Blog Post

Three Ways Metrics Can Help Avoid Common Compliance Mistakes

Cornerstone Editors

No company wants to end up in the headlines for a code of conduct violation, or for not updating its policies based on the latest legislation. But unfortunately, even after organizations spend significant amounts of time and money on compliance, slip-ups happen.

The problem, reports Harvard Business Review, is that compliance training is not enough. What matters, research reveals, is not how much compliance training employees undergo, but if and how it gets measured. "Too many firms treat compliance as a box-checking exercise, making employees sit through training to attest that they understand the rules, but failing to assess the effectiveness of their compliance programs, or doing so with faulty metrics," the HBR report states.

Shawn Flynn, head of global value, analytics and industry solutions for Cornerstone OnDemand, sees a strong link between the lack of measurement and compliance failures. Below, he shares the most common compliance mistakes organizations make—and the metrics that can help avoid them.

Mistake 1: Underestimating the Impact of Non- Compliance

The Problem: Companies that have not yet had to grapple with audits or lawsuits may not realize the dangers associated with ineffective compliance training. This "ignorance" is exhibited by small, new companies as well as by established firms, according to Flynn.

"You might not have incurred a penalty and don't believe in the upside of driving compliance efficiency," Flynn says. But putting on blinders, he warns, is dangerous: "Compliance problems can have significant impact on the business, and your brand can take a hit really quickly."

According to research from Chubb Insurance, the average cost of an employee lawsuit runs about $70,000—but some compliance-related cases and fines can be even higher, such as Fresenius Medical Care North America's $3.5 million fine for HIPAA violations.

The Metrics to Help: To demonstrate the impact of non-compliance, share metrics on how much and how often organizations in your industry are fined. Then, take it a step further and demonstrate how cost-effective proper compliance training is by comparison.

Mistake 2: Using a One-Size Fits All Approach

The Problem: Compliance training cannot be a one-size-fits-all approach. Employees need to see a clear connection between the training they are completing and the benefit to their job, says Flynn. For example, the payroll department needs to have compliance training on how to manage sensitive employee data to ensure that they can protect workers' privacy. The marketing department, on the hand, wouldn't necessarily need to have the same compliance training—their time may be better spent learning how to protect other types of information.

The Metrics: To deliver relevant training that keeps employees engaged, Flynn advises using "pulse" surveys to track employee sentiment and gain insight into how workers view training. Perhaps you are expecting employees to spend long hours completing compliance training, but surveys tell you that workers believe they don't have enough time. With a finding like this, you can try to solve the problem by eliminating or creating more targeted training modules.

Mistake 3: Using Outdated Training

The problem: Creating compliance content is a big investment—but if the content isn't maintained or updated, that investment can quickly lose its value. According to Flynn, developing just one hour of content costs about $18,000, but it needs to be updated every 24 months. "For big companies with complex compliance requirements, this can be a huge but necessary financial burden," says Flynn.

The Metrics: By tracking content costs over time across individuals departments and comparing them against the cost of lawsuits or violations, business leaders can identify areas where costs are not delivering the desired compliance benefits. Armed with that insight, compliance managers can then reassess their strategy, and invest in a content re-fresh.

If you don't have the bandwidth to track your compliance metrics in-house, third-party compliance products and services can often produce better results for lower long-term cost, Flynn says. Plus, they have the advantage of always delivering the latest advancements in content, delivery and data management.

The costs of compliance may be high, but the costs of non-compliance are potentially much higher. "Brands we know and trust are trying to keep their names from being in the headlines for the wrong reasons, and they mostly accomplish this through compliance," Flynn says. Ongoing measurement is an important step in avoiding costly and long-lasting compliance mistakes.

If you are keen on learning more aboutthis topic, please consider attending this "Compliance as a Culture" presentation.

Photo: Creative Commons

Related Resources

Want to keep learning? Explore our products, customer stories, and the latest industry insights.

Overcoming the many costs of non-compliance


Overcoming the many costs of non-compliance

Non-compliance is costly. Not only does it often mean hefty fines, but it also has the potential to hurt an organizations reputation, decrease the morale of its employees and restrict its ability to perform key functions. What makes compliance particularly challenging is that laws and regulations are ever-changing. New York, for example, recently introduced stricter sexual harassment legislation and now requires every New York employer to have in place, and distribute to its employees, a sexual harassment policy that meets its very specific requirements in accordance with the law. Organizational leaders aren't oblivious to these costly fines and other related risks. In fact, 54 percent of executives call better compliance management a “high priority,” according to a Brandon Hall report. So what can you do to protect your organization and better prepare for the complex, resource-intensive, and challenging task of managing compliance? For one, you need the right technology—modern tools that automatically assign training, centralize disparate compliance efforts, manage certifications and provide tracking. But beyond the technology, you must also adopt a more proactive mindset when it comes to compliance, getting ahead of upcoming regulatory changes and anticipating potential pitfalls before they happen. Read on to learn the ins and outs of compliance, from what it takes to engage employees with required training and adjust to new wellness program regulations to how to prevent your artificial intelligence-powered systems from sabotaging compliance capabilities. Our seven featured pieces, in combination with the right tools, will prepare you to face your next compliance audit with confidence.

UK 2019 Cornerstone Compliance Management Survey


UK 2019 Cornerstone Compliance Management Survey

In the summer of 2019, we surveyed HR professionals working in SMBs in the UK with the goal of discovering what compliance means to them. The findings are now available as a white paper for you to download! Authored by Susan Jeffery, Content Strategist and Dominic Rooke-Allden, Marketing Manager, Cornerstone SMB, this white paper provides unique insights into the challenges faced by HR professionals in this complex and challenging domain. Download your complimentary copy of the report today!

What are the common workplace safety hazards?

Sample Course

What are the common workplace safety hazards?

Check out a quick 6 minute sample course from our partner, Grovo on Workplace Safety.

Schedule a personalized 1:1

Talk to a Cornerstone expert about how we can help with your organization’s unique people management needs.

© Cornerstone 2022