Business Advisory: Implementing and operationalising policy
Our clients often find themselves at the crossroads of innovation, tradition, risk and opportunity. As they consider and respond to these competing priorities and changes in their operating environment, many identify a need to develop new or re-design existing policies to stay competitive and reduce their risk.
The challenges of weaving these policies into an organisation’s current operations become apparent shortly after it finalises the policy detail. Creating and operationalising a policy isn't merely about developing a document and sharing it with your team members, it's about systematically integrating it into the organisation's ethos, daily activities of your team and the overall culture of the organisation.
At its core, this process of policy implementation and operationalisation is a change management exercise. Updates to policy may require people to change the way they do things, the way they approach their jobs or the way they interact with each other or other key stakeholders. As such, the core principles of managing change should form the basis of any organisation’s efforts to operationalise policy. It can be done and done well. The downside risks associated with not getting it right, however, are significant and can impact people, budgets, reputation and prospects of operational excellence.
In our experience, success depends on careful planning, clear communication, and a deliberate and thoughtful approach to ensure the organisation stands to realise sustained benefits from the change.
Crafting the foundation of your new policy
The journey should start with meticulous planning. Understanding the gaps or issues any new policy aims to address is a good start. This type of thinking can help refine the strategic intent of the policy and help align decision makers to the intended outcomes of the activity. This foundation helps in drafting a policy document that is both precise and effective. Let’s take the development of a Know Your Client (KYC) policy as an example. In this case, the strategic intent of the policy is clear; we are attempting to embed a series of activities that allow the organisation to confirm the identity of companies and individuals it does business with, ensuring those entities are acting legally.
At this stage, stakeholder engagement is crucial. By involving team members, managers, and even external stakeholders, you can assemble critical insights and begin the process of building consensus around the strategic intent. This process of co-design, whilst slower than the alternative approaches, will yield benefits down the track. At this point, legal teams (either external legal advisors or in-house teams) play a critical role in drafting policy in line with the relevant laws, regulations, and understood stakeholder expectations.
Bringing your people on the journey
Effective communication is the cornerstone of any successful policy rollout. Organisations have no shortage of channels to leverage when it comes to communicating with their stakeholders. Think about how your organisation communicates with its people – weekly emails, internal newsletters, in-person townhall sessions? Most important, however, is the balanced use of each channel to give your stakeholders the best chance of receiving and digesting the key messages.
Dissemination of information is just the starting point; education and giving your people the necessary tools and practical steps to embed the policy are key. Providing the required support to team members to help them understand the nuances of policy, the toolkits and support available to them and the benefits of the new policy are all critically important topics that should be addressed at this stage. Have your team members been given the opportunity to fully understand the importance of KYC, and do they have the requisite KYC knowledge and tools to support them mitigate risk on behalf of the organisation?
Turning words into action
Now you have a well-communicated and understood policy, the next step is action. Designate responsibility and accountability to specific individuals or teams who will oversee the policy's day-to-day operations. These people should be your policy champions and, where possible, be a part of the cohort of team members who are most impacted by the changes the policy has generated. This group – more than any other – can be your fiercest advocates for the changes that you are implementing across the organisation. In our KYC example, we would likely see representatives from a cross-section of the organisation including treasury, legal and customer service functions. If the policy is complex or far-reaching, consider a phased rollout using the learnings from each phase to inform the approach in the following phase. This approach mitigates the downside risks of issues that can potentially impact the whole organisation whilst capturing the upside efficiency opportunities of learning through fast paced, staged implementation.
Keeping a watchful eye on progress
A policy is only as good as the outcomes and behaviours it generates. Ongoing monitoring using predefined metrics is crucial. In our experience, creating fast - if not instantaneous - feedback loops by gathering opinions and concerns from team members and stakeholders is critical. In our KYC example, at this stage we might look to leverage data and insights from a KYC registry to support the continuous improvement efforts of the organisation. Supporting this approach should be reporting and frameworks that will help maintain the integrity of the policy in the context of the ever-evolving environment the organisation operates in.
Celebrating success with an eye on the future
Policies should be dynamic, adapting to new laws, technologies, and organisational goals. Periodic updates and upskilling sessions are essential for keeping the policy current and effective. As your organisation hits key operationalisation milestones celebrate the successes and surface any areas for improvement using these insights to inform future activity.
It will be important to keep an eye on the horizon for further regulatory changes or material trends in the market that might influence the effectiveness of your existing policy or create a need to develop new policy in response to the changing regulatory the landscape. Regulators, while managing investigations and responding to claims, will consider the extent to which a policy and any complementary processes have been embedded and then updated based on regulatory changes.
How DLA Piper Business Advisory can help
DLA Piper Business Advisory offers a distinct and comprehensive approach, combining legal capability to assist in the development of policy and the advisory support to help organisations effectively implement those policies. Our integrated team of lawyers and advisors work together to ensure our clients can realise the sustained benefits of policy implementation in a way that is considerate of all key stakeholder and the existing regulatory and operating environment.
To stay informed on our latest insights, click here.