staff when they identify learning activities that make them an asset to the organization both now and in the future
- For employee development to be a success, the individual employee should:
- Look for learning opportunities in everyday activities
- Identify goals and activities for development and prepare an individual development plan
Good for the workers
Training has many benefits for the staff:
- they acquire new skills, increasing their contribution to the business and building their self-esteem
- the training they do can take them into other positions within the organization – positions with better prospects and/or better pay
- they’re upskilled to do new and different tasks, which keeps them motivated and fresh
- because they’re being trained on the time, they see that we value them enough to invest in them. A good company is seen as one that retrains rather than churns.
Processes
A complaints management system
A CMS is a staged way of receiving, recording, resolving, responding to and reporting on complaints. A complaint is simply one form of feedback. Other forms of feedback include service requests, information and document requests, enquiries, suggestions, compliments. One of the key differences between a complaint and another form of feedback is that a complaint involves a person expressing dissatisfaction, either verbally or in writing, about a decision, action or service provided (or not provided) by a council or its staff. The other forms of feedback don’t include any indication of dissatisfaction. An effective CMS should:
- Provide a simple and clear process (to staff and public), fair and timely complaint outcomes and information to help improve service delivery.
- Include written policy and procedures, a complaints recording and reporting system and other resources including trained staff and website.
- Meet recognised standard and principles of good complaints management practice.
Strategy for developing a compliance management culture
By Create a Positive Culture in Organization.
What is a Positive Culture
- High performance cultures are characterised by the following behaviour:
- Can-do spirit - Mutual support
- Bias for action
- Passion for the customer
- Collaboration - Positive attitudes
- Creative/Innovative
- Willingness to change
How do I Create a Positive Culture
Changing a culture requires systematic effort over time. Moving too fast or too slow may interfere with daily operations and become taxing and ultimately wearying.
- To be effective the need to:
- The involvement of people.
- An emphasis on results.
- A total systems approach.
- Continuing commitment, not merely lip service.
Specific steps to build a positive culture in the business include:
Describing the Future and Current States
The clearer the can describe the future and current states, the more successfully the transition will be managed.
Obtaining Management Buy-in and Commitment
Senior management commitment is required for any initiative to be successful. In a hierarchical structure, visible modeling behavior and gut-level commitment and involvement of senior management is very important. Mere lip service, a lack of understanding or visible support from the top can frustrate any change efforts. Without their commitment or demonstrated leadership, initiatives stall, fall substantially short of the expectation or just plain fail. Having a management team who is committed and consistent in their behaviour results in organisational change that is quicker, deeper and more sustainable.
Management commitment is more likely to lead to:
- Greater loyalty and commitment being demonstrated by managers at every level
- Culture being integrated into core business activities
- Changes in systems to improve business results
- Changes in work practices and expectations.
Make sure to keep them informed - the management team needs to understand what is going on at all times.
Implementing a Change Strategy
People need to help plan, develop, and experience what is happening within the organisation. To be effective, they need to be a part of any change, not merely hear about it and be expected to adhere to it.
The need to develop an overall strategy with clear, well defined goals. The strategy needs to include the following elements:
- Open sharing of business information
- Clear definition of purpose and values
- Detailed analysis of the different tiers of customers the need to service and the marketplace
- Alignment of employees goals and roles with the organisation's purpose and values
- Assessment of the systems and processes to remove any barriers to change
- A plan to move the organisation through the change process
- Review and feedback processes
Reviewing and Changing the Strategy
Undertake regular reviews. This requires discipline!
The focus should always be positive whether the are dealing with productivity, quality control or morale. Focusing on scapegoating or recriminating individuals or groups for past mistakes only impedes cultural change.
These reviews are designed to adapt to the changing issues facing the organisation and celebrate successes. There is no "one size fits all"! These reviews help the to:
- Refocus strategic goals and galvanise for never-ending change without sacrificing the organization's core values
- Identify, use and adapt the unwritten rules that drive the organization and use them to gain leverage
- Galvanise action toward the organisation's vision without having to wait for a crisis
- Align the operations - Change policies and structures simultaneously, while avoiding performance disruption
- Make the people the agents of change, not its victims by changing the way they think about their day-to-day actions
- Instill a continuous learning mindset aimed at sustaining high performance
Managing compliance breaches
Procedure steps and actions
- It is essential that all parties involved in breach reporting, investigation and rectification act in good faith to obtain a satisfactory outcome. Good faith includes acting sincerely without malice and being truthful.
