ISO 19600 - Compliance Management Systems
The establishment, implementation, maintenance, evaluation and continual improvement of a best practice compliance management system is a key element of a diligent management of any organization. For businesses, best practice compliance management creates a competitive advantage and for public organizations it is at the heart of good public governance. ISO Standard 19600 – Compliance management systems is the first international standard on best practice systematic compliance management.
Based on leadership, values and culture, following a principles-based approach and in application of the well-established plan-do-check-act iterative management process, the Standard describes in a clear and easy to understand language what organizations should do to effectively assess and treat compliance risks. This guidance is intended to be adaptable and can be of use for any kind of organization or part thereof and with regard to any kind of compliance risk, irrespective of the size of the organization. It is also adaptable to the level of maturity of an organization’s compliance management system and to the context, nature and complexity of the organization’s activities.
This commentary – elaborated by international compliance experts and members of the ISO Project Committee that developed the Standard – is intended to assist Board Members, Management at all levels and Compliance Officers in reducing complexity and the related costs of their compliance management whilst increasing its effectiveness and transparency. Ultimately, best practice compliance management avoids and mitigates compliance risks and creates the basis for the long-term success of organizations and their Board Members, Managers and Employees.
Dr. Daniel Lucien Bühr, MBA is partner at LALIVE Attorneys at Law, Geneva/Zurich/Doha. He advises and represents clients in domestic and international internal and external regulatory and criminal investigations and regularly reviews corporate risk and compliance management systems. Daniel Bühr is a frequent speaker on best practice risk and compliance management and co-founded „Ethics and Compliance Switzerland“ (ECS), an independent not for profit association which promotes ethical leadership and organisational integrity in all organisations. Until 2011 he held different legal and compliance positions in-house.
DDr. Alexander Petsche, MAE S is partner at Baker & McKenzie in Vienna. His main areas are compliance, white-collar crime and internal investigations. He is the editor of „Compliance Handbuch“ and editor-in-chief of the journal „Compliance Praxis“ (both LexisNexis).
Martin Tolar M.Comm (Hons), Grad. Cert Compliance Management, GAICD, CCP, ICCP, is the Australian & New Zealand General Manager for the Red Flag group and is the former Managing Director of the GRC Institute. During that time he was chair of the ISO committee that developed ISO 19600. He has also given numerous presentations on compliance, risk management and anti-bribery in Australia, New Zealand, Asia and the United States. Martin has also appeared before many government inquiries and is a former chair of the International Federation of Compliance Associations. He was also the Australian Head of Delegation and Chair of the Australian committee that was responsible for publishing ISO 37001, the new international standard on Anti-Bribery.