Compliance: Definition, laws and fulfilment

What is Compliance?

“Compliance” is the term used to describe the adherence of companies to rules and regulations in business and legal terms. Compliance is the conformity of the behavior of companies with the requirements of laws, guidelines, shareholder requirements and the company’s own requirements.”Compliance” is the term used to describe the adherence of companies to rules and regulations in business and legal terms. Compliance is the conformity of the behavior of companies with the requirements of laws, guidelines, shareholder requirements and the company’s own requirements.

Legal compliance

The area of compliance primarily includes concepts and measures to

  • to avoid corruption,
  • for the avoidance of antitrust violations
  • for compliance with human rights
  • for equality,
  • for occupational health and safety,
  • against “Greenwashing“,
  • anti money laundering,
  • against mobbing,
  • for environmental protection,
  • for sustainable economics
  • and for data protection

as well as dealing with identified violations.

Transparency regarding the handling of these issues also falls within the scope of compliance. This is a basic requirement of any compliance work.

Company performance

But also the following criteria

  • the organizational flexibility,
  • the management of risks,
  • the efficiency expectations,
  • the profitability,
  • liquidity
  • and the equity ratio

are topics that – issued as targets by shareholders – become part of compliance. As a rule, shareholders articulate their expectations of the company’s performance in the form of overriding goals, which become a guideline for compliance work.

Corporate culture

Finally, the corporate culture, especially the desired

  • the desired social interaction within the company
  • and the way the company deals with its business environment, in particular the protection of the interests of various stakeholders and shareholders,
  • fairness,
  • internal communication,
  • the culture of error,
  • conduct in a spirit of partnership
  • and the desired manner of reporting and public presentation of the company,

fall within the scope of compliance.

Shareholders, but also board members and management can introduce corresponding missions that become part of the compliance work.

Legal basis for compliance

Executive boards or managing directors of companies are legally obliged to ensure that the companies for which they are responsible do not break any applicable laws. In Germany, this obligation is regulated in §§ 91 and 93 AktG and in § 43 GmbHG.

With regard to the offence of corruption, the British anti-corruption law Bribery Act of 2010 regulates this.

In addition to the Stock Corporation Act and the GmbH Act, in Germany there are also

  • the Control and Transparency Act (KonTraG),
  • the Act on the Further Reform of Stock Corporation and Accounting Law, on Transparency and Disclosure (TransPuG),
  • the Accounting Law Reform Act (BilReG)
  • and the Executive Board Remuneration Disclosure Act (VorstOG).

In the USA, the COSO ICIF model (Internal Control Integrated Framework) is the reference framework for compliance work. The COSO ICIF model is also a significant reference beyond the USA. In addition, all listed companies in the USA must comply with the requirements of the Sarbanes-Oxley Act (SOX).

In the UK, the Cadbury Report, the Greenbury Report, the Hampel Report and the Turnbull Report are considered authoritative references for compliance work.

In the Netherlands, the Tabaksblatt Code is used for recommendations.

In France, the Loi de Ségurité Financière, the Apef Medef Code and the MiddleNext Code are referred to.

In Switzerland and Austria, recommendations are divided into three categories. There are

  • requirements (“law”), which must be complied with,
  • binding recommendations (“comply or explain”), which can be deviated from, but the deviation has to be justified
  • and recommendations (“recommand”), from which companies can deviate without repercussions.

In order to fulfil their responsibility, board members or managing directors must be able to prove that they have introduced and implemented appropriate organisational and supervisory measures. Organisational measures include, in particular, specific instructions to staff to comply with applicable laws and policies. Supervisory measures include appropriate controls within the framework of management activities.

Consequences of breaking the law or the rules

If an employee breaks an applicable law, the company may be subject to misdemeanour proceedings. Violations of applicable laws and regulations can result in

  • claims for fines,
  • demands for compensation payments to possible injured parties
  • and reversals of transactions that violate applicable laws and regulations.

In addition to fines and damages, companies convicted of breaking the law can also be

  • the profit made by breaking the law can also be siphoned off,
  • and bear the organisation’s internal and legal costs of proceedings.

If the board or management cannot prove that appropriate organisational and supervisory measures have been taken, administrative offence proceedings can also be initiated against board members or managing directors personally.

It is important to know that administrative offence proceedings do not have to be limited to the company and its directly responsible persons. Rather, in group structures, superordinate companies, e.g. holding companies, and their responsible persons can also be included in the administrative offence proceedings. Persons in charge of superordinate companies have the personal duty to ensure that appropriate organisational and supervisory measures are regularly taken in all companies that fall within their area of responsibility.

