You probably had a great idea a few years back and a few motivated colleagues, an office or a garage where you spent all your day. Now, you may have hundreds of employees, you do not meet your old team mates that often, you are no longer a small company where a “gentlemen’s agreement” was a way of doing business. You are realising that although you hated all those systems and policies of big corporations, you actually need some of them.

You are probably asking yourself a question: Is it sustainable to work and do business the same way as a couple years back or does something need to change the bigger and wealthier you get? You might not sleep well because the competition also does not sleep and you never know who could misuse, or leak your know-how, IP or other assets which are worth a fortune. And if you have not thought about it yet, well… Maybe this is the right time. Because if you do not prepare for current and future challenges, in the worst case, your business may not even be here in a couple of years.

Five benefits of being compliant

Thinking about compliance today may not only protect your company but also grow your company’s value in the future.

Nowadays, being compliant is getting more and more important (as well as complicated) due to heavier regulation companies have to comply with. We know creating a compliant organisation might be a bit of a challenge. However, implementation of or enhancement into an effective compliance programme actually provides attractive benefits and competitive edges such as:

1. Creating a detailed in-house manual for everyday processes and regular internal controls – the company works transparently with clearly defined duties and responsibilities;
2. Supporting respectful corporate culture;
3. Empowering trustworthiness and brand loyalty towards the investors, business partners and customers;
4. Reducing reputational risk and mitigating the damage by protecting the company from criminal liability and other types of liability; and
5. Increasing value of the company in an acquisition process or when seeking an investor.

Looking for a needle in a BIG DATA haystack

We are often facing clients telling us: We never thought or expected this could happen to us. We never thought that our loyal employees would leave our company, take sensitive corporate information with them and start working for the competition building on our unique ideas. How come our whole customer database was lost or stolen? Who leaked our idea that we just wanted to get a patent on? Why do our employees collaborate with our suppliers and conclude contracts disadvantageous for our company? Why did the police raid our offices and take our computers and servers? And so on and so forth…

Poorly trained employees causing data breaches and white-collars participating in bid rigging or financial statement frauds are just a few examples of individuals’ misconduct that may lead to severe damage to a company. Usually, a company detects misconduct after the damage is done and going public is just too risky.

In such situations, we can of course help you find out what happened, how it happened and who the perpetrator is. It may sound very simple, but finding a needle in a big data haystack may take some time, despite all the tools and technology we employ. The most challenging is the aftermath: Should I claim damages? Should I file a criminal complaint? How do I get rid of an unfaithful employee? Can I sue that person? Is the evidence strong enough to go to battle?

No effective compliance? Prosecution as the worst scenario

You can try to file a claim against the employee and you end up being told by the court that your company actually “enabled” your employee to cause damage to your company due to having insufficient precautions, lack of control mechanisms. You have ignored red flags and alerts that something is going on many times and you might have easily missed the statutory deadlines to dismiss the employee.

Companies with no effective compliance mechanism cannot simply step aside from its employees or management misconduct but in the worst case (which statistically happens quite often), the companies themselves end up being sued or prosecuted. Companies charged with criminal offence have a tough task proving  such misconduct is a mere individual’s failure, not the company’s “best practice” and that the company has a sufficient compliance programme in place. Nevertheless, forensic investigations that we work on with our Deloitte forensic experts usually discover many “back doors” in corporate systems and a lack of control mechanisms, hence in real cases companies are lacking a proper compliance programme.

The article is part of dReport – June 2019, Legal news.