Does your small business need a compliance officer? | HR

Written by Toby Pochron | May 4, 2022 8:00:00 AM

Are small businesses in need of a compliance officer? Solicitor Toby Pochron from Freeths LLP explains how a compliance officer can help a business navigate increasingly complex rules and regulations.

As your business grows, there become more complex areas of laws, ethics, and regulations which you will need to navigate to run a compliant business. When keeping on top of compliance and changes in regulations grows to become an individual role that is required by businesses, this role is a compliance officer.

What is a compliance officer?

A compliance officer may be an employee who takes this on as part of their role, or it may be an individual who a small business employs solely as a compliance officer.

The role is a multifunctional one; their day to day may cover training, investigations, drafting of policies and procedures, keeping up to date with compliance changes, or putting in place lessons learned. Having a compliance officer means on a personnel level there is a centralised individual who is both the face of the company’s compliance structure, and the first point of call for any questions, queries, or concerns.

On a business level, they are there to ensure that the company can fulfil its legal and regulatory duties, and they work to identify and mitigate risk and ensure compliance. A compliance officer normally does not carry out the compliance themselves, more they put in place the structure and tools for others to follow or carry out to ensure compliance.

Compliance officers need to have close relationships with everyone across the business, especially managers. Managers are often the first person an individual will turn to with any issue they come across and it is key that managers in turn know who to bring any compliance concerns to.

What does a compliance officer do?

Moving on from the general overview of a compliance officer, what would a compliance officer do for your business?

A centre for compliance

The compliance officer acts as a hub for discussions around compliance and someone to raise queries or challenges about the business. They also compile compliance materials, ensuring that everyone in the business has access to materials which assist in understanding applicable compliance issues within their role. Compliance officers may also create and deliver training within the business. In essence, they are a central beacon of support.

Policies and procedures

A compliance officer should regularly review the business’s policies and procedures to ensure that they are compliant with guidance and regulations.

Assessing risks, investigating issues, and continued development

They monitor risks to then allow the business to be more proactive with compliance. When issues arise, they then will investigate them thoroughly to determine the cause, find a solution and use it as a learning point for the future. Compliance officers should also carry out regular risk assessments within the company and review the risk assessment process.

Learn more: What are the main health and safety responsibilities of employers?

Ethics code and values

As they are often a position of leadership, the compliance officer should promote a strong ethical code in their day-to-day job. Compliance officers can also oversee developing policies and standards which support the company’s code.

Carrying out and reporting on compliance internal auditing

A compliance officer should create reports showing the compliance health profile of the company, highlighting any issues, and showing how the company is working to remove them. This is an easy way to keep track of compliance in the company.

Third parties

A compliance officer’s work should go beyond the business to any interactions the business has with third parties. This includes ensuring a due diligence process is followed when interacting with other third parties or businesses.

Learn more: Performing due diligence with HR software providers

What regulations or laws will a Compliance Officer keep abreast of?

Here are some of the key regulations and laws a compliance officer needs to keep up to date with within a small business context:

Whistleblowing: compliance officers can help with ensuring there is an appropriate whistleblowing procedure in place and the correct channels for reporting whistleblowing.
Health and safety: this is an increasingly important area of law to be compliant with and one which has a variety of regulations highly dependent on the business itself.
Modern slavery and human trafficking: a growing number of businesses are focusing on tackling modern slavery within their supply chains, even when not required by law, as it promotes the business as having strong ethical values.
Anti-corruption and bribery: it is important for businesses to monitor corruption and bribery and a compliance officer can greatly assist with this and with reviewing relevant policies.
Data protection: increasingly, compliance officers also look to cover data protection. While small businesses may not be required to appoint a data protection officer they can volunteer to do so. UK GDPR regulations require organisations to implement data protection safeguards and having a centralised individual to look over this process makes it easier for a business to manage.
International reach: if a company is looking at expanding or dealing with third parties overseas, then that company must also comply with international laws and regulations.

Does your small business need a compliance officer?

If your business is growing and you are unsure if you may need a compliance officer to carry out all the above, there are other pressures which may mean it is time to introduce that role. Firstly, the bigger your organisation grows, the broader the role a compliance officer will have, and with the increase in regulations regarding bribery and modern slavery, the role is ever-growing.

There are increased risks in a business world with more flexible working, due to the increased use of messaging apps for work and with employees working from home. Both make it much harder to monitor compliance across a business.

Finally, no company is perfect; unfortunately, the nature of business means that compliance mistakes will occur and having an individual in place will help to ensure you are ready to deal with the outcomes.