- No blame should be attached to the reporting of accidental breaches or those identifying process errors.
- It should be noted that staff committing deliberate or negligent breaches may be subject to the University’s disciplinary processes or regulatory/criminal actions (where applicable and/or appropriate).
- The required steps and actions to be followed for reporting and investigating compliance breaches, or potential breaches.
Reporting Requirement
Reporting
At the board meeting, the board should receive the following:
- reports updating directors on the public entity’s performance in light of its strategy and agreed targets from relevant members of management including the chief executive officer
- reports on the financial position of the public entity from either the chief executive officer or, with the decision of the chair, from the chief finance and accounting officer (CFAO)
- any reports from committees, including minutes of such committee meetings, presented by the chair of the relevant committee for information and any action required.
Administration
Financial handling policy
Authority to sign cheques
Purpose
To spell out procedures that must be followed in the signing of cheques on behalf of
Charity-Care.
Procedure
- All cheques must contain two eligible signatures.
- Eligible signatories are board members or staff members who have been previously
nominated and endorsed by the board.
- Any two of the above have the authority to sign cheques.
- Signatories cannot sign a cheque made payable to themselves.
- A list of all cheques issued each month will be provided to the treasurer.
Charity- - Care accounts receivable policy
Purpose
The purpose of this document is to define the accounting policies and procedures in
respect of the recording, collection and reporting of moneys owed to Charity-Care.
Customer/ /c c lient inquires
The intent of all interactions between Charity-Care staff and customers or clients of
Charity-Care is that all inquires are to be handled in a tactful and diplomatic manner.
Procedure
- Collect details from client, without offering comment or opinion.
- Confirm that you or another Charity-Care representative will get back to them within 24 hours to speak with them on the matter.
- Review the client/customer file:
- If the matter is the result of a data entry error:
- correct the error
- notify your direct supervisor in an emailed report, and ask forconfirmation of your actions
- when receive confirmation, contact the client/customer by phone (or other means if no contact number) to inform them of changes.
- If the matter is not related to a data entry error:
- collate all details of the matter
- outline possible causes or reasons
- notify direct supervisor in an emailed report, and ask them to manage the issue or for clear direction for you to manage it.
Task 3: (Written Report) Establish, monitor and review plan
Assessment 3 Overview
You are required to establish the compliance management system within the organization (Charity Care), and then report on your monitoring and review of the system.
Scenario
You are an external consultant hired to research, plan, implement and monitor a compliance management system. You will need to follow your plan to train personnel in their specific duties in relation to your implementation plan. You will then need to monitor your plan by meeting with those personnel at a later date to gather information on performance in accordance with your plan. Finally, the CEO has asked you provide an evaluation of the implementation of your plan. To meet organizational requirements, you will need to prepare a report for senior management.
EXECUTIVE SUMMARY
Charity-care operate in a dynamic environment influenced by community service emerging technology, and market globalization. To remain profitable in such an environment, Charity continuously assess and modify their product and service offerings and operations in the context of a business strategy. At the same time, new legislation may be enacted to address developments in the marketplace. All these forces combine to create inherent risk. To address this risk, a financial institution must develop and maintain a sound compliance management system that is integrated into the overall risk management strategy of the institution. Ultimately, compliance should be part of the daily routine of management and employees of a financial institution. This chapter discusses the elements of an effective compliance management system -- board of directors and management oversight, the compliance program, and the compliance audit.
ESTABLISHMENT OF SYSTEM
Leadership on compliance by the board of directors and senior management sets the tone in an organization. The board and senior management should discuss compliance topics during their meetings. They should include compliance matters in their communications to institution personnel and the general public. Institution management and staff should have a clear understanding that compliance is important to the board and senior management, and that they are expected to incorporate compliance in their daily operations. Policy statements on compliance topics provide a framework for the Charity-care’s procedures and provide clear communication to management and employees of the board’s intentions toward compliance. Regardless of size or institution complexity, the first step a board of directors and senior management should take in providing for the administration of the compliance program is the designation of a compliance officer. In developing the organizational structure of the compliance program, a board and senior management must grant a compliance officer sufficient authority and independence to:
- cross departmental lines;
- have access to all areas of the institution’s operations; and
- effect corrective action.
