Nicole Rose is CEO of Create Training. She merged her 20 years of experience as an international Compliance specialist, trainer and lawyer with her love of art and storytelling. Nicole went from working for leading law firms to leading multi-nationals as a lawyer and compliance specialist to delivering compliance training to thousands worldwide. Create Training’s animated training are used by The Basil Institute, Trace International, City of London Police and a host of companies including Rolls Royce, Rio Tinto, Oxfam, Wesfarmers, LinkedIn and Airbus. Nicole regularly writes for leading compliance publications such as The FCPA Blog, the SCCE and Ethics Intelligence and also her own blog, Ethics Corner.
Compliance Microlives – Part 3
Please see the full list of activities with loss and gain of CMLs.
Activity | Loss or increase of CML per week or per instance | Annual increase or decrease | Lifetime increase or decrease |
1. 5 minutes of compliance training or engagement or activity once a week. | 2 CML per instance | $1,248 based on 5 minutes of training per week | $49,920 (more than a year’s net income) |
2. Engaging a third party with appropriate due diligence | 14 CML per week they are engaged (based on 2 CML per day) | $8,736 per third party per year.
Assuming the average engagement is 3 per year, that’s a saving of $26,208 per year. |
Taking an assumption of 3 engagements per year over a 40 year period, that’s $1,048,230 (nearly half of the average lifetime salary) |
3. Engaging a third party agent without due diligence | – 2 CML per week they are engaged | – $8,736 per year.
Assuming the average engagement is 3 per year, that’s a loss of – $26,208 per year. |
-$1,048,230 (see 2 above) |
4. Regularly updating due diligence of existing third parties | 2 CML per week | Taking presumptions of 2 above, that’s $26,208 per year. | Taking presumptions in 2 above, that’s $1,048,230 |
5. Recording benefits | 20 CML per instance | Let’s assume that people need to record 5 benefits a year, that’s $600 | $24,000 (more than half a year of net salary) |
6. Not recording benefits | -200 CML per instance | I have greatly increased the loss of CMLs than I added in 5 above, as usually when people don’t record they have something to hide. Based on not recording 5 times a year that comes to a whopping -$12,000 | -$480,000 (around a quarter of lifetime earnings) |
7. Working in foreign territories | -2 CML per week | Based on people who travel working abroad 18 weeks a year, this amounts to
– $432 |
– $17,280 (this figure can easily be negated through training in 1 above) |
8. Managing a large group of people in different territories | -2CML per week | – $1248 | – $49,920 |
9. Reporting incidents | 200 CML per instance | $2,400 | $96,000 |
10. Not reporting incidents | -2000 CML per instance | -$24,000 (I have increased the loss by 10 fold from the gain on the basis that someone who does not report is more likely to have something to hide – plus not knowing about the risk increases the risk significantly). | -$960,000 |
11. Sharing confidential files on non-network computers | -2 CML per instance | Assuming that someone who shares files once, will do it a number of times in a year I have used a multiplier of 240 (i.e. days people work per year) to get -$5760 | -$230,400 |
12. Working with Government officials | -20 CML per week per official | – $12,480 | Based on working with a Government Official over 50% of work life: -$249,600 |
13. Working in any kind of sales or procurement role | -2 CML per week | – $1,248 | – $49,920 |
14. Permanently working in remote jurisdictions away from head office | -10 CML per week | – $6,240 | – $249,600 |
Please let us know your thoughts @ Contact Us.
Compliance Microlives (CMLs) – Part 2
In Part 1 of my article, I proposed that we consider compliance risks using the concept of Microlives (the way that we can measure health risks and benefits over a life time). I have put together a lifespan activity calculator based on this concept and here is my case study to demonstrate how to monetize the costs and benefits of compliance:
- A professional career lasts an average of 40 years, around 2,400 hours a year.
- This is nearly 100,000 hours in a typical work lifetime.
- We can then measure each activity as an increase or reduction in a longevity of a business or revenue in 30 minute intervals (‘Compliance Microlives’ or CMLs).
- Then, let’s estimate an earning of $60,000 per year ($2.4 million over a 40 year period) and turn these CMLs into monetary amounts. A loss or gain of 1 CML.
- $2.4 million divided by 100,000 hours amounts to $24 per hour. That‘s $12 every CML (or 30 minutes) that we win or lose based on compliance activities.
