Increased professionalism in compliance activities

In recent years German businesses have steadily expanded their compliance structures and internal training programmes and have never been in a better position than they are now. However, declining support for compliance issues among management is giving compliance officers cause for concern. For the third time since 2015, a representative cross-sector study – the CMS Compliance Barometer – has been conducted in cooperation with leading market research institute IPSOS to take a closer look at how larger companies tackle compliance. Anonymous interviews were held with 180 compliance officers in companies with more than 500 employees – from larger medium-sized companies to major corporations.

Although the latest Compliance Barometer shows an increasing awareness of compliance issues and enhanced development of internal structures in many major companies, recent compliance scandals appear to indicate that further work is necessary to make management fully acknowledge the significance of compliance matters. This is a worrying situation, especially since a lack of management commitment may result in compliance and liability risks, both for the company and the management team.

More compliance departments in large companies

Recent years have seen a significant increase in the number of companies with their own compliance department. In 2015 only 28% of companies had a dedicated compliance department; it is now four out of 10 companies. Improvement has also been seen in the way that departments are equipped and organised. More than half of the companies surveyed in the Compliance Barometer had increased the staffing and budget devoted to compliance departments.

Compliance awareness lacking among management

Although a positive trend is emerging in relation to the resources and infrastructure of compliance departments, only approximately half of compliance officers presently feel that they are properly equipped to deal with compliance risks compared with previous years. Compliance officers have perceived a decrease in the willingness of management to support and drive compliance issues over the past three years, falling from 79% in 2015 to 71% in 2017. The results reflect the desire of compliance officers for greater support from company management due to rising demands and additional duties. Practical experience demonstrates that a compliance system is effective only if company management is fully committed to it.

Professionalisation of compliance

The most important task of compliance officers is the development of compliance processes and associated policies. As reported in previous years, 83% of companies have a compliance code of conduct. Companies are also increasingly extending training programmes designed to communicate behavioural requirements around compliance. While in 2015 less than half of the companies surveyed conducted internal training sessions, in 2017 it was 71%. Seven out of 10 companies train their employees on compliance topics at least once a year.

Another indication of the increasing professionalism of compliance departments is that in addition to the main duties of compliance officers, risk management is also gaining in importance. One in every four compliance departments is now also responsible for risk management within the organisation. Identifying, assessing and managing risk is becoming an increasingly important part of the work of compliance officers. This demonstrates that more and more companies are aligning their compliance systems with their own particular risks in order to boost the effectiveness of the system. In internal investigations, companies continue to rely heavily on external consultants for support – 70% of companies use such consultants to conduct internal investigations. All these developments are signs of increasing professionalism in compliance.

Cartels and money laundering underestimated compliance risks

Data protection, corruption and product liability remain the greatest compliance risks, while competition law issues and money laundering continue to be less of a compliance priority. This shows that in these areas relevant risks are often underestimated. Looking to the future, compliance officers see the greatest external challenges in increasing legal regulation and various special issues such as the growing importance of data protection and foreign trade law, as well as requirements relating to the prevention of money laundering. This applies in particular to companies with more than 5,000 employees. The EU General Data Protection Regulation, the fourth EU Money Laundering Directive (which entered into force in June 2017) and existing sanctions against Russia confirm the view that rising statutory requirements will continue to place pressure on compliance departments.

The Compliance Barometer shows the considerable efforts that German companies have made in the past three years in order to step up their compliance programmes. However, for compliance systems to be effective, a clearer tone must be communicated by senior management, including significant compliance awareness by senior management in everyday business decisions.

For further information on this topic please contact Florian Block or Tobias Teicke at CMS Hasche Sigle by telephone (+49 89 23807 264) or email (florian.block@cms-hs.com or tobias.teicke@cms-hs.com). The CMS Hasche Sigle website can be accessed at www.cms-hs.com.

This article was first published by the International Law Office, a premium online legal update service for major companies and law firms worldwide. Register for a free subscription.