One of the questions I ask when reviewing compliance plans is who carries out a particular role. Often the answer is a person’s name, sometimes a position. But when I ask whether that role is written into that person’s job description or position statement the answer is frequently “No”.

Often compliance roles are supplementary to a person’s operational role.

If a compliance role is not formally allocated to a position or person then it is unlikely to be part of that person’s performance review or assessed as a KPI.

And it is a signal that the function is not important or that records need not be kept.

There is also a risk that the activity will be overlooked.

To ensure that a compliance activity is actually performed it must be reported on and a person must be accountable for it.

The activity can be recorded in a spreadsheet or register but unless the activity, or failure of activity, is monitored the quality of the activity cannot be assessed.

Requiring the activity as part of a person’s position statement ensures that the person is aware of its importance and that it is not merely a “tick the box” exercise.