Compliance is a “moving target” that keeps shifting depending on activities in the industry and new enforcement priorities. For instance, the CFPB has announced potential plans to issue a proposal in 2019 to write an implementing regulation for the Fair Debt Collection Practices Act.
Are you ready to make changes in your compliance policies based on this ever-shifting regulatory environment? Will your audits be clean? As you plan and refine your compliance program, use the following checklist to make sure your firm is considering every aspect of compliance:
- Documentation- The core of any compliance program is a proper set of documentation. Documentation not only helps a company in the event of a legal or regulatory risk, it is also useful as training material and greatly helps with audits. For example, your firm probably has strong internal policies for bankruptcy scrubs, but if these policies are not laid out in black and white and made accessible to employees, non-compliance uncovered during a bankruptcy audit may place liability on the entire firm, even if it was due to employee error.
- Document Controls– A well-defined process for document management is as important as the documentation itself. You should define how you plan to review your documents, update and track changes, and distribute the changes to your employees. You should always ensure that staff members is only referring to the latest drafts of the documents.
- Internal Inspection and Testing– Rather than waiting for external audits to uncover problematic issues, a robust compliance program should have a process for inspection and testing. Hiring an external auditor to do a bi-annual audit helps you clean house and avert bigger problems in the future, besides making client audits less stressful.
- Remediating Audit Findings– Small and medium-sized firms struggle to allocate resources to audit and remediation because these are cost centers. The hope is that the small sample size of data during audits will work in the firm’s favour. But this leaves the firm open to serious litigatory risk, should matters come to light. A better solution is to work with an external firm that can not only perform the audit, but also suggest remediation techniques.
- Vendor Oversight– Vendors are an extension of your staff and an integral part of the business. Many vendors also have access to your data or facility, though their access to NPI may be different, depending on their security rating. Auditing your vendors and their suitability to access certain types of information is as important as auditing your internal processes. Due diligence covering their licensing, data security, and practices needs to be done.
- Staff Training & Testing– Are you comfortable with the level of training of staff on company policies and procedures? Regular training and testing can ensure that employees are aware of the latest internal and external regulations. Testing also helps in identifying gaps in training which could create potential risks to the company.
- Have an effective complaint resolution program– On an average, a law firm receives disputes on 8% of their accounts, and complaints on another 4% of their accounts. If complaints are not resolved quickly, consumers typically turn to regulatory bodies. A regulatory complaint not only affects company’s reputation in a negative way and requires more time and attention, it can turn into a lawsuit, sometimes costing the company more than the actual face value of the account
- Document management and compliance activity tracking can be time-consuming and complex processes with significant implications. Consider leveraging technology to help enforce your standards and automate manual tracking to reduce errors. Provana’s IPACS Compliance Management System is one such offering that can give a firm like yours the resources to compete with the leaders of the industry.
You can also take advantage of the Compliance Certificate Courses offered by the National Creditors Bar Association this year.
If you would like to know how your firm stands with respect to your peers in terms of your compliance framework before deciding on attending the conference, or investing in an external compliance system like IPACS, click on this link to fill out a simple form and Provana will send you a compliance benchmarking report.