Talk:Compliance training

This article is rated Start-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Education This article is within the scope of WikiProject Education, a collaborative effort to improve the coverage of education and education-related topics on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.EducationWikipedia:WikiProject EducationTemplate:WikiProject Educationeducation articles ??? This article has not yet received a rating on the project's importance scale.

This page was created by someone with no other edits or anything else to his/her credit, and absolutely nothing links to it. What do you want to bet it's someone at a company that provides "compliance training"? This article is also completely US-centric, as if this topic doesn't exist outside the USA. I don't really see any reason for the entire "history" section. Let's consider this for deletion -- I'll put this on my watchlist and come back in a few days. Accounting4Taste 23:29, 28 May 2007 (UTC)[reply]

According to the article history, you're right about the article's creator. I concur that the article's current form is just the original ad-copy with the specific company-name removed, and is highly US-centric. Not sure how valid the article is even in its limited scope...could be WP:OR by synthesis...are any of the refs valid secondary-sources per WP:RS? DMacks 06:07, 29 May 2007 (UTC)[reply]

Yes, I agree with your suggestion that this is original research by synthesis. I suggest also that references that are put in to buoy up original research don't have much validity, especially since they are not provided in an on-line form and are not properly wikified. It has weasel words more suited to a brochure than a Wikipedia article. I'm willing to admit that the first paragraph has some small validity, thinking of it in terms of someone trying to find out what is meant by this phrase, but the remainder of this just makes me angry that someone is trying to use Wikipedia to bolster their enterprise by giving it spurious authority. The whole article has an underlying POV that is insidious -- assuming that "compliance training" is necessary and then talking about it as if it was a fait accompli. I propose removing everything except the first paragraph and, if the original editor wants to come back and turn this into a proper Wikipedia article with a perspective broader than the United States and no POV or weasel words, doing all the work to link it backwards with other articles, they'll be welcome to. I'm going to leave this up for a while to see if anyone else has any comments, then return. Accounting4Taste 17:54, 29 May 2007 (UTC)[reply]

As above: I clipped the last part of the article, US-centric and synthetic research, and have preserved it below. Accounting4Taste 20:45, 6 June 2007 (UTC)[reply]

In fact, compliance training is rooted in the Code of Conduct, which has a long history in Western culture and American business. Industry self-regulation dates back to the European Craft Guilds of the Middle Ages. These groups of skilled artisans established rules to protect members from outside competition, ensure fair competition between members, and maintain standards of quality for the product.

Today’s Code of Conduct, as adopted by American business, reflects a similar belief that self-regulation is both preferable to government regulation and more effective. These beliefs have evolved over the past 50 years as a result of government action and corporate philosophy.

In the late-1950s, after criminal antitrust investigations leading to jail sentences and fines of millions of dollars against electrical-equipment manufacturers, Codes of Conduct began appearing in American business.² Executives in other industries developed antitrust compliance programs for their companies.

An SEC investigation in the mid-1970s led hundreds of U.S. companies to admit that they had made illegal or questionable payments to foreign-government officials. In response, Congress enacted the Foreign Corrupt Practices Act, criminalizing foreign bribery and requiring public companies to develop internal controls to ensure that corporate assets were used properly.³ To improve internal controls, many companies adopted Codes of Conduct.

Insider-trading cases in the late-1980s (the United States Department of Justice's criminal cases against Michael Milken and Ivan Boesky among them) led to new federal legislation requiring broker-dealers and investment advisers to “establish, maintain, and enforce written policies and procedures reasonably designed . . . to prevent the misuse . . . of material, non-public information” and to “vigilantly review, update and enforce them.”⁴

At about the same time, a Presidential Commission found that fraud investigations were pending against almost half of the Defense Department’s 100 largest contractors. The Commission concluded that corporate controls could be “greatly improved” if the contractors adopted and enforced a Code of Conduct.⁵ Eventually, many of these contractors signed on to the “Defense Industry Initiatives on Business Ethics and Conduct.”⁶

