As a UK vendor of compliance software I get increasingly annoyed at how most news worthy articles I read on the web referring to compliance and regulations constantly refer back to US legislation.
Its almost as if the UK does not have to comply to legislation. Certainly the "does not live here" attitude from many UK Compliance Managers I meet should consider the more subtle British way of introducing change.
I wrote in my blog of 30th September that the onus of responsibility has changed in the UK for Health and Safety issues. Indeed, not only are line managers more accountable for health and safety issues, the concept of innocent until proven guilty in a legal situation appears to have shifted to that of prove you have complied.
Irrespective of the lack of legislation within the UK towards Corporate and Information Governance the trend is toward individual responsibility,but when does responsibility become culpability.
Back in the early 1970's VAT was introduced to the UK. Suddenly, all those business owners who traded over the stated threshold became instant tax collectors and responsible for completing quarterly returns and submitting these along with the tax collected. Anyone to this day who does not carry out this function is liable to receive fines and possibly a custodial sentence if deemed appropriate. Is this a responsibility or culpability?
Fast forward to the changes in the UK licencing regulations in the middle of this decade. Each licensed establishment is now required to assign a designated premises supervisor who holds ultimate responsibility for the running of that premises. This includes health and safety, enforcing anti social behaviour laws and bye laws both within and immediately outside of the designated premises, non smoking rules, stopping under age drinking, stamping out drug abuse, etc.
These are not bad things to try to address but when does the responsible bar owner go from being responsible to culpable.
More importantly for this article when does the law support those responsible rather than use them to apportion blame and liability when it comes to issues involving legislation and Corporate Governance.
How can an organisation and individuals working within those entities ensure they are acting responsibly and endorsing policies and procedures rather than appearing culpable to a wider audience.
The answer lies within the such legislation as Sarbanes Oxley, Basell II, HIPAA and the like all be them US law. All these acts were delivered to help support the use of properly managed processes, probably utilising technology to show good corporate practice within each Acts specified area.
Rather than review such news items that quote US legislation with an attitude of "it does not fit here", personnel operating within UK organisations should consider the shift of emphasis in this country from "innocent until proven guilty" to "proof of compliance".
The use of technology really can make a difference and I am particularly proud to sell jComply our policy and procedure management solution. This application is designed to support all people within an organisation understand, meet and then deliver responsibility be it in health and safety, information security, corporate governance or best practice.
Visit http://www.jcomply.com/
