Risk mitigation: 5 creative ways to build a compliance culture
Posted on May 02, 2019
In today’s corporate climate, reputation is everything – as some of the biggest names in business have learnt to their cost. Whether it’s data and cyber breaches, inadequate health & safety policies or poor workplace ethics, no one’s too big to see their reputations crash to the floor. Hefty fines have been dished out in high profile cases, but the greater loss is the damage to reputation and the knock-on effect for business.
Incidents such as these do nothing to dispel widespread public concern. In the UK, only 34% of people trust organisations with how they store and use their personal information (ICO).
The introduction of GDPR has further put the spotlight on organisations and suddenly, compliance has gone from being a box-ticking exercise to a business differentiator.
Your people are your firewall
Detailed analysis of security breaches reveals that people are the biggest vulnerability for organisations. No wonder Elizabeth Denham, the UK’s Information Commissioner, has stated: “Staff are your best defence and greatest potential weakness – regular and refresher training is a must.”
Training staff, and keeping the training up to date, should be the number one priority in transforming the weakest link into the strongest firewall. Sadly, however, many compliance training programmes are missing the mark. Research by Towards Maturity on global compliance programmes found that 56% of businesses cite user engagement and 46% identify dull and boring content as barriers to compliance training success.
With the threats constant and evolving, managing risk has never been more complex, and a fresh approach to compliance training is clearly needed.
5 ways to transform compliance in real life
Sponge created a game specifically to help employees understand and apply the new rules on data protection. GDPR Sorted is a fast-paced, engaging game that embeds the core principles of the EU’s data regulations. It has been used by the employees of companies in 26 different countries, with high engagement and completion rates. At leading delivery brand DPD, there was 90% completion within four weeks, cutting the risk of data breach by employees and helping to keep the company safe.
The UK’s pre-eminent postal organisation, Royal Mail, is using interactive 360° VR to deliver dog safety awareness training to its postmen and women. Real life stories and scenarios are used in the immersive and experiential learning, which harnesses latest technologies in a cost-effective way.
Supermarket brand Tesco wanted to roll out a global compliance programme that was more effective, engaging and relevant to its employees than previous training. The aim was to embed compliance behaviours across the workforce. A campaign was built around bite-sized modules to make the learning more focused and memorable. The learning achieved unprecedented levels of engagement among thousands of employees in 11 countries.
Global biopharmaceutical firm AstraZeneca used digital interactive learning to embed an ethical culture into the company’s DNA. The learner-centric approach conveyed key concepts through video scenarios that prompted an emotional response in employees, regardless of where they worked in the world. Results: 90% felt very or extremely engaged with the learning and 86% felt their understanding of AstraZeneca’s values had increased or greatly increased.
From boring to brilliant … Southern Health NHS Foundation Trust used gamification to transform its compliance training for 7,500 health staff across multiple locations. Responsive elearning modules brought 13 compliance topics to life and delivered the learning to fit in with each employee’s shift patterns. The learning wasn’t just engaging, it also saved £1.5m in efficiencies and saved 12,000 hours.
Get creative to cut the risk
For a lasting compliance culture, companies must ditch training that fails to engage staff. What’s needed is relevant and inspiring learning that uses the latest techniques and technologies so that employees want to do it. Then, keep the learning going with continuous reinforcement.
Risk mitigation, done creatively and effectively.
You may also be interested in
With the escalating cyber threat to financial services companies, we look at why cyber security training for the general workforce is increasingly important.
We explore how changes in consumer technology over the past 15 years have contributed to the emergence of a new type of learner. What are the implications for the future of workplace learning?
Hear how creative compliance training has engaged over 60,000 AstraZeneca employees in more than 100 countries, so that they are living and breathing the company’s values.
Join the Sponge team
Great people are fundamental to Sponge. We employ many industry-recognised leaders and are busy growing the next generation of leaders. We don’t just look for talented people who can do a particular job – we look for people who share our passion and values.Read more