Riordan Corporate Compliance Plan
LAW/531
October 2012
University of Phoenix

Riordan Corporate Compliance Plan
The Corporate Compliance Plan will provide standard of conduct for the internal operations of the company to limit and reduce violations of the law within an organization. The plan is to reduce negative events from becoming legal liabilities.
Definitions
The people involved in this Compliance Plan are any person who is involved in business activities and transactions within an organization.
1. Employees – any person that is paid by the organization pertaining to services provided by the organization.
2. Contractors – person’s or companies contracted for services that directly pertain to the marketing and services provided by the corporation.
3. Board of Directors – persons elected by the company to handle the legal decision-making processes of the organization.
4. Administration, officers, or committees – people who hold position of authority to areas and projects.
5. Abuse – unethical acts of business to include discrimination and illegal doings.
Functions and Responsibilities
Company Standards or Code of Ethics: Riordan Manufacturing is dedicated to producing and providing the highest quality products, to be competitively priced, for the achievement of a safe and productive environment.
Riordan Manufacturing Board of Directors has the responsibility of oversight of the bylaws and procedures developed by the organization. The strategic, operational, reporting, and compliance objectives of the company will come from administration and administration will oversee the implementation of the objectives throughout the company through the employees. Committee of Sponsoring Organizations (COSO) has developed a Risk-Management Guide to help companies incorporate a risk-management plan into their standard means of operation. The following is a summarization of the elements and functions of such a plan.
Functions of the Corporate Compliance Plan:
1. Evaluate the internal environment by how risk, risk appetite, integrity, and ethical values are placed on the working environment.
2. To identify company objectives by how well they meet and achieve the company mission.
3. Identifying the internal and external events that would affect the success of the organization and identifying the risks and opportunities.
4. Assessment to the risks of the company and how those risks should be managed.
5. Risk response process such that the actions are established to align with the risk indiscretions.
6. Policies and procedures for the control of risk responses and procedures for carrying them out.
7. Transfer of information to be identified and communicated in a timely manner to appropriate persons of authority.
8. Monitoring and modification of management activities through evaluations and activities.
Structure for Reporting, Response, and Retribution
When an abuse or potential wrongdoing has been identified or suspected, the employee is ethically responsible to report the incident to the Corporate Compliance administrator for investigation. There are multiple ways that the incident can be reported, telephone, electronic mail, inter-departmental mail, voice mail, or personal audience. Once a report of wrongdoing has been reported, the report stays a confidential record protected by confidentiality privileges, such as a company privacy protection policy, Client/Attorney privilege, Electronic Communications Privacy Act (ECPA), Health Insurance Portability and Accountability Act (HIPAA), and Fair Information Practices (Pitofsky, Anthony, Thompson, Swindle, & Leary, 2000).
Company response to a compliance issue will have a response time of no more than 24 hours from initial notification. The response can come in a number of different communication forms that are appropriate to the circumstance. The Corporate Compliance Administrator will determine whether the indiscretion has violated the Corporate Compliance Plan, violation of the Code of Ethics, or violation of any state or federal law.
Investigation of incident will take place within a 30-day time period follow initiation of complaint. If the investigation cannot be completed in the 30-day time period, a report will be filed with explanation regarding why and what the process and expectations will be. A summary of the investigation will be completed for each incident within a given timeframe, specified within the report, and acceptable by all parties.
Retribution to the incident will be addresses on the severity of the offense or abuse. Riordan Manufacturing will not discharge, suspend, demote, threaten, or harass an employee for filing or making a claim of wrongdoing within the organization or for participating in a legal court action. A plan of action will be addressed and assigned to the employee if the wrongdoing is found to be true. In evaluating the severity of the offense, Alternative Dispute Resolution (ADR), or legal avenues may be taken to rectify the situation. Each employee has the right to legal representation by an outside source if mediation does not rectify the situation.
Under the Sarbanes-Oxley Act of 2002, publically traded companies are required to keep record of complaints regarding the suspicion of accounting and auditing procedures. The Whistleblower Laws allow employees to make anonymous and confidential reports of suspected wrong doings (Whistleblower Laws, 2012).
Liability and Property Riordan Manufacturing is a company with national and international relations. Profitability is incorporated with the interactions of internal and external customers. The customer base will practice ethical behavior to maintain a suitable working relationship. A number of patents, trademarks, and copyrights will be filed to maintain the professional and personal integrity of the company. Anyone is found to be inappropriately using someone else’s idea or sharing an idea that is not authorized can be terminated for defacement of the entity integrity.
The Real and Intellectual properties of the company come in the form of patents, copyrights, trademarks, domain names, services, buildings, equipment, employee records, products, and supplies (Cheeseman, 2010). All such things need to be handled in the appropriate manner to maintain the integrity of the property.
Education and Training Initial training will occur upon hiring of the employees. Adequate training will help to reduce the possibility of risk and negative liabilities. Certain requirements, regarding education level may be deemed necessary for the filling of certain positions. On-the-job training will occur for non-educational requirement positions. Education to the company policies and procedures will occur for all new hires. Continuing corporate education, on a routine annual basis, is necessary for all positions within the organization. If a position has a licensure requirement, yearly continuing education for the renewal of a license may be necessary. The company will not be held responsible for the necessary requirements of the individual license. Each employee will be held responsible for attaining the appropriate continuing education to sustain a valid license.
Governance and Regulatory Compliance Requirements The objectives and goals of a Corporate Compliance Plan are to ensure that the company complies with all local, state, and federal statues and laws, to use assessment tools for routine review of compliance program, provide annual reports to the Board of Directors or appropriate administration, review and monitor results of routine audits, and to maintain a random audit of procedures for unexpected change. The Environmental Protection Agency (EPA) is the agency to go to for guidelines on any environmental protection questions or to report offenses seen to be a serious risk to the protection of the environment; The Occupational Safety & Health Administration (OSHA) is the agency to look to for guidance, regulations, and complaints to the health and welfare of employees and the work environment; Health Insurance Portability and Accountability Act (HIPAA) is the organization that an organization would go to for regulations on the privacy of individuals personal health information. There are many organizations to look to for guidance on international law and relations, the World Trade Organization (WTO), the United Nations (UN), United Security Council (UNSC), and the United Nations International Court of Justice are a few of the organizations set up to aid in the harmonious business operations with other countries. Riordan Manufacturing uses all such organizations that are pertinent to the legal and ethical operations of the company.
Auditing Activities Enterprise Risk Management is a helpful tool for Riordan Manufacturing to incorporate into auditing practices of the company. It is a way to identify risks, align strategies, reduce loses, find opportunities, and improve the capital needs of the company. It is vitally important to achieve performance goals, reduce loss, strive for effective compliance and reporting, and avoid unexpected pitfalls. The audit process for Riordan Manufacturing follows an order of determining which area to audit, a planning procedure, a meeting to discuss topic for audit, determine objectives, the reporting process, a final meeting for review, and a final report.

