The Cost of Non-Compliance Series: Penalties in Manual Policy Management

The Head of Justice Department’s Criminal Division Speaks on Corporate Compliance

In our previous post, we discussed the cost of resources related to the manual management of policies and procedures in this SlideShare. In part two of our “Cost of Non-Compliance” series, we are shedding light on the next phase, which includes the penalties inflicted upon organizations for being non-compliant.

Fines

The first and often most commonly known-penalties associated with non-compliance are the fines from governing agencies. For example, this year in healthcare, HHS issued a 3.5 million dollar settlement along with a corrective-action plan for a company that violated HIPAA compliance. In the energy industry, FERC issued a 28 million dollar civil penalty to an organization, with additional sanctions including disengagement of unjust profits.

Not only are these companies having to pay the fines, but also the legal and court fees that go along with the cases, as well as the costs associated with development and implementation of corrective action plans and any other sanctions required.

Internal and External Affects

When we hear “penalties” the first thing that comes to mind is being fined by regulatory agencies and the court costs ensued. Less commonly do we also factor in the aspects that will impact the bottom-line without the bold price-tags handed to non-compliant organizations by the DOJ and regulatory agencies. These penalties are a little bit more silent and camouflaged in a budget, but the financial threat to an organization after penalization for non-compliance is not a factor that should be left out of the equation.

Employees

Being non-compliant stems from either a misrepresentation of policies and procedures, the absence of crucial policies and procedures, or a blatant disregard of policies and procedures that do not have the proper procedural checks-and-balances in place to ensure enforcement of compliant activity within an organization.

Some of the financial burden that comes with having a lack of policy and procedure management includes: Inefficiently performed policies and procedures that waste employee time, inefficiently carried out tasks that can lead to investigations (whether or not they lead to actual penalties, the investigations will incur costs of their own), and lastly, termination of non-compliant employees. The cost of re-hiring, re-training, and ensuring future compliance with a new employee in a specific role is a costly endeavor—much moreso than ensuring the proper program is in place for complying with regulations related to their role.

These penalties can be avoided through the use of a structured policies and procedures management program. ConvergePoint’s robust policy management software provides the tools organizations of all industries can use to develop, approve, distribute, capture acknowledgment of, renew, and audit policies and procedures.

Read More: The Cost of Non-Compliance Series Part - 1 Manual Policy Management

Reputation

Not only does an organization take a direct hit to the internal human and monetary resources due to non-compliance, but the reputation of an organization is also affected. Press releases are issued immediately and all up until the final settlement. This affects how an organizations current and future partner’s, employees, and investors view the business, and require a slew of damage control. The “Cost of Non-Compliance” series will continue to discuss the cost of damage control associated with non-compliance. Stay tuned!

In the mean-time, find out how to choose the right policy management program for your organization by downloading this How-to guide.