The role of disclosures in risk ...
The role of disclosures in risk assessme...

The role of disclosures in risk assessment and mitigation 

An effective disclosures management program is critical for regulatory compliance – and building a culture of trust

Noshin Khan Senior Compliance Counsel, Ethics Center of Excellence

clock5 Min Read

Featured Image

Conflict of interest (COI) management is vital to an effective ethics and compliance program – and the success of your COI management rests in the hands of your employees.

In a recent webinar hosted by OneTrust, a panel of ethics and compliance experts discussed how to develop a holistic disclosure program, strategies for including disclosures in risk assessments, and using these practices to meet regulatory obligations.

Keep reading for a summary of their engaging discussion, where you can expect to learn:

  • What a complete scope of disclosures includes
  • How to use disclosures as a tool for risk management and regulatory compliance
  • Why it’s important to engage employees and help them understand the importance of disclosures
  • How technology and disclosure software help with scaling these processes

Conflict of interest disclosures

Disclosure in the field of ethics and compliance is an act of sharing information about a potential, perceived, or known conflict where personal interests can impair an individual’s judgment, action, or decision-making in their role.

COI disclosures are primarily concerned with gifts, hospitality, travel, personal relationships, personal financial or business interests, lobbying, and anti-boycott activity. An effective COI program will identify and mitigate these organizational risks through effective employee engagement, analysis, and periodic review.

The COI program must apply equitably to the entire organization to be effective. Exceptions to the policy create an ethical gray area.

The ideal outcomes of a disclosure management program include creating a strong culture of trust, facilitating effective communication, streamlining the integration of ethics into business, and managing material risks to the company.

But there are also several challenges to implementing a good disclosure management program: Having the right policies and processes in place, developing an effective training and awareness program targeted at employees and managers respectively, and finally, getting employee buy-in.

Using disclosures to manage risk

Disclosures data is key to an effective risk management strategy.

When implemented effectively, disclosure management helps companies identify risk before it becomes misconduct. A proactive approach to this work helps teams promptly mitigate the associated risks. It also helps teams understand the ethical health of a company and aids ongoing risk assessment efforts.

To leverage disclosures as a risk management tool, you must institute a robust COI policy that clearly defines the boundaries surrounding disclosures, including:

  • How to identify a COI and what are the types of COI an employee could face
  • Who are the stakeholders in disclosures management, and what are their roles
  • When a disclosure is required
  • What is the process and workflow to make a disclosure
  • Consequences of violating the policy

The COI program must apply equitably to the entire organization to be effective. Exceptions to the policy create an ethical gray area that strays away from best practices.

Implement a concrete framework that allows oversight of employee disclosures and data points for a proactive strategy. Follow-up actions may include policy enforcement, mediation, and regular policy revisions to improve program effectiveness over time.

How to engage employees to generate more disclosures

Communication and training are vital to receiving accurate disclosures from employees and driving stronger engagement with your ethics and compliance program globally. Consistent COI training makes it easier for employees to identify and report actual or potential conflicts of interest through the appropriate channels.

Ensure that leaders and managers set a high standard for ethical behavior in all professional situations. Remind employees about their disclosure obligations through common channels, such as newsletters and company chat apps.

Perhaps the most common barrier today is the disclosure submission method – but this should be a frictionless experience for employees. User-friendly disclosure software supports strong engagement. Make the portal accessible through a centralized location and allow employees to submit and update their responses at any time.

Creating a healthy speak-up culture is essential to the disclosure process, too. Often, using your helpline to manage disclosures leads employees to inadvertently align disclosures with wrongdoing, and ultimately discourages employee participation due to fear of retaliation. Be sure your COI program doesn’t place employees in a defensive position and remove intimidation from the process to help employees be proactive and candid with their disclosure responses.

How to use disclosures to meet regulatory requirements

Disclosures are a critical tool for meeting regulatory requirements. As the regulatory landscape is complex and varied, a disclosure management strategy will look different across industries, geographic locations, and business types.

An analysis of the industry and regulatory landscapes that apply to your business should form the basis of your disclosure management program. It will help your team understand how exactly to build your COI policy and, just as importantly, how to educate your employees in accordance with applicable laws.

Each industry has its own legal obligations, creating unique risks and challenges for every business. For example, consulting companies performing lobbying services will require different disclosure management training and communications than a digital ad agency partnering with third-party production vendors.

The location(s) where the business operates also matters significantly. Different countries feature diverse anti-corruption, labor, and conflict-of-interest laws that may look different from where your headquarters is located. Don’t expect employees to know these differences independently, even those who regularly travel for business. Ensure your employee communications and training program covers regional requirements to drive compliance with external laws.

Build an effective COI management program 

COI management software supports strong employee engagement, increases COI compliance, and helps the ethics team effectively mitigate risks. An integrated platform allows users to painlessly input data anytime, scaling disclosure management efforts, and giving ethics and compliance teams a complete, up-to-date view of COI risks.

Download the eBook: Design and implement an effective COI program with 14 Key Requirements to Conflict of Interest Management.

Learn how OneTrust Ethics Program Management can help you operationalize ethical behavior and manage company-wide disclosures effectively.

You Might Also Be Interested In


NOVEMBER 28, 2022

From Sapin II to Sapin III: France’s anti-corruption fight

NOVEMBER 25, 2022

7 myths about SOC 2 compliance

NOVEMBER 18, 2022

What every Chief Privacy Officer should know  about third-party risk management

NOVEMBER 15, 2022

US climate risk rule could affect more than 5,700 federal suppliers

NOVEMBER 14, 2022

The COP27 climate summit: What to expect and why it matters

NOVEMBER 10, 2022

CSRD update: EU approves new ESG disclosure rules

NOVEMBER 9, 2022

SOC 2: Starting your audit process

NOVEMBER 9, 2022

3 steps for mitigating the impact of ransomware attacks through data discovery

BackToTop
Onetrust All Rights Reserved