Back to overview

HR & Compliance: what HR professionals need to know

The HR department plays a key role in compliance management. This article explains how HR professionals can rise to the challenge.

by Moritz Homann 3 min

    Company compliance issues do not just concern the legal or compliance departments; the HR function is also a key player within the organisation’s compliance structure. Compliance means adherence to legal regulations, regulatory standards and ethical principles. Often HR staff are only consulted when ethical issues arise, but good compliance management starts much earlier. We explain how HR professionals can master compliance challenges and limit risks.

    Compliance tasks in the human resources department

    The truth is that the HR department plays a key role in successful compliance management. Effective cooperation between the HR and compliance/legal department forms the basis of a meaningful compliance programme and thus an ethical corporate culture. Ideally, both departments would work hand in hand. Compliance tasks for human resources include, among others:

    • (Shared) creation of compliance guidelines
    • Implementing a Code of Conduct
    • Establishing a compliance culture
    • Maintaining a compliance culture (for example, through training)
    • Managing sanctions and consequences of compliance breaches (for example, issuing warnings)
    • Managing HR compliance (handling breaches of law and guidelines)
    • Acting as a role model by demonstrating the behaviours expected of employees

    Values first

    Values should be at the forefront of any company ethics and compliance programme. Values need to be established, communicated and most importantly demonstrated by those responsible for defining them. Values promote the behaviours expected of employees. The values and principles linked to them can also encompass how a company deals with mistakes, how it sanctions breaches of guidelines and how it promotes diversity. What type of culture are you developing? Can employees admit their own mistakes and learn from them? Is there a culture of mutual trust and do employees feel safe enough to openly call out misconduct or report violations? Only then do the right conditions exist for a successful ethics and compliance programme.

    Practical examples demonstrate this well. Volkswagen, for example, identified its corporate culture as one of the causes of the diesel scandal. In an interview with the Süddeutsche Zeitung, the new Head of Compliance, Hiltrud Werner said there was: “(…) little job rotation and many careers only ever existed within one department. In addition, there was a hierarchical culture, a rigidity that allowed little personal responsibility and a lack of diversity and training measures for specialists and managers.”

    Building a compliance culture is not only the board’s responsibility

    When establishing a compliance culture the board plays an important role, but professional and managerial staff are ultimately the most important factors in its success. It is part of their role to live and pass on the culture in one-to-one discussions and meetings. Regular training, workshops and professional development organised by the HR department support this.

    How managers interact with their employees determines their attitude towards compliance. Can employees see that unethical behaviour is tolerated? If so, then it follows that these employees are more likely to behave unethically themselves. The rules must be clear, transparent and binding for all employees.

    This being said, it’s also important that individuals can make mistakes and speak up honestly about them. The carrot-and-stick approach is a thing of the past. Only those who are allowed to admit mistakes and learn from them can develop personally and professionally.

    Confidential reporting systems promote a speak-up culture

    Whistleblowing solutions that ensure confidentiality help employees to feel confident reporting misconduct and unethical behaviour and increase the likelihood that these violations will be addressed and resolved. Employees can discuss ethical dilemmas with HR or compliance via confidential and anonymous reporting channels.

    The task of the HR department is not only to advocate for a reporting system, but above all to encourage employees to actually report violations. The system should be visible so that all employees can easily find it – for example, in a prominent place on the intranet or publicly accessible on the company website.

    Limiting risk preventively

    In addition to all the cultural aspects of compliance work, the HR department must also address risks within its own ranks:

    • What happens if an HR colleague takes a bribe?
    • How can HR processes be made fair and transparent?
    • Do HR colleagues adhere to the Code of Conduct and demonstrate the company’s values?

    The HR department not only needs answers to these questions but must also put processes in place which, in the best case scenario, prevent unethical behaviour from even occurring. At the same time they need to respond appropriately to compliance violations when these arise.


    This article was written in cooperation with our partner VESTIGA Consulting.

    The complete guide to policy management

    How to effectively create, implement and communicate compliance policies and measure the success of your policy program – for everyone who is responsible for Compliance policies in their organization

    Download now
    Thomas Arzt
    Thomas Arzt

    Managing Partner – VESTIGA Consulting GmbH | After studying business administration, Thomas Arzt started his professional life in the investment banking division of Merrill Lynch in New York. In 2005, he discovered his penchant for headhunting and worked for two large, international executive search firms in the years that followed. Thomas Arzt advises companies on filling specialist and management positions in the digital, compliance and finance sectors. Thomas Arzt’s industry focus is on the IT, finance and real estate sectors as well as on family offices.

    Moritz Homann
    Moritz Homann

    Managing Director Corporate Compliance – EQS Group | Moritz Homann is responsible for the department of Corporate Compliance products at EQS Group. In this function, he oversees the strategic development of digital workflow solutions tailored to meet the needs of Compliance Officers around the world.