Travel, meeting and expense policies that are well-defined and frequently communicated provide a robust foundation for adherence to legal and regulatory compliance requirements. Compliance in travel, meetings and expense management is primarily itemized into a) policy compliance and b) legal and regulatory compliance. Before an organization can monitor and manage compliance, it must identity the proactive behaviors and processes, and communicate the expectations preemptively before the behavior or process occurs.
Consider these conundrums:
- A client wants to ensure that senior vice presidents or leaders with titles above that level sign all contracts. Yet, the reluctant procurement leaders prefer not to mandate their meeting policy nor communicate it thoroughly because these activities may deter employee morale.
- A client needs to monitor travel costs and identify traveler whereabouts. Yet, the leaders allow unrestrained travel bookings through unmonitored processes because the leaders do not want to dissuade creativity through imaginary boundaries.
Dichotomy set aside of these true stories, some organizations do not believe that travel and meetings should be compliance-driven as part of its responsibility to maintain financial controls and manage risks. Curiously, leaders of cash cow organizations tend to abolish the proper management of indirect spend categories that seem to operate fine "as is."
For those leaders and organizations that recognize that T&E spend and meetings requires policies and compliance to maintain financial controls, consider the use of the SCG C6-step© process to develop your compliance strategy:
1. Identify and Categorize compliance requirements: What behavior, process, or risk do you want to monitor and manage compliance to? Are there risks that could be exposed without the compliance? Brainstorm the risk exposure to non-compliance in the SCG© seven risk categories of strategy, reputation, operations, regulatory/legal, information technology, market position, and financial impact.
2. Chart and rank compliance requirements: What level of risk is estimated for each of the identified risks? Is the compliance requirement a high risk with a high likelihood of occurrence? Medium or low risk? Create a risk impact graph to map and rank the risk exposure which will provide you with the roadmap to risk mitigation and compliance plans. For example, an organization may recognize that there is a high risk and high likelihood that unmanaged meeting contracts do not include the organization's required business terms. Legally, this could affect the outcome of litigation should an incident occur.
3. Create proactive Controls: What can be put in place to proactively mitigate risks so that compliance will be achieved? What policies need to be developed or improved? For example, if standard contracts or addendums include the organization's business terms, put policies and processes in place so that sourcing and contracting activities use the standard contracts or addendums without allowing for misdirected contracts.
4. Use Change management to drive adoption to policies and processes: What types of change management, education and communication activities are required to bring awareness to the compliance requirements? For example, use numerous communications mediums to educate everyone on using the standard contracts or addendums.
5. Collect data before and after the meeting for thorough reporting: What types of data intelligence do you have? From what systems or processes? How can data be collected before non-compliance occurs? For example, is it possible to obtain forecasts of upcoming meetings and ensure that the standard contract or addendum is used which would reduce risk exposure? How can data be collected after the meeting occurs? For example, is it possible to poll suppliers and/or budget holders for meetings that have been held that did not use the standard contract? Is it possible to use this data to report non-compliance to business leaders? Data intelligence, through metrics, provides reactive policy monitoring such as highlighting the employees who failed to use the online booking tool, spent more than what is deemed "normal" in restaurant expenses, or ignored the lowest airfare.
6. Determine Consequences for non-compliance: What will be the consequences for non-compliance? Are fees imposed for regulatory non-compliance? For example, if a meeting budget holder does not use the standard contract or addendum, will the issue be escalated? Are there tiered consequences for repeat offenders? Consequences for non-compliance may include warnings, non-payment of expenses, or termination.
For example, if an organization wants to:
- Ensure that employees use the preferred travel booking method, then it could communicate these expectations, enforce the travel policy, audit expenses, and impose consequences for non-compliance; and/or
- Limit its spend per day, per person, per meeting, then it could communicate these expectations, enforce the meeting policy, audit meeting spend, impose consequences for non-compliance, and add controls to its meeting management technology to alert meeting planners when the costs exceed a predefined amount.
Codes, Codes, Codes…
Selecting suppliers fairly through the use of request for proposals and evaluation scorecards fulfills some of the Sarbanes-Oxley guidelines. In the pharmaceutical and medical devices industry, additional requirements are necessary so that the organizations abide by the PhRMA or AdvaMed code or other codes based on country requirements. The Physician Payments Sunshine Act reporting requirements will begin soon.
In the financial and insurance industry, additional requirements may be necessary based on the Dodd-Frank Wall Street Reform report and the Consumer Protection Act. The report came out and recommended that uniform fiduciary standards are appropriate for the industry but they have not been passed yet. However, organizations are preparing by getting their meeting/event strategy, processes, and technology in order now.
If you and your organization need to create, update or audit your compliance strategy, contact me. Look for the upcoming BTE November article on compliance, with interviews with key leaders, at Business Travel Executive. For other BTE articles on Strategic Meetings Management, search for "Scholar" in the site-wide search box.
A BIG THANK YOU to all of the meetings and travel leaders who continue to support me through the T&E blog, LinkedIn groups, client engagements and most important, your friendship.
Thank you for visiting the T&E Plus Blog on expense management, travel management, business meetings, events, incentives, strategic meetings management, entertainment, virtual meetings, tickets, hotels, airlines, ground transportation plus more...
Debi Scholar, GLP, CMM, CMP, SSGB, CTE, CTT
• Author, Strategic Meetings Management: The Strategy Quick Reference Guide (2011)
• Meetings Management Mover and Shaker as selected by Corporate and Incentive Travel Magazine (2010)
• Top 20 Changemaker who influenced the meetings management industry by Corporate Meetings and Incentives (2008)
• Best Meeting Practitioner as selected by Business Travel News (2007)
*Debi is proud to be a regular contributor to Business Travel Executive Magazine.
*Debi is proud to be one of only seven 2011 Editorial Board members for Hotel Business Review at http://www.hotelexecutive.com/ for Conferences & Meetings.
*Debi created two LinkedIn groups (GBTA SMM and T&E Plus) that now claim over 2,000 worldwide members combined.
Visit me at one of my upcoming speaking engagements; Topics vary per conference
Some sessions include components of SMM Bootcamp© and/or SMM Challenge©
November 9 – NJBTA and ISM joint meeting
December 1 – EMC Venue’s MEET
January – PCMA
March – Meetings Technology Expo