Compliance and Risk Management: A Handbook for Sustainable Entrepreneurs

Compliance and Risk Management: A Handbook for Sustainable Entrepreneurs is part of the Sustainable Entrepreneur’s Library of Resources for Compliance and Risk Management.  The Handbook consists of several guides that lay out the general procedures for establishing and operating an effective legal and regulatory compliance program and dig deeper into the details of key specific compliance topics and activities.  An overview guide introduces the relevant laws and regulations, including a discussion of the federal sentencing guidelines and other governmental regulations and policies relating to compliance programs. The next guide on Compliance Programs identifies the legal and business reasons for establishing a compliance program, describes the steps to be taken to launch and maintain such a program and provides essential information on how to organize the compliance function and the commonly agreed elements of an effective compliance program.  The guides on Compliance Audits and Risk Assessments cover the general procedures for conducting compliance audits and risk assessments.  The guide on Records Retention covers the general procedures for establishing and administering a records retention program.  The guide on Contract Management covers the processes and procedures that companies may implement in order to manage the negotiation, execution, performance, modification and termination of contracts with various parties including customers, vendors, distributors, contractors and employees.  The guide on Internal Investigations covers the general procedures for conducting “internal investigations”, which include all of the activities engaged in by companies to collect and evaluate information relating to the purported wrongdoing.  The guide on Disclosure Controls and Procedures is intended primarily for executives, directors and senior managers of public companies that are subject to various rules and regulations in the federal Securities Exchange Act of 1934, as well as pronouncements by the Securities and Exchange Commission, that impose strict obligations with respect to disclosure controls and procedures.  Finally, the guide on Privacy and Data Security covers the development and administration of policies and procedures to comply with laws, regulations and industry standards relating to privacy, data security and overall collection and use of nonpublic personal information.

The Handbook includes the following tabs:

Legal and Regulatory Basis for Compliance Programs

Elements of Effective Compliance Programs

Compliance Audits

Risk Assessments

Records Retention

Contract Management

Internal Investigations

Disclosure Controls and Procedures

Privacy and Data Security

Download the entire Handbook here.