How to Build a Culture of Compliance and Mitigate Risk

6 tips for building a healthy culture of compliance that protects your organization.

December 28, 2020

Article highlights

Each year tens of thousands of employment discrimination charges are filed against employers. According to the Equal Employment Opportunity Commission (EEOC), there were roughly 40,000 retaliation-related charges filed in 2019 alone.

Charges filed with EEOC (

Chart of 2019/2020 EEOC Charges By Type

Once a claim is filed, employers face the expense, distraction, and time of defending a claim, and are forced to consider whether they wish to settle or face uncertainty in the court system.

Given this, all organizations can benefit from taking preventative measures to try to stay out of the courtroom and mitigate risk in the event of an employee discrimination claim.

The truth is, no matter what you do, you can’t prevent employees from filing claims. It will probably happen to your organization at some point. What you can do is make your practices more defensible, which starts by building a culture of compliance.

In the rest of this article, we will look at 6 tips for building a culture of compliance that can help protect your organization or mitigate risk in the event of an employment discrimination claim.

1. Address Problems Immediately

Sweeping problems under the rug is a natural human tendency. After all, who actually enjoys confrontation? It can be uncomfortable. But in the end, it’s healthier for your employees and organization to address issues early on and not let problems fester.

In many employment discrimination lawsuits the employer knew about the issue beforehand but didn’t address it appropriately or failed to address the issue entirely

Sometimes issues stem from personality clashes, and while these may not be legal issues, they need to be addressed to foster a healthier work environment. Employees need to feel like they’re being heard and that steps are being taken to build a culture of respect.

When the #MeToo movement went viral in October 2017, it encouraged organizations to launch investigations into long-standing issues related to sexual harassment and more. The public relations fallout and million dollar payouts that resulted from #MeToo is a stark example of the risk and liability organizations can incur if they let issues fester and don’t take complaints seriously. A 2019 report on sexual harassment in workplace created by Deloitte found that it costs organizations $2.6 billion in lost productivity, or an average of $1,053 per victim.

2. Audit Policies and Practices Continuously

Another important element of risk mitigation is auditing policies, practices, and alignment between the two. In other words, how well do your policies promote a culture of respect and compliance?

  • Are policies clear and easy to understand?
  • Are policies/documents effectively disseminated?
  • Are read receipts and signatures tracked?
  • Are employees being properly trained?
  • Are processes and procedures founded in reality?
  • What relevant issues should we focus on? (e.g. bias training, politics at work)

Unfortunate but true, sometimes processes and procedures are developed without the user in mind. When this happens, staff often find their own way of doing things.

Your staff members are in the trenches, so to speak. Employees at the bottom of the organizational hierarchy often know better than anyone what’s working and what isn’t. They know whether a process or procedure is useful or not.

Are you surveying employees to get their feedback on the effectiveness and accuracy of policies and procedures? Are you fostering a culture of transparency and trust where staff feel freedom to be honest with leadership about challenges in the workplace?

3. Train Like Your Compliance Depends on It

Having policies is one thing. Making sure employees understand them is something else. That’s where training comes in.

As we all know from personal experience, training can be boring. And if it puts you to sleep, it’s probably not effective. So how do you make training engaging? It’s certainly a challenge in the age of COVID-19.

One way is to keep the training relevant, modern, and well-made. We’ve all seen the cheesy training videos from another decade. It may be comical, but no one’s engaged or taking it seriously.

Similarly, low quality presentations and videos can be more distracting than educational. Most employees just do enough to get by.

Another way is to go above and beyond what’s required. Now more than ever, employers are training their staff on more than just standard training—things like respectful workplace training, bias training, bystander training, and more.

Lastly, you can increase engagement by testing employees on their training. But not all tests are created equal. Tests only incentivize learning when something is at stake, like failing the test, so it’s important to create questions with varying levels of difficulty. We’d also recommend limiting the number of test retakes or guesses per question.


4. Investigate Issues Thoroughly

Getting Started

Most of us have opinions or judgments about our coworkers. It happens automatically. But when you’re starting an investigation, leave your preconceived notions at the door. They will only cloud your vision as you search for the truth.

A thorough investigation starts with the right questions. For example, using a funnel technique which goes from broad to more specific questions helps ensure you are consistent in how you investigate each complaint. Funnel techniques also help you understand context before focusing on the details of what happened.

Focus on Policy Violations

Focus on policy violations, not just legal violations. Issues arise all the time that your organization can’t get sued over, but they still need to be addressed. Maybe that one incident wasn’t technically harassment, but did it violate a policy?

Consider your organizational values. Did an employee’s actions promote or violate those values? If the latter, you may consider further training for that employee. As the saying goes “what you permit, you promote.”

Use Video Conferencing

Much of the world is now remote, but that doesn’t keep issues from arising. If anything, it makes investigations more challenging.

Interview in person if possible. If not, video conferencing can be helpful as you judge the credibility of witnesses. However, where confidentiality is essential to the integrity of an investigation, it can be particularly tricky in this remote world. During an interview, you may not know who’s outside of the camera lens or within earshot, or whether a party is recording the conversation. Therefore it’s important to set the expectation regarding such behavior in advance.

Remember to Follow Up

Maybe you addressed an employee’s complaint but never followed up with them. An employee is likely to think the compliant feel on deaf ears. Even if you’re unable to share specifics, people at least need to know their complaints were heard and addressed.

Man thinking about compliance.

5. Enforce Policies Consistently

No one likes it when their employer plays favorites, especially when it comes to enforcing policies. If you put two similar incidents side-by-side, did you address them consistently? Do you have similar documentation for both employees? When policies and procedures are fairly applied it improves your organization’s legal defensibility.

Consistent enforcement is most important across roles or departments, not necessarily the entire organization. For example, arriving on time is essential for customer-facing roles, but it may not be necessary for an outcome-based role in marketing or finance. The key is having managers fairly enforce policies among their direct reports.

6. Manage Your Policies Well

Here’s the thing. If you do everything above well but don’t have a system for managing your policies, creating a culture of compliance will still be hard.

Why? If policies aren’t organized, if there’s not a single source of truth, if multiple versions exist, how can you audit policies? How can you enforce your policies if employees can’t easily access them or if they’re referencing an outdated version?

In times like COVID-19 especially, when new information comes in fast and changes frequently, it’s important to have a system for storing, updating, disseminating, and tracking information.

That’s where PowerDMS comes in. Our policy and compliance management software is your single source of truth for all important documentation. It creates a living connection between your policies, accreditation, and training, so you have the documentation to back up your organization’s culture of compliance.

If you’re exploring purchasing a policy management solution check out our Buyer’s Guide to the Top 7 Policy Management Tools.

Related Article

Footer CTA Image

Download your copy of the report

Download The Future of Policy & Compliance Management report.

How does your organization compare? Get your copy today.

Download the Report

Schedule a Consultation!

Learn how PowerFTO can help you access and track field training data to improve your agency's FTO program. Fill out this form to schedule time to speak with an expert!