Being directive in compliance communications may prove counterproductive. Image: Shutterstock

Friday 19th February 2016

Comply or die

Make your compliance communications more engaging and everyone wins, say experts

Typically, compliance projects aren’t good news for anybody. Deliver one, and you’ll probably feel like you’re grinding the life out of your people. Receive one and you’ll probably feel like you’re being repeatedly socked around the head with a rulebook – the 700 page hardback edition.

Well, things are changing. Chris Barrington is a director of the London-based agency blue goose. He’s recently implemented compliance communications for organisations such as Barclays, the Bank of England and UBS. He believes overly directive approaches to compliance aren’t just ill advised – they’re actually likely to be counter productive, heightening rather than reducing organisational risk.

Chris Barrington

‘It’s wrong to believe risks can be managed by mandating employees, often solely through e-learning, to follow rules, standards and regulations,’ Barrington says. ‘The result is that compliance becomes a game of beating the system – passing the ‘test’ with the least possible effort.

‘The likelihood is that these communications contribute to a culture that is actually more likely to result in non-compliance and breaches. Where directive interventions take hold, breaking out of that mindset and moving beyond a tick-box mentality can be difficult.’

Hmmm. So if sitting people down in front of a computer and getting them to tick boxes might actually result in greater risk, how should we be doing it?

Engage to succeed

‘What’s surprising to me is that HR, learning professionals and vendors haven’t done more to shift compliance training along the engagement continuum,’ Barrington explains. ‘Particularly, to shift it away from so-called e-learning. Compliance training has done much to damage the credibility of e-learning, and in turn damage the reputation of many organisations.’

In other words, be very suspicious of off-the-peg compliance training software – particularly if it recommends a one-size-fits-all solution for the whole organisation. And as a project deliverer, think less about black-and-white adherence to policy­, and more about encouraging decent understanding through techniques such as discussion.

‘Shifting towards engagement, including encouraging discussion, increases levels of commitment to the compliance initiative,’ Barrington adds. ‘It also increases the chances that should a compliance breach occur, employees will themselves make management aware of it.’

He isn’t the only expert to make this call. Angela Sasse is Professor of Human-Centred Security at UCL. She sees challenges all around compliance – for example, organisations often give individuals conflicting compliance directives, line managers usually dump compliance if it stifles productivity, and e-learning is often erroneously used by organisations to try to shift responsibility onto the workforce.

Sasse wholeheartedly agrees with Barrington that communication must be engaging. ‘Most people aren’t sociopaths,’ she says. ‘They want to be good organisational citizens. And they can be engaged, especially if you point out that good compliance is a matter of good professional competence – a positive thing in line with their values.’

Share the benefits

Jonathan Bowdler, the UK Head of Compliance at the International Compliance Association, says: ‘Telling people the do’s and don’ts is fine as far as it goes. But if you don’t explain why they’re the do’s and don’ts, is the recipient really going to give the communication the attention it deserves?’

Dr Shelley Reciniello

Chris Roebuck, Visiting Professor of Transformational Leadership at Cass Business School in London, agrees purely directive interventions aren’t ideal. ‘Demanding that people do what they are told suggests organisations see their employees as naughty children,’ he says. ‘This breeds a compliance culture more about ticking boxes than genuine responsibility. If organisations engaged their employees as intelligent, trusted staff, who they’re asking for help, they might find employees care more and will be more proactive in these areas.’

Dr Shelley Reciniello is a US-based workplace psychologist, expert in how the unconscious can influence employee engagement. ‘When compliance gets passed to overworked, stressed out employees, usually by legal or IT types who often know less about the actual business at hand, eyes become glazed over and compliance is not good,’ she says. ‘It’s easier to get people to comply with things that make sense.’

‘How’ as well as ‘what’

So, what does good look like, compliance-wise?

‘My experience is that what many organisations say in their compliance communications is often very similar, but how they communicate around those issues varies significantly,’ says Barrington.

Barrington says that the obvious starting point for improving compliance communications is to go beyond simply telling employees to follow rules, standards and guidelines. This might include building trust in employees to make their own decisions, introducing an emotional level to understanding, aligning compliance to wider organisational culture and generally promoting the benefits of compliance, rather than just discussing compliance itself.

In short, says Barrington, practitioners should be ‘combining learning and engagement to create a comprehensive integrated campaign focused on behavioural change’.

This approach can work on a deep level, insists Reciniello. ‘Behaviour only changes in fundamental and long lasting ways when we stop treating human beings as animals or machines.  When you give people a rationale that they have helped to create and that they can value and participate in and not make doing so onerous and depleting, then you will have compliance.’

On a practical level, as compliance communications are often competing with other internal messages for employee mindshare, they need to stand out.

The Barclays ‘Consequences’ book

When Barclays wanted to improve employee compliance in information risk management, blue goose produced Consequences, an anthology of stories, essays, poems and cartoons from a range of well-known authors about the  behaviours that lie behind protecting information in society (pictured right, and below).

The book was the basis of a broad engagement campaign, with book launches, themed roadshows, awareness days, team discussions and podcasts.

Intelligent blending

In short, Barrington says, employers really need to think beyond e-learning packages and apply some of the smarts they apply to other communications.

The Barclays book launch

‘Think about how to intelligently blend messages with media across multiple platforms,’ he suggests. ‘ Consider on-line learning, but complement it with practical workshops, how-to videos, explainer animations, podcasts, blogs, gamification through quizzes – all supported by compelling creative.’

Perhaps when all this is done, you’ll have an organisation that isn’t just prone to few compliance risks, but also has a smarter, more productive cohort of employees, too.

About the author

Andrew Baird

Andrew is the CEO of HRville. He is also Employer Brand Director of Blackbridge Communications, Editorial Director of Professionals in Law and an associate of The Smarty Train. Previously, he was the MD of TCS Advertising.