During Covid 19 working from home has become our new ‘normal’. The pandemic caused the property market to plunge and the online retail market and sale of pyjamas to soar, the latter becoming an accepted standard of dress-for-your-day attire. But online shopping is not the only sector where productivity has improved since the world went into various levels of lockdown. According to a survey conducted by PWC, 95% of employees who switched to remote working either maintained or improved their output*.
But let’s face it, this new normal is far from perfect. Many regulated organisations in the financial sector have had difficulty adjusting to working from home as it makes it harder to supervise traders and other front-line staff, monitor for market abuse, and protect client confidentiality. Professions where transactions require face-to-face identification and authentication have struggled to adapt, and sometimes failing to comply with laws that were created in an age of paper, pen, and ink.
Technology has provided some solutions; namely remote monitoring of communication channels used by staff, as well as electronic signatures and virtual meetings. Whilst these required changes to IT infrastructure, businesses have been left with no choice but to implement these changes.
The greatest area that has affected compliance is the issue of data and privacy. Having employees working from home multiplies the endpoints coming into the system, which in turn multiplies the risk.
The Information Commissioner's Office (ICO) suggests that companies need to have clear policies, procedures, and guidance in place for staff who work remotely. They should cover topics such as accessing, handling, and deleting of data. This does, however, require a certain mindset and compliance culture. Those who work from home must understand the motives behind the processes and that the efficacy of the new policies depends on them embracing new ways of doing things.
Webinars, training and CPD
One of the best and most effective means of controlling and ensuring compliance is a matter of culture. Compliance should be everyone’s business. By arranging webinars, and encouraging staff and clients alike to attend them, a business has the opportunity to train and educate attendees in processes while simultaneously providing a platform for questions and discussion. We cannot ignore the role that learning, and education can play, training is essential to developing a strong compliance culture within a company.
A requirement for CPD points can be a measure of objectives of each employee, but also a means of supervision to ensure teams stay abreast of the latest changes and updates in compliance requirements, especially from a regulatory perspective.
Employee communication and relationships
More than ever before, employees need support, as well as supervision, to ensure the accuracy and quality of the work they deliver. Compliance is still key in this arena and although on-site supervision becomes secondary, a good grasp of team activities is vital to ensure effective oversight. A daily stand-up brings a team together and helps to achieve effective, but not invasive, supervision and accountability for the whole team.
To ensure a high quality of work, communication channels amongst employees must remain open and employee relationships nurtured. This will ensure teams don’t fall apart and staff are encouraged to look to their teammates for support in all aspects of their day-to-day duties whilst working from home.
Business continuity plans reviewed
In 2020, a worldwide shift in governance and business continuity took place. Suddenly businesses understood the importance of a disaster recovery and business continuity plan. Businesses also realised that their current controls failed to consider the vast impact of the change that would be brought on as a result of the pandemic. Not even Insurers, armed with Actuarial Scientists and Product Developers, were equipped to offer the tourism and hospitality industries protection against the losses that were seen worldwide in these two sectors.
Disaster management policies may have made solvency and liquidity calculations considering 3 to 6 months, and even alternative work premises and infrastructure, but no one considered this would continue for over 2 years (and counting) and many were unprepared for the infrastructure needed for employees to work from home. Companies have acted fast in reviewing their plans. But the question remains, have they done enough? Have they considered every possible scenario? The defeat of the most comprehensive compliance plan is that it is only as strong as its first breach.
If you need any advice or guidance for the best way to navigate compliance or data protection needs of your organisation, please get in touch with please get in touch with Nicky Eilers for more information.
This article has been carefully prepared, but it has been written in general terms and should be seen as broad guidance only. The article cannot be relied upon to cover specific situations and you should not act, or refrain from acting, upon the information contained therein without obtaining specific professional advice. Please contact Equiom to discuss these matters in the context of your particular circumstance. Equiom Group, its partners, employees and agents do not accept or assume any liability or duty of care for any loss arising from any action taken or not taken by anyone in reliance on the information in this article or for any decision based on it.
For information on the regulatory status of our companies, please visit www.equiomgroup.com/regulatory