The consequences of breaking the law or rules are regulated in Germany in §§ 9, 30 and 130 OWiG. Section 130 OWiG calls for the obligation to make compliance violations substantially more difficult. The board of directors or the management must be able to prove that they comply with this duty.

How can compliance be ensured?

The shareholders of a corporation are obliged to ensure compliance with all laws and guidelines in their company in a comprehensive, clear and unambiguous manner. For this purpose, expectations must be defined and the handling of these expectations must be regulated. Responsibilities must be clear.

Code of Conduct

Shareholders must ensure that their company creates a code of conduct in which the desired corporate culture is described and declared to be the default. The code of conduct should specifically address the basic attitude expected of shareholders and the desired behaviours.

The binding nature of these expectations on all employees in the company must be clear from this code of conduct. The board or management must be able to demonstrate that they have made the code of conduct available to all employees and explained the rules to them. Evidence can be provided by employees signing their participation in training and their acceptance of the Code of Conduct.

Verification of compliance with the Code of Conduct starts with observing the actual behaviour of managers in their operational practice. Observed deviations from the agreed Code of Conduct must be addressed by board members or management. These discussions must be documented as evidence of compliance work.

Corporate Governance

Corporate governance is an important instrument to ensure compliance.

With a corporate governance specification, the compliance goals can be operationalised. Accordingly, such a corporate governance paper should specifically define how the company is to be managed responsibly in order to meet the compliance requirements.

The structuring of corporate governance is the responsibility of the supervisory board or the advisory board in cooperation with the management.

Essential components of corporate governance are

  • a corporate mission statement,
  • values,
  • principles,
  • rules,
  • standards,
  • guidelines,
  • (business) expectations
  • and statements of intent,

which are intended to serve as binding guidelines for corporate management in order to comply with the applicable laws and guidelines as well as the requirements of the shareholders.

Corporate governance is intended to specify concrete processes with the implementation of which the required level of risk management can be established in the company. In particular, the methods and means by which risks are to be recorded and assessed in the company and how deviations from the standards set out in the code of conduct are to be dealt with should be specified. The control mechanisms to be used should be defined in the corporate governance.

In the application of corporate governance, communication and documentation of identified deviations and how to deal with them play an important role. The requirement for an ongoing review of the compliance requirement for possible need for improvement is also a mandatory component of corporate governance.

The entire corporate governance system should be described in a comprehensible manner. In particular, the effectiveness with regard to compliance should be evident from the corporate governance paper.

Code for Compliance

In Germany, corporate governance requirements for listed companies are defined in the German Corporate Governance Code.

Internationally, corporate governance requirements are captured in the G20/OECD Principles. These codes also serve as a fund of recommendations and suggestions for non-listed companies.

Compliance-Management-System (CMS)

Compliance can be ensured with an integrated compliance management system (CMS). The requirements for such compliance management systems are captured in the standard TR CMS 101:2015 and are illustrated by a compliance guide TR CMS 100:2015. The standard specifies certain minimum elements for effective compliance management. By setting up a CMS according to this standard specification, companies can systematically track their compliance work and continuously improve it. Companies can even have their compliance system regularly audited by external assessors and certified by approved accreditation bodies. A certification of the CMS is a component of the protection of the board members or managing directors against personal liability.

Audit according to IDW PS 980

The IDW Standard PS 980 enables companies to carefully review the effectiveness of their compliance system. The review of the CMS according to IDW PD 980 by external auditors can also serve to underpin compliance in external communication and promote the trust of business partners, financiers and the public.

What you should consider when doing compliance work with the help of corporate governance

When you start your compliance work and want to introduce corporate governance for this purpose, there are a few important aspects to consider:

  • Company agreements are notarised. Regulations agreed in the course of corporate governance must not contradict the notarised articles of association. If it turns out that certain regulations should be made in deviation from the applicable articles of association, please work to ensure that the articles of association are also amended accordingly. This usually requires the consent of 100 % of the shareholders.
  • Do not ignore aspects that lead to dissent within the circle of shareholders or between the shareholders, the supervisory board or advisory board and/or the board members or managing directors, but discuss these issues and reach a result that is supported by all parties involved.
  • Formally include all issues of importance to those involved in corporate governance. Handshakes and gentlemen’s agreements are always linked to the persons acting. Think beyond the persons currently acting to possible future constellations within the circle of shareholders and beyond. Legal certainty creates legal peace.
  • Regulate how corporate governance is to be adapted in the event of changes in the framework conditions.
  • When regulating corporate governance, ensure that appropriate majority ratios are agreed upon for passing resolutions. Avoid that the company can be blocked by the requirement of 100% unanimity of the shareholders. In critical situations, decisions should be able to be made in order to keep the company capable of acting.