A compliance committee, as an alternative to or in addition to a full-time compliance officer, could be formed consisting of the compliance officer, representatives from various departments, and member(s) of senior management or the board. However, the ultimate responsibility of overall compliance with all statutes and regulations resides with the board.
A qualified compliance officer will have knowledge and understanding of all consumer protection laws and regulations that apply to the business operations of the financial institution. The compliance officer should also have general knowledge of the overall operations of the institution and interact with all of the departments and branches to keep abreast of changes (e.g., new products and services or business practices, personnel turnover) that may require action to manage perceived risk.
In larger or more complex charity-care the compliance officer may devote all of his or her time to compliance activities. In smaller or less complex institutions, where staffing is limited, a full-time compliance officer may not be necessary; instead, the compliance responsibilities may be divided between various individuals by type of regulation, such as financial, training.
A compliance officer's general responsibilities, regardless of the size or complexity of the institution's operations, include:
- developing compliance policies and procedures;
- training management and employees in consumer protection laws and regulations;
- reviewing policies and procedures for compliance with applicable laws and regulations and the institution's stated policies and procedures;
- assessing emerging issues or potential liabilities;
- coordinating responses to consumer complaints;
- reporting compliance activities and audit/review findings to the board; and ensuring corrective actions.
When more than one individual is responsible for compliance responsibility and accountability must be clearly defined.
MONITORING METHODOLOGY
This is a proactive approach by the institution to identify procedural or training weaknesses in an effort to preclude regulatory violations. Institutions that include a compliance officer in the planning, development, and implementation of business propositions increase the likelihood of success of its compliance monitoring function. An effective monitoring system includes regularly scheduled reviews of:
- disclosures and calculations for various product offerings;
- document filing and retention procedures;
- posted notices, marketing literature, and advertising;
- various state usury and consumer protection laws and regulations;
- third party service provider operations; and
- internal compliance communication systems that provide updates and revisions of the applicable laws and regulations to management and staff.
Changes to regulations or changes in an institution's business operations, products, or services should trigger a review of established compliance procedures. Modifications that are necessary should be made expeditiously to minimize compliance risk, and applicable personnel in all affected operating units should be advised of the changes.
Monitoring also includes reviews at the transaction level during the normal, daily activities of employees in every operating unit of the institution. This might include, for example, verification of an annual percentage rate, or a second review of a loan application, before the transaction is completed. Monitoring at this level helps establish management and staff accountability and identifies potential problems in a timely manner.
Compliance officers should monitor employee performance to ensure that they are following an institution's established internal compliance policies and procedures. The frequency and volume of employee turnover at an institution should be factored into the schedule for reviews. Such reviews are especially critical after problems have been noted during past audits or examinations, regulations change, new products are introduced, mergers occur, or when additional branch locations are opened.
RESULTS AND ANALYSIS
It is concerned mostly with an outcome of corporate processes ie a breach of the law. Law is not typically concerned with the design of those management processes that lead to a compliant or noncompliant outcome. However, in order to be able to evaluate corporate compliance programs, regulators need to look at internal management processes and what they should be doing (although outcomes are of Assignment important too). In management parlance, breaches of substantive legal standards are ‘lag’ indicators – the measure only crystallises when the problem is too late to prevent. Most law traditionally focuses on lag evaluations (albeit often with limited success because of corporation’s ability to hide the evidence). By contrast appropriate ‘lead’ indicators can go further back into the process of corporate management of compliance to help produce a more sophisticated understanding of why breaches are occurring and how they can be prevented and corrected.
CONCLUSION
The methodologies for evaluating corporate compliance management are critically under-developed at present. The three phases of corporate compliance management set out in Figure One are a helpful way of thinking about what jobs evaluation and measurement of compliance programs should do. Table One summarizes some of the methodologies and measures that are available to do these jobs. Evaluation by regulators of corporate compliance management is important because it promotes a virtuous cycle of open self-regulation. The goal is that companies themselves will evaluate their own design, implementation and outcomes of their compliance management systems. It is only through this process of self-evaluation that companies will develop the capacity to detect, prevent and correct their own breaches of ethical, social and legal responsibilities. However, they will only be motivated to do so because they know that regulators (and stakeholders) have powerful, sophisticated evaluative capacities to hold them accountable for their attempts at compliance management (and, of Assignment, their breaches of legal responsibilities). In other words, external evaluation of corporate compliance management is a critical democratic capacity. It is one of the few things we can do to change the way large companies manage their own behavior for the better.