In 1987, the Report of the National Commission on Fraudulent Financial Reporting took the position that all public companies should adopt a Code of Conduct, stating:

Public companies should develop and enforce written codes of corporate conduct. Codes of conduct should foster a strong ethical climate and open channels of communication to help protect against fraudulent financial reporting.⁷

The Organizational Sentencing Guidelines promulgated by the U.S. Sentencing Commission in 1991 are generally accepted as the event that accelerated the growth of corporate compliance training. These Guidelines allowed a company to argue for reduced fines in connection with federal criminal offenses by showing that it had an “effective” compliance program in place at the time of the offense.⁸ One of the minimum characteristics of an effective program is that the company must have established compliance standards and procedures to be followed by its employees (and other agents) that are reasonably capable of reducing the prospect of crime. This criterion is generally understood to be a requirement that companies adopt and maintain a Code of Conduct.

Courts reinforced the legal value of compliance training. In the 1996 case of In re Caremark Int’l, Inc.,⁹ the Delaware Chancery Court ruled that a company’s directors could be held personally liable to its shareholders for breach of fiduciary duty if the directors failed to use good faith to ensure that the company had an effective compliance program. The court found no prospect of such liability in this case, however, because the company had done much to monitor and supervise its employees, including (1) issuing internal manuals that governed employee actions, (2) having an internal audit plan designed to assure compliance with company policies, (3) reviewing its policies and compiling them into an employee ethics handbook, and (4) training employees on its policies.

Three years later, the Department of Justice issued guidelines to help determine when to charge corporations criminally for employees’ and other agents’ offenses. The existence and adequacy of the corporation’s compliance program at the time of the offense was considered an important factor in these guidelines, as was the corporation’s remedial actions after the offense, “including any efforts to implement an effective corporate compliance program or to improve an existing one....”¹⁰

Of course, these laws and guidelines were evolving against a backdrop of corporate-ethics scandals of huge proportions — Tyco International, Worldcom, Enron, Adelphia, etc.₁ — which led to the enactment of the Sarbanes-Oxley Act ("SOX") in 2002. SOX requires public companies to adopt a code of ethics for senior financial officers that included “such standards as are reasonably necessary to promote...(1) honest and ethical conduct, including the ethical handling of actual or apparent conflicts of interest between personal and professional relationships; (2) full, fair, accurate, timely, and understandable disclosure in the periodic reports required to be filed by the issuer; and (3) compliance with applicable governmental rules and regulations.”¹¹

In early-2004, the New York Stock Exchange and Nasdaq Stock Market revised their listing standards to require all listed companies (about 7,000 in total) to have a Code of Conduct and to monitor employee compliance with the Code.

Effective November 2004, the U.S. Sentencing Commission revised the Organizational Sentencing Guidelines. The revised guidelines make it clear that for an organization to receive a reduction in fines and penalties, it must have a comprehensive ethics and compliance program in place to prevent and detect criminal activity. The amendments list requirements for an effective compliance program and urge companies to emphasize employee training as a key part of their compliance efforts.

After more than 50 years, it is understandable that most U.S. companies now have a Code of Conduct in place¹² and that employee training on compliance issues is a "best practice" in American business to the extent it is not legally required.

It's vitally important that the training be "trackable" — i.e., that an organization's administrators have access to records of who took the required training, when they completed it, how they did on the quiz, etc.

If an employee engages in conduct in violation of the organization's policies or applicable laws, the organization must be able to prove that this employee was trained on those policies or laws if the organization hopes to use that training as a mitigating factor. It's almost certainly not going to be good enough for the organization to assert that it trained some or even most of its employees if it can't prove that it trained the wrongdoer.

Organizations use a number of training methods, depending on the size of the company and the geographic dispersion of their employees:

• For organizations with relatively few employees who are centralized in one or a few locations, instructor-led classes are often the first choice. The instructors are usually members of the organization's compliance department, ethics office or human resources department, line managers or outside counsel.

