How to effectively manage compliance across diverse business operations

By ,

Recently, I wrote about the challenges faced by a building and facilities manager to monitor regulatory compliance within the scope of a larger company. I concluded that there is no one size fits all approach for compliance management.

A facilities manager is usually not a compliance expert and they may even be a contractor depending on the situation. One facility manager I spoke with recently had inherited compliance obligations designed to capture upstream oil and gas sector operations, but the facility manager was only responsible for one small part of a much larger operation. Consequently the person was overwhelmed with irrelevant regulatory updates. This deluge of information meant they struggled to identify actual compliance risks and communicate these issues to upper management. This is just one example, but one of the main problems with compliance programs is that they are not properly tailored to the people and operations in question.

Scoping and Screening

When scoping your business operations and screening for compliance obligations it is important for compliance managers, analysts, and specialists to consider:

  • Industry-specific health and safety, environmental, and other obligations
  • National vs regional scope
  • Location and function of sites and facilities
  • Who is accountable for these sites and facilities? What are the compliance roles at your company?
  • Industrial operations vs. Buildings and office spaces
  • Applicability of corporate policies and other internal obligations at different business operations

To ensure a centralized and integrated approach, we often recommend creating a company-wide parent compliance obligations register. This will be managed by a core compliance team who will review new obligations and major updates. Relevant updates can then be shared to the appropriate business units, operations and people who can take action.

Once you have established a central list of compliance obligations, you can create specific sub-lists that are specific to certain operations within your business. These registers should be a subset of the company’s overall obligations specific to operational contexts. You can use filters for the industrial sectors, compliance subjects, and the state of a regulatory change (proposed, published,…) to reduce noise and clutter from extraneous updates and actions. With a proper hierarchy of compliance obligations and good screening, the actions will be more relevant for your team. The team can then take rapid action to assess applicability by subject matter experts such as building managers, health and safety champions, and environmental specialists.