Our Tools

Code of Conduct development

A properly assembled and distributed code of conduct is the single most effective part of any compliance and ethics program.  The code serves as the primary means by which an organization communicates its commitment to ethical and legal conduct to its employees, as well as its various external stakeholders, such as vendors, customers, agents and shareholders.

The code creation or revision process is a daunting task and can quickly become overwhelming without proper planning and knowledge of the issues at hand.  We can help write or update your code to ensure it provides effective guideposts for behavior; to enable employees to quickly recognize when to seek guidance, to encourage them to report concerns and provide various avenues through which they can do both.  Let us put our knowledge and expertise to work for you in crafting a code of conduct that demonstrates commitment to responsible, ethical business behavior.

Policies, procedure development & updating

Governance, Risk Management, and Compliance require development and implementation through appropriate policies and procedures.  We can help you to write and define policies and procedures that explain key statutory provisions and risk areas, provide guidance on permissible behavior, and are tailored to specific operating risks.  Further, we are uniquely qualified to assist you in implementing such policies and procedures seamlessly into your day-to-day organizational environment.  Given that legislative changes, international treaties, court rulings, and agency regulations are in a constant state of flux and change, we stay on top of these developments, and update your organization on these changes as they occur, and how they effect your operations.

Training and Communications

Governance, risk management and compliance must be implemented as part of an organization’s “DNA,” thoroughly embedded in its day-to-day practices. All of these activities work together and require the participation of an organization’s management and employees. Implementation requires effective training.  Training should be held frequently, systematically and pervasively.  The instruction should reach all directors, officers and appropriate employees.  We offer detailed, informative, and interesting training programs that will educate and train management and staff on legal requirements, regulatory codes and ethical standards. Training is customized for your particular industry,  your organization, and your target audiences, including determining the right mix of live and web-based training and timely updates. Case studies, hypotheticals and examples are tailored to the function or department so the message is topical and familiar.


Compliance Helplines:  These provide an avenue for employees and others to report serious concerns or violations, perceived or known.  We help you define scope of service and protocols for compliance calls/website intake as an integral component of your compliance program in order to assist with the detection and resolution of reported concerns.  We also help you evaluate the information you receive from the Helpline to better evaluate the effectiveness of your compliance program and identify particular need training or other intervention.

Risk assessments

“Risk” is defined as an uncertain event or condition that, if it occurs, would have a positive, negative, or unclear effect on the entity in question. The key element of risk is its uncertainty, so in order to manage risk, organizations must proactively engage in a process where risks are identified and analyzed, and where a strategy is developed to mitigate them. This process is commonly known as “risk assessment.”

In an era of heightened expectations for proactive corporate governance, institutions are increasingly looking to develop effective risk assessment procedures that address regulatory requirements; to prioritize compliance program initiatives and spending; to provide a roadmap for improving compliance programs; to reduce the likelihood of any material violations of applicable laws and regulations; and to demonstrate good-faith compliance efforts in the event of civil or criminal proceedings.

We can help you:

  • evaluate, quantify and prioritize legal and/or ethical misconduct and compliance risks specific to current organizational operations;
  • To support arguments for planning and implementing robust compliance and ethics programs, including comprehensive training and oversight;
  • To develop risk mitigation plans, including corporate policies and controls;
  • To align an organizational compliance program with best practices;
  • To develop a benchmark for ongoing risk assessment and measurement of the program’s effectiveness;
  • To prioritize compliance budget spending by identifying those areas most in need;
  • To modify and improve compliance program components, effectively reducing risk and decreasing the likelihood of criminal conduct.
Third party risks & due diligence training

Due diligence is often cited as a ‘must have’ for any compliance program but the exact components of a successful due diligence program are rarely spelt out by regulators. This often leaves compliance professionals in the ‘no-man’s-land’ of knowing they have to do something to check the background of their international agents, vendors and distributors and other third party representatives – but not sure what this actually entails.

We help you define an appropriate risk-based methodology, assess the tools to undertake due diligence, implement these within the organization, understand how to respond to identified “red flags.”

Compliance audits

Compliance programs that are not monitored are generally not very effective.  Monitoring means undertaking compliance audits.  The purpose of compliance audits should be both to audit for compliance with the various elements of the organization’s compliance program and to test for substantive compliance by seeking to identify potential violations or “red flags.” Audits also often uncover new risks not previously seen or fully appreciated. In this way, they act as part of an ongoing risk assessment process.

We can help you create an effective compliance monitoring program based on risks, addressing areas of elevated risks faced by the organization and testing the controls in place to mitigate such risks.   We can also provide guidance, training and advice in anticipation of external audits conducted by third parties.