• For larger or more decentralized organizations, instructor-led classes are often logistically or economically infeasible. Web-based ("online") training can provide a cost-effective and convenient alternative for employees with computer and Internet access. Online training allows employees to move through training at their own pace, and provides their organization with a ready means of tracking their progress.

• For mobile employees, employees in manufacturing or retail environments, or other employees without computer or Internet access, training is typically offered in booklet or video form, though these types of "offline" training are not readily trackable. A few training providers have begun offering trackable methods of offline training, including training on portable devices (PDAs) or by telephone using interactive voice response (IVR) technology.

There are several providers of compliance training to the corporate world today.

1. J. Badal and P. Dvorak WSJ. Sarbanes-Oxley Gains Adherents. Wall St J, 14 August 2006: B3.

2. J. Herling, The Incredible Electrical Conspiracy (Part I), Fortune, Apr. 1961, at 132.

3. 15 U.S.C. § 78m(b)(2)(A)-(B) (1988).

4. The Insider Trading and Securities Fraud Enforcement Act of 1988, 15 U.S.C. § 78o(f), 80b-4a (1988).

5. President’s Blue Ribbon Commission on Defense Management, a Quest for Excellence: Final Report to the President 75, note 2 (1986). The Insider Trading and Securities Fraud Enforcement Act of 1988, 15 U.S.C. § 78o(f), 80b-4a (1988).

6. President’s Blue Ribbon Commission on Defense Management, a Quest for Excellence: Final Report to the President 75, note 2 (1986).

7. Id. at 251.

8. Report of the National Commission on Fraudulent Financial Reporting (1987) at 35.

9. U.S. Sentencing Guidelines Manual § 8C2.5(f).

10. Civ. A. No. 13670, 1996 WL 549894 (Del. Ch. 1996).

11. Criminal Resource Manual, “Federal Prosecution of Corporations,” at www.usdoj.gov/usao/eousa/foia_reading_room/usam/title9/crm00162.htm.

12. 15 U.S.C. § 7264.

13. Surveys conducted in the late 1980s indicated that upwards of 90 percent of public companies had adopted a code of conduct. The adoption rate was closer to 75 percent among mid-sized companies (annual revenues around $100 million) and only 40 percent for smaller companies (annual revenues under $60 million). Pitt & Groskaufmanis, Minimizing Corporate Civil and Criminal Liability: A Second Look at Corporate Codes of Conduct, 78 Georgetown L. J. 1559, 1601, notes 255–256. A survey by the Ethics Officer Association in 2000 found that 97 percent of the responding organizations had a code of conduct and that 56 percent had revised their code during the year preceding the survey. 2000 EOA Member Survey (Public Version), at www.eoa.org/Research/survey_2k.html (hereinafter “EOA Survey”).

This article seems to be based on the Code of Conduct. While the Code can be a standard for all compliance training, there is so much more involved - Institutional Animal Care and Use Committee (IACUC) training to protect researchers and the animals they use for teaching, testing, and research; the Institutional Review Board (IRB) training that ensures that humans (and their information) is protected; Occupational Health and Safety (OH&S) training that covers radiation, biosafety, bloodborne pathogens, hazardous waste, shipping dangerous goods; Effort Reporting, and others.

The IACUC and IRB training is regulated by not only the Federal government in the U.S., but also state and local laws. Internationally, human research guidelines evolved from atrocities such as the Holocaust and are still in place.

The National Institutes of Health (NIH) can be very vague as to what must be covered, but there are training organizations many universities and colleges invovled in research use. Those are the Collaborative IRB Training Initiative (CITI)CITI from the University of Miami and John Hopkins as well as NIH.

OSHA also offers some courses online as well.

Hopefully this helps.

fdillardFdillard (talk) 21:56, 13 October 2008 (UTC)[reply]