What are the benefits of compliance standards and certification?
- Published: 13 September 2016
Compliance management refers to how a company ensures adherence to laws as well as company guidelines. For several years, companies have been required to comply with international standards certifications and over the last ten years, various standards for implementing and operating a compliance management system (CMS) have been developed.
By publishing the international ISO 19600 standard (in December 2014), the International Organisation for Standardisation (ISO) brought together the insights from previous standards and other reference works. The aim was to create a standard that can be used worldwide, spanning multiple jurisdictions across all types of organisations regardless of size or industry.
ISO 19600 certification option
Some CMS standards can be used to audit or certify compliance management systems. This involves putting the CMS through an evaluation procedure. An impartial third party checks and confirms in writing that the CMS meets the requirements of the respective standard.
ISO 19600 is a type B management system standard that only serves as a guideline. It gives recommendations but does not set any binding requirements. However, it is still possible to be certified in accordance with ISO 19600. Any person or company with a test plan that they have developed based on the recommendations of the standard can certify that they have a CMS that meets the recommendations of the standard according to the assessment of the auditor.
Advantages of ISO 19600 certification
- The structure of a certified management system is based on a well-known, tried-and-tested system. A third party can get an overview of the compliance management system and assess its quality.
- A company can demonstrate to business partners that it can fulfil its contractual compliance obligations.
- An independent audit can identify vulnerabilities and allow companies to overcome operational blind spots. Enabling the CMS to be continuously optimised.
- A CMS certified in accordance with ISO 19600 can give a competitive advantage if it makes a company stand out during a call for bids.
- Certification can convey important information that can determine the success of a company. A certificate allows investors, who are in the middle of an M&A transaction or forming new business partnerships, to estimate and minimise potential risks more effectively.
- A company’s decision to be certified and to commission an auditor represents a serious commitment to compliance and also leads to positive effects within the company.
Things you need to know about certification
It is important to determine who is suitable to serve as the auditor, depending on the standard.The certificate should have a certain level of recognition in the market (if the company making the claim is reputable and accredited by a regulatory body, then this third-party compliance proclamation would have a lot more weight than a self-proclamation would have). The certificate should have a certain level of recognition or acceptance in the market as well.
You should also determine which parts of the company and functional areas are to be covered by the certificate. Certification should only take place once there is an established CMS in definable company or regulatory areas. It is advisable when implementing a CMS to also think about certification as a long-term goal.
Limits of certification
Legal experts in particular have advised that a standardised or even certified CMS does not automatically mean that management bodies of a corporation fulfil their obligations. This means that if there are compliance violations, they may be held liable. A (certified) CMS can at best serve as a good indicator that the company and the responsible people make great efforts to take compliance and integrity very seriously.