TAILORING A COMPLIANCE PROGRAMME: CHALLENGES AND DECISIONS

Aaron: For companies looking to tailor a compliance programme to their business, where should they start? What considerations should they make when determining the scope and nature of policies required, for example?

Anthony: As one of the primary objectives of a compliance programme is to protect your organisation from risk, the key starting point to tailoring your programme must therefore be to understand the current and future risks the business faces. In order to do this, you need to conduct a detailed and thorough risk assessment involving individuals from across the business who will have different perspectives. This would include individuals from finance, legal, operations, manufacturing and so on. When conducting the risk assessment, you will need to consider the various risk factors specific to the business, such as the industry it operates in, the location of operations, the regulatory landscape both domestically and in overseas jurisdictions in which the business operates, and customers. The company will also need to factor in changes in the law and regulations that may affect the business in the future. By identifying all the key risks faced by the business, senior management can then tailor the compliance programme by creating focused policies and procedures to mitigate these risks.

Oct-Dec 2020 Issue

Novartis Pharmaceuticals Corporation

FTI Consulting

Withers LLP