After you have completed your risk-ranking of employees for training and the identification of those in control functions, you are now ready to design your compliance training. The first step is to define what you are trying to achieve in your compliance training. You should include the development of curriculum using a risk-based model and set uniform methods for acquiring content, maintaining records and reporting.
This certainly means more than simply “check-the-box” training and and that you have put some significant time and thought into it. It should be well designed to the targeted group of employees who will receive it. Your compliance training can and should have several business-related goals, in addition to specifics of anti-bribery laws such as the FCPA. These include identifying the business objectives of engaging in commerce in a legally compliant manner; managing threats that may come to employees you have identified as high-risk; and the business opportunities afforded if you have sufficient compliance systems in place to prevent bribery and corruption.
Moreover, you can present tangible business benefits if you address these issues in a positive manner. Finally, such focused training can and should help to ensure integrity and the company’s reputation by strengthening your business culture and ethical conduct. This approach also allows you to more fully operationalize your compliance training by pushing it down as a business process to be used by those closest to the front lines. Control function employees must also receive tactical training on their control functions, together with a more strategic overview to understand how their roles fits into the overall compliance regime.
This should be followed by the establishment of standards for selecting appropriate content, delivery methods, frequency, and assurance based on risk exposure. You can review any technological solutions for both e-learning delivery and documentation. Lastly, you will need to consider training content revision when requirements or risk analyses change.