Corporate governance: compliance

An important part of corporate governance is compliance with the various rules governing the company. How do you ensure that your company becomes and stays compliant?

In this diptych, we discuss two topics that are important in the context of corporate governance: (1) the interrelationship of the various corporate bodies and (2) compliance. Both topics concern the way stakeholders act within a company. The first part discussed why it is important to keep the statutory duties of the various company bodies apart. This second part deals with compliance, or compliance with laws and regulations.

What is compliance?

There is no single definition for the term ‘compliance’. The Netherlands Compliance Institute defines compliance in two ways:

Promoting and enforcing compliance with external and internal rules relevant to the integrity of the organisation. This explicitly includes rules and standards set by the organisation itself.

and

Compliance is strengthening the integrity of the organisation, its management, its employees, the market and its data.

The difference between these two definitions can be explained by the fact that in recent years, as far as compliance is concerned, there has been a shift from enforcing rules to promoting integrity, according to the Netherlands Compliance Institute.

Consequences in case of non-compliance

Compliance is becoming increasingly important for companies, as more and more laws and regulations are being drawn up that companies have to comply with. Examples include the Corporate Sustainability Reporting Directive, the General Data Protection Regulation, the Money Laundering and Terrorist Financing (Prevention) Act and the Corporate Governance Code.

Companies are expected to be aware of the laws, regulations and standards that apply to them and to ensure compliance. Failure to do so can have major consequences. This is because non-compliance can subject companies to large fines or claims for damages, damage their reputation and, in extreme cases, can even lead to criminal prosecution. In addition, a regulatory agency may revoke licences; something that could be detrimental to the continuation of business activities.

Identifying risks

It is important for companies to know which laws, regulations and standards apply to them. They will also need to find out what type of activities are carried out by the company and whether they require permits or certificates. It is also important that employees have the right qualifications and/or training for the work they perform.

It is also important that companies know exactly what the risks are for them. It is important to limit and control those risks as much as possible. Communication and good cooperation between the various bodies and departments of the company are very important in this respect. An open work culture can contribute to this, as employees then also dare to raise risks and non-compliant issues within the organisation.

To ensure that employees are aware of the laws and regulations applicable to the company, it makes sense to have employees attend the relevant training courses for this purpose. It can also help to draw up an employee handbook or policy that sets out the risks applicable to the company. This can also include how employees should deal with these risks. Employees are then aware of possible risks and can then identify and deal with them. Once such a company policy has been drawn up, it is important that it is also monitored and controlled. This way, it does not just remain a ‘paper compliance’ with laws and regulations, but the company becomes – and remains – compliant.

Corporate governance lawyer

Do you have questions about the compliance policy your company currently applies or do you have other questions on the subject of corporate governance or corporate law in general? Our specialists will be happy to assist you. Please contact us: