One of the best tools available for organizations to maintain and improve their reputation is through fulfillment of their own policies and guidelines. Generally known as Compliance, it is a concept incorporated nowadays in organizations that seek to comply with the law and mitigate possible risks due to failures or lack of knowledge of the members of the organization. Compliance has been understood as a set of actions, guidelines and best practices, grounded in local and international legislation and principles that govern the organizational culture. Compliance also helps organizations avoiding losses, fraud, abuse, discrimination and other practices, which can place the organization at risk of fines, operational closures and even sanctions to their representatives, damage to their reputation among others.

This concept has been confused many times as a specific function of the legal areas outside other functions of the organization. It is necessary to understand, however, that Compliance is not an area or department that deals with legal matters isolated from the rest of the company. This function should be cross - functional to all areas of the organization and led by specialized areas or persons generally identified as compliance officers. For example, the officer who must ensure compliance with regulations on money laundering or financing of terrorism or the personal data protection officer, responsible for ensuring the protection of personal information in the organization's databases. Persons who act as compliance officers must have the support of senior management of the organization and have autonomy for their investigations and reports.

For practical purposes and aiming to get an adequate Compliance program, we can divide the Compliance creation process into four stages. First, there must be a diagnosis of the possible risks to which the company could be exposed. Second, develop and implement specific controls to target those risks, along with guidelines and policies harmonized with the corporate purpose and laws that affect the organization and its culture. This may include implementing due diligence processes of third parties, a whistleblower line or other mechanisms allowing for anonymous reports of conducts that violate the corporate policies, policies on offering, providing or accepting gifts and business courtesies, political contributions, donations, managing relationships with government officials, reporting of conflicts of interests, transactions in cash, among others. Third, it will be necessary to deploy and internalize throughout the organization the controls, policies and guidelines through constant training and communication. Fourth, the entire compliance program must be constantly verified in order to measure the efficiency and effectiveness of the program.

Traditionally, Compliance has focused on human rights, money laundering, competition, licenses and permits, anti-bribery, data privacy and ethics. In Colombia, due to its unfortunate connection with drug trafficking or guerrilla warfare, there are special requirements regarding Money Laundering and the Financing of Terrorism. 
Dentons Cárdenas & Cárdenas is aware of the importance of having an accurate Compliance program and, therefore, has developed a specialized area that assists its clients in implementing and maintaining a program that fits properly into their organization in light of their specific requirements.

Bearing this in mind and in order to know more about the needs and best practices of our clients, we have developed the following questionnaire, which seeks to raise awareness surrounding the risks of non-compliance generally. We invite you to answer the following questions that serve as a parameter to assess the possible shortcomings that your organization may have:

Questions

 Yes No

1. Does your company have a code of conduct where the company identifies the corporate values that inspire its business and the conduct that it expects from its employees and stakeholders?

   

2. Has your company developed a real diagnosis of possible risks related to licenses and permits, environmental impact, human rights, personal data protection (privacy), anti- bribery, competition, money laundering, and financing of terrorism?

   

3. Does your company have a policy or corporate guidelines that cover the following: ethics, anti-bribery, money laundering, financing of terrorism, human rights, competition and privacy?

   

4. Does your company have a policy for handling transfer pricing?

   

5. Does your company have specialized channels for receiving complaints or claims, which guarantee the anonymity of those who report ethical or corrupt issues?

 

6. Does your company have a compliance officer or specific area with autonomy to report any irregularities internally and externally?

 

7. Does your company have a policy for managing cash transactions?

 

8. Does your company have a policy on reporting conflicts of interests?

 

9. Does your company have a policy on political contributions and donations?

   

10. Does your company have a policy on giving and receiving gifts, entertainment and business courtesies?

 

 

11. Does your company conduct prior due diligence verifications of third parties with which it enters into transactions?

   

12. Does your company have a policy on handling relations with government officials?

   

13. Does your company have an ethics and / or compliance committee to analyze compliance cases or risks?

   

14. Does your company have a constant training program to ensure that all its employees know the compliance guidelines?

 

15. Does your company have created an objective sanctions scheme in case of breach of internal guidelines and policies? Do all the employees know this scheme?

   

If, answering these questions, you consider or become aware that your organization may be exposed to risk or you have any doubts regarding your Compliance program, you can contact us and we will gladly help you incorporate a program tailored to your organization and / or answer questions regarding the legal system in Colombia or abroad.

About Dentons

Dentons is the world's first polycentric global law firm. A top 20 firm on the Acritas 2015 Global Elite Brand Index, the Firm is committed to challenging the status quo in delivering consistent and uncompromising quality and value in new and inventive ways. Driven to provide clients a competitive edge, and connected to the communities where its clients want to do business, Dentons knows that understanding local cultures is crucial to successfully completing a deal, resolving a dispute or solving a business challenge. Now the world's largest law firm, Dentons' global team builds agile, tailored solutions to meet the local, national and global needs of private and public clients of any size in more than 125 locations serving 50-plus countries. www.dentons.com.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.