10 tips for proactive business compliance

bigstock-The-words-What-Now-asking-the--33761060As a decision-maker at a small or medium-sized business or not for profit organization, you’ve already got your hands full, don’t you? You’re probably working around the clock just to make ends meet and keep your momentum going.

Never mind the little things that come with the job.

But those “little things” can be a killer. Take compliance, for example. Managing tax, regulatory and business requirements, and business license filings might not be at the top of your daily to-do list, but they need to be addressed. And preferably not at the last minute, in a mad scramble to avoid penalties, fines, or lost business opportunities.

Nowadays there are a lot of changing regulations to keep track of, and it’s very easy for things to fall through the cracks. The penalty for not staying in compliance can range from hundreds to thousands of dollars. Failure to be proactive could also mean you end up dedicating employee time and effort to avoiding a penalty, instead of making sales or developing new products. This results in even more lost income.

Here are 10 tips for proactive business compliance:

  1. Assess your compliance situation. How much of your resources are being dedicated to compliance? These resources include staff, time, and money. A quick, informal audit will show that it’s not only the person with “compliance” in their title who is involved with compliance requirements; it is everyone in the business.
  2. Centralize accountability through one department or one person. Determine who should be empowered with central responsibility for business compliance, requirements and reporting. This is normally located in the accounts area, as these departments typically have the highest reporting requirements. The audit mentioned above will give you a realistic estimate of workload and staffing needs i.e., whether the department has enough staff to handle accountability on top of their other work).
  3. Gain control of your compliance calendar: what is required to be reported, when and to whom. All important dates can be put on one master calendar. A web-based calendar such as Google is preferable because it allows you to populate compliance events and other regularly occurring business dates automatically, where all staff can see them as required.
  4. Communicate and collaborate. Create processes and procedures for how information should flow between departments and staff. Establish controls, checks and balances for accountability, but always leave enough flexibility for collaboration.
  5. Use one productivity tool to consolidate compliance. Implementing a Web-based or centrally located business compliance tool can be very effective. With this kind of tool, a list of daily, weekly, monthly or yearly tasks can be generated from the calendar, and customized email alerts can be sent to responsible parties as required.
  6. Try to centralise information in one place. Ideally, this would be the same productivity tool as described above. A Web-based tool will automatically update requirements as they change, eliminating the need to check in constantly with each state. Those updated requirements will update the central calendar automatically, so accurate due dates will always be available to everybody.
  7. Use “pre-filled” forms. In addition to populating the calendar, a central repository of key company information should also pre-fill in re-usable forms. Re-using and repurposing data will save hours of effort and improve accuracy within the complete process.
  8. Create a defined process for storing and organizing evidence for all your required reporting. This is essential for every compliance activity. Electronic confirmations of all reports can be stored in the document repository, so that a complete history of everything pertinent to a report is quickly and easily accessible.
  9. Document and publish your systems, procedures, and checks and balances. Having everything related to reporting in one centralized place means that staffing changes won’t pose a problem when it comes to compliance. If one key person leaves, the company’s vital compliance knowledge won’t leave with them.
  10. Ask the experts. Subscribing to a Web-based compliance tool usually means you also get access to a vendor’s team of expert compliance specialists. Demand a partnership from this vendor to get full value from their expertise.

Compliance can be a time consuming process but by using some of these tips the compliance of SME’s can be made easier.

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.