Benefits of effective compliance work supported by good corporate governance

Companies that carry out good compliance work benefit from various essential advantages:

  • Effective increase in legal certainty for board members or managing directors and for shareholders of companies regarding compliance with legal requirements,
  • Effective management tool to safeguard the interests of shareholders,
  • Useful process for systematically identifying the interests of shareholders, board members/managing directors, employees, customers, suppliers, service partners of the company and the public
  • Improvement of strategic and operational processes in the interests of the shareholders
  • Transparent monitoring of possible deviations from targets and effective risk management
  • Proven means of communication with capital providers that can promote trust in responsible corporate governance and secure capital commitment.

Effective compliance work, supported by good corporate governance, is not only a necessary requirement for listed corporations, but also helps shareholders and executive boards or the management of all corporations to conduct their business in a target-oriented, successful and transparent manner.

Downloads

Business plan checklist (PDF)
This checklist will give you an orientation on how your business plan should be structured and what statements it should contain. Contents This checklist will guide you to prepare a good and complete business plan in a form that is usually expected by commercial banks. You will learn in detail how you should build your ...
Liquidity status and liquidity balance
If liquidity is threatening to become tight, it is advisable to prepare a liquidity status and, if necessary, a liquidity balance sheet.
Checklist for legal due diligence
Use this field-tested checklist to conduct legal due diligence.
Site Due Diligence Checklist
Use this field-tested checklist to conduct site due diligence.
Checklist for Tax Due Diligence
Use this field-tested checklist to perform tax due diligence.
Financial Due Diligence Checklist
Contents In the context of corporate transactions, target companies are systematically assessed. The instrument of due diligence is used for this purpose. One facet of this due diligence is the examination of the financial circumstances of the company in which you are interested. The systematic assessment of these financial aspects is the subject of financial due diligence, for which you will find a structured checklist here.The practical checklist contains 34 questions on purely financial aspects, 8 questions on insurance issues and 6 questions on possible public subsidies.As a prospective buyer, you can write your findings behind each point, use relevant sources of information, refer to annexes, name supporting documents and write your comments. This creates a record of your review as you conduct your financial due diligence. If, following your review, you have the seller sign for his confirmation, you will have a valuable basis for the guarantees to be defined in the purchase contract.This checklist is also valuable for sellers to carefully prepare for a financial due diligence. Go through the points on this checklist carefully and consider how you can find answers to them or what you should still grind in your company from a financial point of view before the sale.This checklist is available in German, English and Spanish so that corporate transactions can be supported across national borders.  Advantages of your Financial Due Diligence ChecklistWith this checklist, you will be made aware of essential relevant audit areas that affect finances. You will receive a practice-oriented checklist for financial due diligence that has an appropriate level of depth. For prospective buyers, the use of this checklist during the financial due diligence creates a solid basis for the seller-side guarantees to be defined in the purchase contract. For sellers, this checklist gives concrete indications of possible questions that prospective buyers will ask. The checklist supports good preparation for the sales process and the associated financial due diligence.Digital Download After ordering, you will receive a download link to the structured checklist which you can use immediately.Please note that this checklist to which you are purchasing access is for your personal use only. It is prohibited to resell the checklist in any form and in any digital or physical manner, or to publish it in any physical or online publication without my permission. I am the sole copyright holder of this file.Link to download: pdf  What is financial due diligence? A due diligence is a systematic recording of all relevant opportunities and constraints that characterise a company or part of a company. Due diligence reviews are used in the course of corporate transactions. They are intended to give the buyer certainty about the transaction object.In a financial due diligence, all financially relevant aspects are examined and recorded.When recording these characteristics, the sources of information are indicated. It is customary for the prospective seller to sign the resulting due diligence protocols, thereby formally confirming his documented statements. In this way, due diligence protocols can be used as a basis for sales guarantees that are formulated in the transaction contract.  Procedure of a financial due diligence review A financial due diligence begins with the recording of all possibilities, restrictions and burdens that a company or part of a company has with regard to its finances. Attention must be paid to the completeness of the information. Concrete formulations are recommended, such as: "The list in Annex x includes all existing continuing obligations. No other continuing obligations exist." Furthermore, attention should be paid to precision. A formulation such as "The planned corporate transaction does not cause any obligation to repay funds from the public subsidies granted, with the exception of ..." How a checklist can help you with financial due diligence In order not to forget any important aspect during the comprehensive financial due diligence, it is advisable to use a suitable checklist. Good checklists are pre-structured and contain the essential aspects that should be included in a financial due diligence.In any case, you do not carry out the financial due diligence arbitrarily with a tried and tested checklist, but ensure a systematic procedure. Instead of having to make fundamental considerations, you can concentrate on the substantive examination. 
Become a partner
Dialogue

What are your challenges?

...
Restart Dialogue
Call