Compliance as an indispensable element of corporate governance - is it worth introducing compliance management systems in a company?
"It takes 20 years to build a reputation and about five minutes to ruin it. If you think about that, you' ll do things differently".
It is hard not to agree with the above quotation by W. Buffett that the reputation and success of a legal entity is built over years and can be destroyed in a few minutes. Fortunately, the law provides for mechanisms which make it possible to prevent such a situation, among which the most important is an appropriate compliance policy tailored to the organisation, included in the Compliance Management System. Is the introduction of such a system an unnecessary, costly and time-consuming solution, or is the question that entrepreneurs should ask themselves today different - can I afford not to have a compliance management system in my company?
Although most large companies already have internal regulations called Codes of Ethics, Business Conduct Principles or Compliance Codes, the events of recent years and the corruption scandals that erupted during the pandemic make it clear that much remains to be done in terms of introducing systems in Polish companies to promote integrity in business and to prevent corruption and eliminate the risk of non-compliance with legal regulations. The recommendation of the Good Practices of Companies Listed on the WSE of 1 January 2016. , have been supplemented with a compliance function and assume the existence of a compliance supervision system in such companies, but what about companies that are not subject to this regulation?
The concept of compliance derives from medicine and means that a patient in the process of treatment adheres to the doctor's recommendations. Company compliance, on the other hand, refers to the behavior of all members of an organization in accordance with binding rules.
Currently, compliance is a broad system of compliance with legal and moral standards, which is transferred to the organization in the form of a Compliance Management System, i.e. a system of compliance management that is designed to ensure compliance with the rules by means of various measures. According to the ISO definition, compliance means fulfilling all of the organisation's obligations - i.e. those that arise from the law and those that the organisation wishes to comply with (various standards, management principles, social or ethical standards).
Polish law, therefore, allows companies - also those not listed on the WSE - to introduce mechanisms that promote and ensure integrity in business by introducing internal regulations in the form of norms and ethical standards that make it possible to influence employees by adopting appropriate procedures so that they act in accordance with the law and with the standards adopted by the organization. Such regulations may, for example, include anti-corruption policies, conflict of interest policies, whistleblower policies, supplier screening policies, gift policies, and they may be included in an internal compliance management system regulated under the ISO 19600 standard.
The objectives and benefits of having such a system by a legal entity seem invaluable. Such a system not only protects and builds the organisation's good reputation, increases its competitiveness on the market, and boosts its credibility as an entity guided by business integrity, but also has a preventive effect by protecting the business entity from sanctions to which it would be exposed if there were a breach of legal regulations which the system is designed to protect the organisation against.
Therefore, the position presented in the doctrine should be fully shared, that having a compliance function in the organisation linked with the existence of a compliance management system appears to be an essential element of corporate governance, and compliance itself is or should become an essential part of the corporate culture of Polish companies.
It is also worth bearing in mind the draft law currently under way on openness of public life, which assumes that all medium and large sector enterprises, regardless of their industry, will be obliged to implement and apply internal anti-corruption procedures as a standard part of an effective Compliance Management System. Therefore, the answer to the question posed at the outset is not if, but when.
Legal Advisor Bogna Pakuła
The author is a legal advisor, Managing Partner of the Corporate Law and M&A Practice at the firm, and serves as Compliance Officer at American Heart of Poland S.A. Capital Group.
 2016 Best Practices of WSE Listed Companies, available at https://www.gpw.pl/dobre-praktyki-spolek-regulacje
Cf. Prof. Dr, Bartosz Makowicz: Practical integrity in Polish companies - or it is high time for compliance in Przegląd Prawa Handlowego, February 2018, p. 31
Cf. Prof. Dr, Bartosz Makowicz: Practical integrity in Polish companies - or it is high time for compliance in Przegląd Prawa Handlowego, February 2018, p. 33.