Record Keeping Documentation and record keeping of employee information, employee employment activities, incident occurrences, complaints, and maintenance is vital the ability to act upon an indiscretion or promotion. Without proper documentation of equipment history, a company cannot justify the means of fixing or replacing needed change. Employees who lack the abilities to perform their job adequately need to have such occurrences documented to replace or change the employee’s position. The means for record keeping is different to each area within an organization. Listed are the areas and area of specialty:
• Finance, Accounting, and Payroll – income for employees, financial statements for the organization, accounts receivable, accounts payable, Profit and Loss statements, and records of audit.
• Human Resources – Employee information, laws and guidelines for employment issues, retirement information, disability information, and benefits offered to the company.
• Legal Department – Any dealings with the company that may require legal intervention and process guidelines.
• Administration – Contractual information not held in the legal department regarding the contracts in which the company is involved with.
• Maintenance – All information regarding the maintenance and regulations of operating equipment, safety guidelines, hazardous materials guidelines and procedures, and contractual agreements with equipment companies.
• Shipping and Receiving – Information regarding companies that products are shipped out to and companies in which merchandise is received from. This area may also keep inventory on sight and record of such items.
Enforcement of Corporate Compliance Plans Enforcement and compliance practices are important because companies under the scrutiny of the government can be labeled as a liability for business relationships. Companies need to keep a reputation as being ethical and trustworthy to the honesty of their business dealings. Most companies will have a formal compliance program; a company without a compliance program can lend to the government becoming skeptical and be under close scrutiny for compliance issues. This can lead to an increase in sanctions and poor government reporting of a company’s activities. Enforcing compliance procedures will also lend to the discipline of wrongful doings. The individual discipline will be evaluated and addressed to the likelihood of the misconduct being performed again, the need to show that the misconduct will not be tolerated, and to show the internal and external customers that ethics is taken seriously and that the company will act appropriately regardless of the public awareness of the misconduct (Bender & Offennbecher, 2006).

References
Bender, W. J., & Offennbecher, P. P. (2006). Criminal Enforcement and Regulatorty Compliance for Design Professionals. Charleston: ACEC.
Cheeseman, H. (2010). Business Law: Legal environment, online commerce, business ethics, and international issues (7th ed.). NJ: Pearson Prentice Hall.
Occupational Safety & Health Adminstration. (2012, September). Retrieved from United States Department of Labor: http://www.osha.gov/
Pitofsky, R., Anthony, S. F., Thompson, M. W., Swindle, O., & Leary, T. B. (2000). Privacy Online: Fair Information Practices in the Electronic Marketplace A Report to Congress . Washington D.C.: Federal Trade Commission.
United States Department of Justice; What is FOIA? (2012, September). Retrieved from FOIA.gov: http://www.foia.gov/
Whistleblower Laws. (2012, September). Retrieved from Corporate Compliance Insights: http://www.corporatecomplianceinsights.com/navigating-between-scylla-and-charybdis-effectively-enforcing-corporate-compliance-programs-without-turning-violators-into-whistleblowers-%E2%80%93-part-1/