Compliance & Rule Making
The key component of any compliance program are the internal compliance rules. They are part of the proper organization of compliance manage-ment. Rule making and rule management are two (almost) new terms that started in compliance management and have long since penetrated other corporate functions. But what is behind the terms of rule making and rule management? And what is rule due diligence?
I. Regulatory objectives of internal company rules
Internal rules are management decisions for a variety of use cases. Four regulatory objectives are distinguished:
- Internal rules can set basic values for the management of the company. They thus become part of the internal corporate culture and communication.
- Internal rules can define competences and responsibilities within the company and are then an instrument of company organization.
- Internal rules can regulate internal requirements and processes and then have a management and simplification function.
- Internal rules can constitute and explain legal requirements. They thus become part of the internal compliance awareness and training program.
Internal rules can pursue several of the above-mentioned regulatory objectives.
II. Rule making
Rule making is often freehand, often through the adoption of industry or company standards, more rarely aligned with internal guiding principles (rule culture). This is not necessarily an error from a legal perspective. But if you wish to be on the safe side, you will be looking for a methodical underpinning of rule making. Four phases are distinguished in this regard:
- Project phase. Which of the regulatory objectives stated above are to be achieved? Which legal requirements have to be taken into account?
- Drafting and quality assurance. Are the regulatory objectives being achieved? Does the new rule meet the guiding principles against which the quality of internal rules is specifically measured?
- Adoption process and implementation. Who has the regulatory competence within the company? What is the new rule’s place in the internal hierarchy of standards? In which manner and for whom should a legal obligation be created? How will it be ensured that the internal rule is put into practice?
- Determination of periodic review. Who takes responsibility for ensuring that the internal rule remains up to date?
III. What is rule management?
Rule management describes the measures taken by a company to use the entire body of its internal rules effectively and efficiently. It covers the entire life cycle of internal rules, starting with the selection of guiding principles to ensure the effectiveness and efficiency of internal rules, through rule making itself, the control and management of the inventory of internal rules, the quick and easy availability and measurement of their efficiency, to the monitoring of rule application through spot checks and auditing.
IV. Are there principles of good rule management?
Yes, and an increasing need for this is seen in companies. Quality assurance is no less important in the regulatory process than in other company processes.
V. How can you find out more? What is rule due diligence?
Visit us for a workshop. We present how you can develop the guiding principle for rule making in your company and how we conduct a rule due diligence.
This client information merely contains an overview of the topic it addresses, without liability. It is no substitute for legal counsel. At your disposal with regard to this client information and for further advice:
Dr. Nicolas Ott
Dr. Cäcilie Lüneborg
 Example: “Compliance with applicable laws and regulations applies without restrictions in our company. Bribes and cartel agreements are no means to secure an order. There will be no weighing up of economic company interest and the compliance obligations of the company.”
 Example: “Cash transactions of more than EUR 1,000 are prohibited in our company.”
 Example: “In their activities for our company, our employees may not offer, promise or grant an advantage to any office holder as consideration in return for the office holder undertaking or refraining from an official act in violation of his official duties.