Despite the huge amounts of money, time and energy spent on the problem and the solution, there is still a tendency for compliance training to fail more often than many other forms of training. This failure can occur for both the organisation and the employee too, for both are making investments in the process.
In this article, let’s consider why this is and, at a high level, what is missing which creates this failure in compliance training.
A failure of intention
All training begins with the ‘why’. Why is the training occuring? Why is it required? Why can’t another form of activity or intervention achieve the desired result – why was training selected as the appropriate activity? If there is a failure at this level of intention then the training intervention is probably doomed from the start!
- What is the intent from the organisation? All too often, compliance is a ‘tick the box’ activity. It’s a one-off attempt to create a safeguard against the risks of non-compliance for the organisation. It’s a necessary event.
- What is the intent from the employee? All too often, compliance is a ‘tick the box’ activity. It’s something the employee has to do to meet internal requirements or avoid a negative outcome. It’s a necessary event.
Perhaps this is a litttle harsh. Compliance training is a necessary event. However, if it is only ever viewed as ‘necessary’, then what perceived value does it have for any stakeholder? When things occur because they are only necessary, the level of engagement is always low – compared to things done because they are valuable, relevant or beneficial to the parties involved.
Low engagement is a massive problem for training. Think about the desired outcome – to safeguard the organisation and employees from non-compliance. When engagement is low in the very activity designed to create safety, how much safety is being established anyway? Not much. Compliance training is often ‘in one ear and out the other’.
Yes, the organisation may feel they have shifted some of the non-compliance risk onto individual employees, but they have not reduced risk – merely shifted it. Chances are, when a non-compliant event occurs the organisation will still take damage. The illusion of safety is not the same as actual risk reduction.
A failure of implementation
A second failure often occurs during the execution of compliance training. Let’s think about how most compliance training occurs.
- The organisation imports a bunch of compliance training modules. These modules are typically not customised for the organisation and often branded with an external provider’s details.
- The organisation groups modules together and requires employees to complete them. Usually, but not always, this is a one-off process particularly for non-regulatory content.
- The employee is deemed ‘compliant’ once they have their completion certificate. The end-goal is to get that certificate. So they go through the motions to obtain their certificate.
Now the organisation has a list of compliant people, and those people have a bunch of compliant certificates. Yet what has really occurred here? What risk has been reduced?
This is the ‘minimal level of effort’ approach to compliance training. Throw together some external content and throw it at some employees.
What is missing? What could change?
If these two failures are occurring, then it’s hard to consider compliance training a success. Yes, boxes have been ticked and certificates have been obtained. Yet what level of behavioural change is likely to have occurred? What level of change will still be occurring in three weeks? Six months? One year? Probably not very much.
At a high level, the entire approach to compliance is flawed.
The cultural attitude, by both organisation and employee, towards compliance is flawed.
So let’s start there. Let’s consider how we can reframe compliance from a cultural point of view.
- The organisation needs to approach compliance as a cultural issue. C-Suite and Senior Management need to believe that compliance training drives organisational behavioural change which enables employees to behave and act in ways which will benefit all stakeholders. Compliance, in some form, should be represented in organisational values. Links should be established (identified, tracked, monitored, reported, celebrated) between compliance training and organisational outcomes.
- Compliance training should be presented in an organisation’s branding (not just in an external provider’s generic branding).
- Compliance training should be a regular event occurring throughout the year (not just when someone joins or in a mad scramble before year-end).
- The creation of compliance training content should be an organisation-wide responsibility (not solely led by a HR, Training or Compliance team).
- Employees need to see how compliance training improves their work. There needs to be a clear benefit for employees in completing compliance training (not just a benefit for the organisation).
- Compliance training should explicitly discuss workplace or role benefits. It should be made clear how the training can help employees do their work better).
- Compliance training must include discussion of the organisation’s own policies and procedures (not just be discussed in the abstract of legislation or generic scenarios).
- Compliance training must allow for questions from employees to allow them to confirm scenarios or raise uncertainties (not just the answering of quizzes or assessments).
Does all of this require a little more time and effort? Yes, but not much (and certainly platforms like Tribal Habits can simplify this work). It may not even require any additional cost. In fact, it may even result in cost savings if the end result is actual changes in behaviour and actual reductions in risk, not just the illusion of safety from a training certificate.