Below is a snapshot of annual risky activities and mitigators and CMLs. I have allocated CML losses and gains for each activity as well as annual and lifetime losses and gains:
Activity | Loss or increase of CML per week or per instance | Annual increase or decrease | Lifetime increase or decrease |
1. 5 minutes of compliance training or engagement or activity once a week. | 2 CML per instance | $1,248 based on 5 minutes of training per week | $49,920 (more than a year’s net income) |
2. Engaging a third party agent without due diligence | – 2 CML per week they are engaged | – $8,736 per year.
Assuming the average engagement is 3 per year, that’s a loss of – $26,208 per year. |
Taking an assumption of 3 engagements per year over a 40 year period, that’s -$1,048,230 (nearly half of the average lifetime salary) |
3. Reporting incidents | 200 CML per instance | $2,400 | $96,000 |
Whilst the figures I have produced may not be accurate, the principle is a sound one: money talks. If we can monetize it, we can measure it.
There are 14 activities with CMLs that I have developed. Watch out for the full list in Part 3! Wishing you a profitable compliance lifespan.
How to make Compliance Risks sexy – Part 1
Chronic risks and long-term benefits are definitely not sexy. How many people will take cold tablets when they’re ill but won’t take vitamins when they’re well? How many people will go on a diet to lose weight rather than eat in moderation routinely? As we know, there is a multibillion-dollar diet industry that shows that people prefer to diet quickly rather than have a long term sensible eating plan. The same concept applies with compliance. How many companies will invest in brilliant multifaceted compliance solutions and prevention methods after a large investigation and telephone number fine compared to those who have not been on the receiving end of an enforcement notice?
Helping people to see their work lives through the same eyes as their home lives helps learners to relate to compliance messages. E.g. if our children ask if it’s ok to bribe their teacher to mark them an ‘A’ with the justification that ‘everyone is doing it’ we would probably want to have a word or two with their teacher. Applying the same concept at work (i.e. not bribing to receive the contract) then becomes a more ‘relatable’ conversation.
Personal compliance risks measured through ‘Microlives’
Connecting compliance at work to our own personal compliance (i.e. our health) is also something that people can relate to. So I was delighted to come across the work of leading biostatician, David Spiegelhalter, who developed the concept of ‘Microlives’. This concept makes chronic health risks comparable by showing how much life we loose on average when we’re exposed to certain activities or circumstances. Here’s how it works:
- Our adult life is calculated as 57 years, which is 1 million sets of 30-minute activities.
- Activities such as exercising, watching TV, eating certain foods and being overweight are assessed in terms of what it costs or gains you in microlives.
- Smoking 20 cigarettes a day, can cost 10 microlives a day or 7 years of life based on a continual adult habit. Whereas being 5 kg overweight can cost 1 microlife or 30 minutes of your life per day.
As with any kind of statistics, this is not a precise consequence of each cigarette smoked or TV program watched: it comes from accumulating the effects of a lifetime of behavior and averaging it over a whole population. However, it is not the accuracy of the information I am interested in, it is the fact that the activity can be measured and compared.
We normally look at compliance risks in terms of legal, financial, reputational and operational risks. But what if we looked at compliance risks in an entirely different way? How about if we monetized the loss or gain of each of our daily compliance activities or non-activities?
Read Part 2 of this article to see how I have done this.
Risk to Role Training – the Cure for Compliance Testing!
At School we became so used to testing that it became second nature. Short testing every few weeks was a great way to prepare us students not just for the exam, but for the deep understanding needed to apply the topic in practice. What teachers did not do, however, was to finish each lesson with 10 short questions about what had happened in the 45 to 90 minute lesson we had just attended. That’s because teachers know that this would interfere with our ability to learn. Educator and biologist, James Zull, explained that our brains learn in a four-part cycle in the following order:
- ‘Gathering’ raw materials in the form of vision, touch, position, smell and taste.
- ‘Reflection’ to pause, digest and search for connections to integrate the information received with existing knowledge.
- ‘Creating’ knowledge in the form of ideas, plans and concepts. This is far more than just receiving information; it is manipulating the information in our memory to create new relationships and meanings.
- ‘Active testing’ by converting mental ideas into actions such as reading, explaining and talking.
Nowhere in the middle or end of this cycle is a short test. Not only can questions be a hindrance rather than a benefit but they can also be used to hide poor training if questions are used to break up the monotony of the training or, worse, test that the learner was present. In this case, the issue becomes more about the quality of the training than the genuine need to test.
Some people also prescribe to asking questions before the training begins to ascertain a learner’s knowledge. This can be useful but also comes with it’s own set of problems. Compliance is not a technical topic; it’s a behavioral topic. We all know that it is wrong to bribe, bully, harass, take risks and the countless other acts that may breach the law. But it still happens with surprising regularity.
Good compliance training is not about teaching people about what they can’t do; it’s about helping people to understand the topic in the context of their role and the environment that they work in.
The only time I love to use questions is when they are about someone’s role. In this regard, I’m an advocate for ‘risk to role’ training that meets the risk profile of its learners’ roles rather than their apparent knowledge. This allows learners to feel more like an individual, saves the company time and enables Compliance to demonstrate to their Board and the Regulators that the training is relevant both to the risks of the company and people’s specific roles.