The challenges of compliance-led change

Ian Holloway

Ian Holloway Headshot

The challenges of compliance-led change

Ian Holloway

New or updated legislation drives a lot of business change. It’s easy to see legislative change as a necessary evil – the cost to comply in time to avoid penalties. And yet, sometimes new legislation can open up opportunities for new products and services or to improve the customer, stakeholder and employee experience.

In this next article in our expert series, we look at the specific considerations for compliance-led change.

Legislation and regulation are designed to protect people, prevent crime and to ensure a fair and level playing field in business. Every organisation will have to adhere to multiple regulations, which can differ depending on your industry, your business size or which countries you operate in. This is even the case in the United Kingdom as a result of so many payroll and reward issues being impacted by devolution. So, the first step is finding a reliable source.

Check multiple sources to identify changes

It’s important to establish a way to monitor the corporate, functional and industry laws and regulations that you need to comply with and ensure you are updated reliably and regularly. You need to log exactly when new legislation comes into effect, any staged deadlines and, of course, the impacts on administration, policies and procedures.

One of the biggest challenges, particularly with new or impending legislation, is finding the most recent guidance from a source you can trust. You could, of course, go straight to the legislation or look at the Government websites for their interpretation. However, it can be more helpful (and easier) to read additional sources where someone has interpreted those rules and gives guidance on how to apply them practically, suggesting workflows or processes that you can implement and then check against. Interpretation in this regard is vital.

When seeking a reliable source, check if they have, simply, copied and pasted a news / policy announcement. In all honesty, anyone can do that and the ability to copy and paste does not demonstrate reliability. So, should they be providing more? Do they suggest any practical steps? Are they open to you asking a question? Do you know anyone else who has used them?

You could also ask your peers “this is my interpretation, is that yours too?” Let us be totally honest, you’re not the only person trying to figure out what you need to do and how to go about it. Communication, education, engagement and support are things to be freely shared.

Discuss the impact on your type of business

It’s not always clear what you need to do to comply with legislation – you only have to look at the complexities of the recent IR35 changes. Some changes are mandatory (e.g. the annual statutory updates for our payroll software when we move from one tax year to the next). In order to comply with our statutory obligations, legislation should be provided in a timely manner with a clear set of rules, detailing what has to be done, the way in which it has to be done and when. At least, that is how it should work in the perfect world.

Other legislative changes are less clear and, unfortunately, governing bodies will publish guidelines but they are open to interpretation. GDPR was a good example of this. You are mandated to have policies that follow certain principles, but there are several ways to achieve them. It’s more than useful to form a working group within your organisation to agree how you will approach the change. This is a time for payroll and reward to take the lead, discussing and developing solutions that will produce the right outcome for your customers, employees, always considering and any internal or financial constraints.

Develop your own internal policies

You need to set out and document how your business is going to comply with any legislation, and why. It’s critical that these policies refer to the processes you actually use and that employees would recognise. This is especially important in dispersed businesses – where compliance processes need to be followed exactly in all parts of the business.

People across the organisation need to understand the reasons behind the legislation, why you’ve chosen to implement it the way you have, and what they will need to do differently. You will also need to devise the right process steps and sign offs to both ensure and prove compliance.

Keeping, and being able to quickly access documentation, is usually a requirement of legislative change. Therefore, it is advisable to have policies that are reviewed and updated every year, ensuring they stay up-to-date, compliant and relevant.

Expect change: the importance of record-keeping

Legislation and regulations change. Sometimes a lot – ask any payroll professional about implementing the UK Government’s Coronavirus Job Retention Scheme, as interpreted by HMRC through countless guidance updates throughout the pandemic! Sometimes, though, things change less frequently.

It’s easier to change if you know what you’re changing from – so, having clear documentation will help you achieve this faster. You may also need to document when processes changed, and how, so you can prove that you made necessary changes. Perhaps the rules for calculating holiday pay change at a certain date. You will need to be able to evidence that during period A you followed xyz rules, but from date B you followed abc rules.

Documentation is often left to the end of change projects, or not done well (or not done at all). With compliance-led change, documentation has to be part of the project deliverable by the deadline – as it’s usually part of the requirement to meet the regulation.

And, of course, if you are audited or investigated for non-compliance, it will be much easier to justify and provide a defence for what you did and why at every step of the way.

Seize the opportunity for change and improvement

Some legislation presents an opportunity to fund and implement other changes you’ve been considering. Legislative or compliance-led change is often the easiest to get ‘sign-off’ for, as it’s not optional. If the intent of the legislation is to improve the customer experience – e.g. GDPR ensures email sign-up is consented and secure – are there opportunities to improve the customer journey at the same time, so you’re improving the brand experience and efficiency, not only compliance? This may realise additional benefits from your investment in change.

Changes happen all of the time. Effective and efficient changes happen less frequently.

Share this expert series