Enterprise Resource Planning Blogs by SAP
Get insights and updates about cloud ERP and RISE with SAP, SAP S/4HANA and SAP S/4HANA Cloud, and more enterprise management capabilities with SAP blog posts.
cancel
Showing results for 
Search instead for 
Did you mean: 
ThomasJenewein
Product and Topic Expert
Product and Topic Expert

Compliance with regulations or corporate policies has become more and more relevant in the last several years. Among the main reasons are globalization, increasing regulations, increasing multinational laws, regulators requiring more training and assessment, regulators fining more heavily, continued employee turnover, rapid technology change, and the need to remain compliant despite the move to informal learning.

There are examples of high fines in most major jurisdictions. For example, the German Federal Cartel Office (Bundeskartellamt) issued € 505 million in fines in 2011-2012. Fines are highest in the US and in the banking sector, according to a Financial Times article from March 2014. A critical aspect of managing compliance in organizations is, of course, to ensure that the related target groups know and understand the compliance rules and that they can act accordingly to follow them. Only by using technologies such as learning management systems (on-demand or on-premise) and assessment management systems or authoring tools (e.g. to create e-learning courses), organizations can obtain an efficient and effective set-up to deploy and monitor compliance learning.

Types of Learning, Training and Assessments in Regulatory Compliance

- Organization – Imposed training (for example, training employees about internal product standards or code of business conduct). Students are tracked by attendance or course completion.

- Operations – Critical training (for example, the personal safety of employees and customers).

- Regulatory – Regulatory training (for example, training that is specifically required by a government agency or law). Not only does the organization need to comply with the law, it must also train its employees about the specifics of laws and show current documentation that the training requirements are being met.

The business and technology requirements for compliance training can be similar for each category. Usually tracking and reporting, security, and documentation get more complex and rigorous because of organization-imposed or external regulatory compliance. Whether a company or a regulatory agency is mandating what courses employees are required to take, the requirements may be the same.  

Regulatory mandated training is either implied by laws or by certain agencies, institutes, or associations such as the Federal Aviation Administration, the Securities and Exchange Commission, the Federal Financial Supervisory Authority, Institute of Public Auditors (IDW), or the Food and Drug Administration (FDA). When reviewing this taxonomy, remember the following: 

  • Compliance training does not always fit neatly into one of the three categories mentioned previously. Some training may cross categories, depending on the needs of the business itself or the agency governing the regulations.
  • The requirements are, for the most part, cumulative. This means that the characteristics of the first category may also be applied to those in the second and the third.
  • Regulatory compliance is the most important requirement because of the possible legal and cost ramifications.

A few examples of agencies and laws that require stringent training requirements: FDA; OSHA, International Organization for Standardization (ISO); Sarbanes–Oxley Act of 2002 (a US federal securities law that addresses accounting standards; enacted after the collapse of the Enron Corporation); Good
Manufacturing Practice (GMP); l
aws requiring equal rights and forbidding sexual harassment in the workplace, such as Germany's equal treatment law (AGG); anti-bribery laws such as Germany's compliance law (WpHG)FCPA; and data security laws such as Germany's data-security law (BDSG) or the UK-based Data Protection Act.

Compliance Training Target Groups and Topics

Both enterprise managers and employees are affected equally by regulatory training requirements. Compliance training and assessments, however, reaches beyond the enterprise; organizations also need to train their extended workforces along their supply chains. Compliance-training topics include broader areas such as sexual harassment and anti-bribery, which affect all target-groups in a company. Topics also include industry-specific laws that apply only to financial, energy, oil and gas, or healthcare businesses and specific job functions. 

SAP Education is hosting a series of webinars to share best practices on how to use learning technology, what's trending, and how SAP and related partners can help you. They will be delivered by Simone Buchwald, Global Solution Principal for Learning and Talent at EPI-USE, John Kleeman Founder and Chairman of Questionmark and me, Thomas Jenewein, Business Development Manager at SAP Education.

  • German-speaking webinar replay available now: Replay
  • English-speaking webinar replay available now: Replay

You also can review the deatail whitepaper on the topic. If you are interested in further news around this topic please follow this blog-post – we will add further info as time comes. In a second blog post I just described how to support compliance programs with learning technology.

Also your thoughts or feedback regarding compliance training would be highly appreciated – please use the comments section below.