Compliance is the art of ensuring obligations are met according to the risks they pose. Businesses in the pharmaceutical industry have a myriad of obligations placed on them by governments, regulators, customers and many other sources. These obligations range from industry specific topics such as manufacturing practices and licensing restrictions to general topics like data privacy and accounting controls. Due to a number of recent scandals in China and elsewhere, the current hot topic for many compliance professionals in the pharmaceutical industry is corruption.
Corruption is generally defined as offering, giving, requesting or accepting bribes or kickbacks, as well as any abuse of power for private gain. The bribes might take the form of an expensive gift or lavish travel and entertainment, and it doesn’t matter what form the bribe takes, as long as it was intended to induce a certain behavior. The function of compliance is then to put policies, processes and controls in place to ensure that any gifts or entertainment that employees do give are not intended to influence the recipient. In any large company, the implementation of these policies, processes and controls needs to be supported by some form of technology to be successful.
Compliance software can be a great solution to some of the problems encountered by compliance officers; however, in order for the software to have a positive impact, a number of common, though significant, issues must first be overcome.
Compliance software can include any technology which is used to aid a compliance officer in the daily running of their compliance programs. The technology itself can range from simple emails and spreadsheets through to an enterprise-wide governance risk and compliance solutions, and anything in between.
Why would a company need compliance software at all? The answer to this depends on a number of factors, including the size of the company and its culture. Take, for example, a program to manage the registration of gifts and entertainment within a company. Implementation of such a program can happen in a number of ways. Assuming that there is buy-in from the board and management and those resources are available, at the cheapest and simplest end, there could be a policy stating that all gifts must be reported to line managers. The policy can be posted on a notice board and training can be provided in a classroom environment so that no further technology is required. The scalability of this simple program could be supported by the use of generic technology, such as emails to announce the policy or a spreadsheet to track training. However, it can be seen that beyond the smallest company with the simplest programs, more technology will be required, and the use of systems specifically designed for compliance will be of greater use than those designed for general office purposes.
While this low-technology-based implementation has a number of advantages (not least of which are low cost and speedy deployment), it also has a number of drawbacks. These drawbacks include difficulty to scale the technology to large numbers of employees in several locations, and a lack of documentation (which is necessary to confirm that employees have read the policy, that they have been trained on its contents and that they are actually following it).
The benefits of using software that has been specifically designed for compliance issues go beyond just scale. The software can also provide advantages in areas such as:
• Speed – the rollout of communications, training, policies and processes can be managed far more quickly via tools that know the user population (via a connection to a human resources system or email address book), which will allow for the easy segmentation of target audiences (so specific instructions can be given to individual groups) and the management of those who don’t respond.
• Cost reduction – using an electronic platform means that more people can be informed of new policies and trained for less cost than in classrooms (although the quality of the training may not be the same).
• Certainty of process – the processes defined in the compliance program can be built into the system, forcing the users to follow a fixed path. This may include keeping messages within the system (rather than email) or building a workflow to ensure that decision-making is always done at the right level and with the right information.
• Monitoring and measuring – the effectiveness of the program can be tracked more easily when metrics can be taken directly from the systems running the program (e.g. determining the number of people who have completed a training program or the number of people who have registered a conflict).
• Documentation and audit trails – the biggest advantage of software solutions is the document trail, which not only confirms that the program is being adhered to, but also means that a compliance officer can easily find previous versions of policies, records of training and information about any registered conflicts and decisions made pursuant to conflicts (which is of great assistance in the event of an audit or an incident).
Once you have established your reasons for the technology, the next step is to determine which functions will allow you to achieve those aims. This analysis needs to go beyond the obvious, “I need a system to manage my gifts and entertainment policy.” You will need to consider the complexity of your overall processes and determine where the technology-based compliance system will start and stop.
The types of solutions needed to manage corruption may include:
• A policy management system to ensure that everyone knows the rules they need to abide by;
• A location for disseminating training and communications about the policy;
• A system to require managers to certify that they have trained their teams and will comply with the policies;