In a world where customers for businesses are literally all over the world, it is crucial to be compliant with all the laws that apply to your area of business.

An effective corporate compliance programme helps to do that successfully. It shows the intention of a company to be abreast of the applicable laws, and its ability and inclination to take reasonable steps to remain compliant of those laws.

In the recent multi-agency investigation into Airbus' conduct across multiple markets, one of the key elements of its settlement with law enforcement agencies is an effective compliance programme.

According to documents filed with the French authorities, the company, after getting embroiled in a transnational corruption case, took four years from 2015 to 2019 to build a compliance programme in a bid to prevent such misconduct from taking place in the future.

Typically, the structure of any compliance programme falls under the three buckets of prevention, detection and correction action.

1) A well written code of conduct for employees is a prerequisite for a compliance programme. It defines, and illustrates through examples, the different types of avoidable behavior. As much as the code points out the desired behaviours for its leaders and employees as a whole, it also aligns the company's mission and values to professional conduct.

2) An internal whistleblowing system that is configured for the reporting of misconduct and the existence of situations that are contrary to existing laws and the company's own code of conduct is crucial. Since the person who exposes information on what is usually illegal or unethical, a policy to protect whistleblowers is an integral part of this component of compliance.

3) Risk mapping is an iterative tool that allows companies to identify, control and manage risks that the company may be exposed to due to solicitations for corruption across a spectrum of business sectors and geographies.

4) Due diligence procedures encompass the exercise of care that a reasonable business undertakes to assess its customers, suppliers and others with regards to risk mapping.

5) An effective compliance programme also includes procedures for accounting controls, both internal and external, which help to ensure that the company's books and accounts are not used to hide acts of corruption. Either the company's own accounting and financial control departments, or an external auditor can be used to effect such controls.

6) A compliance training process is an indispensable part of the larger efforts at ensuring compliance with existing laws within the ambit of a company's operations. Executives and staff who are the most exposed to the risks of corruption and influence peddling should be the primary targets for such training, though all employees can benefit;

7) A disciplinary system which takes action in the event of a violation of the company's code of conduct and the applicable laws.

Notwithstanding the robustness of any of these key components, the ultimate secret to building organisational resilience towards corruption is to monitor the utility and the efficacy of the compliance programme regularly.