On the blog today, we are delighted to have two new guest authors – Beth Teixeira and Ray Williams. Beth is the Director of Learning and Development and Ray is the VP of Compliance, at Comscore, a global leader in planning, transacting, and evaluating media across digital platforms.
The prospect of an investigation or complex litigation is an incredible motivator for change. Organizations oftentimes fear that they may suffer harm from even the whisper of such an event, regardless of the circumstances or outcome. It can negatively impact a brand’s reputation, which can take months or even years to recover. When we found ourselves facing such a time at Comscore, we knew that the best way to manage the associated risks was to take immediate and dramatic action.
Reimagining compliance training at Comscore
During our period of uncertainty, we decided to challenge past assumptions and to re-think how to assess risk such to affect real change on several planes throughout our organization.
We started the transformation at the top.
First, we appointed Carol DiBattiste as General Counsel & Chief Compliance, Privacy, and People Officer. A high-energy, decisive leader, Carol brought extensive legal and governance experience from both the private and public sectors. She immediately began assembling teams to assess risk and establish new governance.
These new teams of qualified leaders identified and subsequently removed sources of vulnerability. The procedure involved a thorough evaluation of our leadership, behaviors, processes, and systems.
We discovered that in order to eliminate gaps in oversight, operations, processes, training, and systems, we needed to change some of our standard practices. In response, topic-specific email aliases were set up so that employees could easily ask for guidance. Internal resource websites were created so that employees could access new policies, procedures and training. Internal controls were also put into place and regular reviews and assessments of those controls we established. We called this conglomerate of governance our Compliance Management System.
We next streamlined compliance training into a single learning management system (LMS) repository. Then we automated the system, using logic to deploy assignments and to eliminate human error and bias. This process also served as a check-and-balance for our human resource information system (HRIS). Previously, changes in employment status or reporting structure were often discovered through assignments, and for the assignments to change, the HRIS needed to be updated.
Was the training itself part of the problem or the solution?
To address these vulnerabilities, we selected Skillsoft’s Compliance Training, which had a full suite of compliance training solutions in the many languages we needed. It also provided the breadth of content and the level of expertise we needed to keep pace with global law and regulatory changes. For example, we like to customize our offerings so that the material is different each year, even if the topics remain constant. Skillsoft’s modularized content enabled us to do that. While other compliance providers may have these foundational pieces in place, what set Skillsoft apart was the design. We needed behavior change, and we learned from our employees that Skillsoft’s instructional design was both relatable and memorable for months after they viewed the content. The content didn’t just check the box. It made an impact.
To further make the training easy to consume, we began offering 7-minute modules on specific topics. Most courses were limited to 15-40 minutes. We also focused on two or three policies per calendar quarter to prevent information overload. Here’s what one learner said: “I think the training and learning exercises the team has assembled are some of the best I’ve encountered. The compliance training is a nice mix of custom and package materials. There is great attention to detail plus a focus on the right areas. In truth, this is training that sticks and produces meaningful results.”
How do you know what you don’t know?
We implemented a comprehensive review process to ensure not only that employees understood the content, but that behavior change also occurred. Our internal product team created custom surveys that were deployed one quarter after an open compliance window. Based on survey results, any topics that were not sufficiently understood or applied were further explained in an all-company compliance newsletter.
Recently, we began using Certitude, Skillsoft’s attestation and questionnaire tool to administer our policies, attestations, and some tests.
By deploying Certitude, the custom surveys, the newsletter, and the annual training requirement, each topic is covered four times in a single year using four different modalities.
How long did it take to realize the art of the possible?
A potential investigation meant we had to be expedient. Consequently, within two years from starting this transformation, we moved from a fragmented compliance program to our current streamlined, systematic, fully accountable Compliance Management System.
Our reward for all this hard work
In November 2019, at the 12th annual Corporate Governance Awards, Comscore won Best Compliance and Ethics Program (Small to Mid-Cap). This award from the online publication Corporate Secretary, recognizes Comscore’s outstanding achievements in the governance, risk, and compliance (GRC) fields. It validates the collective efforts of our legal and compliance, learning and development, privacy, and enterprise risk management teams. We knew that we had built a solid system for compliance management that had already successfully driven operational and behavioral change. And now, this achievement has been publicly acknowledged with this award. To say that we are delighted is an understatement.