Compliance professionals who participated in a Compliance Week survey on their response to the coronavirus pandemic overwhelmingly said they were well prepared: Of the 365 who responded, 65 percent rated their company’s response to the pandemic as excellent or good.

That’s not to say responding was easy, as two-thirds said the work of managing and monitoring compliance has become more challenging since the start of the pandemic.

Still, such a high percentage of compliance professionals reporting their companies were prepared is surprising. How could companies be prepared for an unprecedented global crisis that, for the moment, does not have an endpoint?

Compliance professionals say their companies weren’t prepared for the specific crisis of a global coronavirus pandemic that has sickened more than 692,000 people around the world through March 30 and killed nearly 33,000 people, according to the World Health Organization (WHO).

But they were prepared for major crises. Many pointed to the terrorist attacks of Sept. 11, 2001, as a time when everyone had to implement emergency plans. Some said their companies again put continuity plans into action during the Avian flu pandemic of 2009-2010. And there were smaller calamities unique to them, from product recalls to natural disasters to kidnapped executives. Lessons they learned as they navigated their companies through those times of turmoil laid the foundation for their preparedness for this one, several compliance professionals said.

“Crises are crises; the process of responding to the crisis is the same,” said Fabiana Lacerca-Allen, senior vice president compliance for Aimmune Therapeutics in Brisbane, Calif. What’s crucial, she said, is for companies “to react efficiently, effectively, and in a timely manner.”

Conducted from March 24-26, the anonymous survey captured a moment in time for the coronavirus pandemic, which began in December 2019 in Wuhan, China. Over those three days, 130,000 new coronavirus cases were discovered worldwide, according to WHO. The crisis was ebbing in China and South Korea, in full force in Italy, Iran, and Spain, and beginning to overwhelm the healthcare system of New York City. Stay-at-home orders were issued in eight U.S. states and major cities like Charlotte, El Paso, Fort Worth, Houston, Kansas City, Miami, Orlando, and San Antonio, according to Business Insider. Also, the close of the survey coincided with the announcement that a record 3.3 million Americans applied for unemployment the week prior.

Yet, some compliance professionals said they were ready for the coronavirus as it moved much closer to home.

Of the 19 percent of those polled who described their companies’ response as “excellent,” their open answers to a follow-up question said they prepared for the pandemic to spread from a localized problem in China to the entire world.

“We were very proactive. We already had plans in place for disasters, so we had to review and apply to this situation as (U.S. Centers for Disease Control) guidance came in,” one prepared respondent wrote. “As the news started coming in regarding China, we began to prepare as if it would be here.” Others in this category described their companies’ response as “proactive” and “transparent,” with “great leadership.” Many said their business continuity plans had been implemented and were working well.

A smaller group reported disorganization, confusion, and worse.

“We were not fully prepared to have staff working from home,” one respondent said. “We have had to order multiple laptops and have some employees working on personal computers until we can get them laptops and access.”

Almost universally, those compliance professionals who said their companies were caught flat-footed said they needed a better crisis communication plan and better work-from-home policies. Essential employees still required to come to work needed much clearer, much more regular messaging from their employer to calm fears, properly prepare for risks, and let them know where to turn with questions.

“Be honest!” one such respondent said.

“Put more pressure on the business to create a robust disaster response plan that includes more around responding to unanticipated risks,” said another.

“We could have asked a psychic or purchased a crystal ball. Seriously, the government and the world cannot figure this out, what could one company have done individually?” one respondent queried. “We have to balance the business with regulatory compliance, ethics, data privacy, and security on a regular basis.”

It was nearly unanimous that the pandemic has made the compliance environment much more challenging.

“Companies are definitely doing the same stuff differently and not quite as well,” said Christopher Michaelson, a professor in the Department of Ethics and Business Law at the University of St. Thomas. “There will likely be a lot of consolidation. There will be a lot of pain sitting in front of us for the next year.”

Even so, for most respondents, the time for managing the pandemic in full crisis mode had passed.

A full 44 percent of respondents said they were spending less than a tenth of their time on crisis management, and 25 percent said they were spending less than a quarter of their time on it. Only 2 percent were still spending all their time managing the crisis.

“In every crisis, there’s an adrenaline rush, then it wears off,” said Keith Darcy, a compliance consultant whose clients include Deloitte and several oil and gas firms. “The worst thing you can do is not acknowledge how people are feeling. You have business concerns, but you have to address the people concerns. If your people are right, then the organization is right, then the world is right. Well, eventually.”

Most respondents said their employers had fully implemented their crisis response plans.

Thirty-seven percent said their workplaces were fully remote, while 36 percent said only workers who cannot do their jobs remotely were on site and 16 percent had a skeleton crew on site.

But there were still plenty of challenges.

Disorganization due to a remote workforce was a prominent organizational disruption for 37 percent of respondents, followed by keeping tabs on coronavirus-related regulatory guidance (31 percent) and 23 percent each on supply chains and employee absenteeism.

Respondents to the survey came from a wide range of industries. Financial services (13 percent), banking (10 percent), technology (9 percent), healthcare (7 percent), and manufacturing/retail (6 percent) led the pack.

Their companies were located throughout the United States and the globe, and respondents were able to choose as many locations as necessary to represent their footprint. Forty-three percent of participating companies had operations located in the U.S. Midwest, Northeast, South, and California, with 40 percent having a presence in New York (coronavirus central in the U.S.). Internationally, companies were in Europe (35 percent), Asia-Pacific (25 percent), Canada (22 percent), and Mexico/Central America (17 percent).

Survey respondents tended to work for large companies between 1,000-10,000 employees (30 percent) and companies that employed 10,000 or more (25 percent).

Ethical issues abounded. For nearly half (46 percent), the biggest ethical dilemma was dealing with workers who are parents and also have to take care of kids at home from school or daycare. Compliance professionals also felt badly about asking “essential” workers to come to the office (26 percent) or having to lay off/furlough employees (18 percent). But 27 percent said they faced no ethical dilemmas.

Balancing government-imposed shutdowns with the needs of the employees and the business were difficult, respondents said.

“Reconciling the demands of the business with the demands of public safety,” was difficult, one said, while another said the hardest thing was “convincing others to actually close the offices in accordance with state law!”