The importance of senior management in building a solid compliance culture within a company cannot be overstated. Even the best compliance program will fail unless top management actively embraces compliance and sets the norm for proactive compliant conduct. Developing and maintaining a strong and ongoing culture of compliance is a key undertaking for any organization subject to NERC regulations, and senior management bears primary responsibility for creating such a culture.
Each company’s circumstances are unique. Smaller companies have more limited resources. There is no template nor one-size-fits-all compliance program. Management must analyze their regulatory risks, create an appropriate combination of measures to ensure ongoing compliance, and determine the optimum investment to make in compliance measures in light of its resources and risks.
In addition to providing adequate funds and resources, there are some common steps that senior management can take to instill a culture of compliance.
Your company’s commitment to compliance needs to include a program with effective compliance accountability as well as periodic review of the program’s effectiveness.
While an aggressive compliance program and strong direction by senior management to
search out and report regulatory compliance issues may result in an increase of self-
reported violations, over time the successful implementation of such a program should
result in fewer violations.
Where there is evidence that the company has adopted effective preventive measures with the appropriate accountability and review mechanisms, penalties for any noncompliance may be reduced or negated.
Review and modify the compliance program frequently.
In addition, these actions make preventive measures more effective, encourage detection and reporting of violations, and should lead to prompt and effective remediation of violations.