Corporate Compliance

Greater awareness and higher expectations among the public, the rapid spread of information, and the digital transformation are posing new challenges for companies. It is therefore becoming increasingly important to have an effective system in place to prevent violations of legal or regulatory provisions and to ensure ethical conduct within your own organization and amongst relevant third parties.

A Compliance Management System (CMS) tailored to your company’s specific requirements protects your organization from liability risks and the associated financial implications, preserves your reputation in the long term against a loss of public and stakeholder trust in your business.

 

OUR EXPERTISE

While measures for ensuring legal and regulatory compliance may already exist to a certain extent within many companies, they often lack an integrated and effective approach in the sense of a Compliance Management System (CMS).

We support you in the design of a CMS that is tailored to the specific needs of your business, taking into account existing measures and work out practical, adequate and sustainable solutions for you. As our work is always concerned with the individual risk profile of an organization, the services that we offer are aimed at owner-managed companies as well as publicly traded companies, administrative bodies, and the non-profit sector. We work in accordance with established best practice standards in Compliance such as IDW PS 980 and ISO 19600, which we translate appropriately for your organization.

 

Compliance made tangible
We will support you in all stages of the development, introduction, assessment, and further improvement of your specific CMS or single elements hereof:

Assessment of your Compliance Management (System): Performance of an initial review to determine the current state of your existing Compliance organisation/ CMS in accordance with best practice, providing recommendations for further improvement.

Compliance objectives, Compliance strategy: Development of a company-specific Compliance strategy that takes into account the expectations of different stakeholders.

Compliance risk assessment: Assessment of Compliance risks and development of a systematic process for identifying and controlling such risks.

Compliance organization: Definition of a Compliance organization (structural and operational organization) that is suitable for facilitating efficient and effective interactions between different assurance providers within the company (integrated risk management, Three Lines of Defense’).

Code of Conduct, policy management: Creation and/ or review of the internal policy framework (‘House of Policies’ or ‘Policy Framework’) and support with drafting, or revising the Code of Conduct, policies/ directives, guidelines, manuals, or regulations on specific Compliance topics.

Compliance courses and training concepts: Development of communication and training strategies, providing and/ or delivering training courses on specific Compliance topics (e.g. anti-corruption, data protection, competition law, public procurement law).

Compliance culture: Measuring the Compliance culture and the ethical climate within the company using ECOLEX’s own, scientifically substantiated method.