Compliance Programs – Key Considerations

Updated: May 27, 2025

When businesses are thinking about building their compliance programs, they need to consider various components including corporate, commercial, intellectual property, employment, anti-bribery & corruption, anti-slavery & human trafficking and data protection matters. In this short blog, we’ve outlined certain key considerations to take into account and listed them under the relevant component.

Corporate

• Review Board of Directors and committee minutes.
• Review Board of Directors committee structure and committee charters.
• Review corporate structure, including affiliates and joint ventures.
• Review governance-related policies, including conflicts and ethics.
• Review insurance coverage.
• Consider excess benefit transactions.
• Review political campaign activities.
• Determine related organisations and their activities.
• Access to loans and equity investments, including program-related investments.
• Consider government grants and contracts.
• Lobbying registration and disclosure.
• Assess employment taxes and workers compensation.
• Consider export controls.
• Review whether corporate registration and/or filings should be undertaken in other jurisdictions.
• Verify that all corporate filings, including annual reports, have been made.
• Document communications with the HMRC.
• Review tax-exempt status, including HMRC determination letter.
• Record and consider foreign bank accounts and legal implications.
• Determine sales, excise and franchise taxes.

Commercial

• Determine a policy for internal contract review, external review by counsel and execution of contracts.
• Determine whether there are business relationships not covered by a written agreement.
• Determine whether there are contracts with related parties and whether there was compliance with procedures for disclosing conflicts of interest.
• Verify compliance with representations and warranties.

Intellectual property

• Review policy for links to/from other sites.
• Determine whether consents have been obtained for the use of content and website links.
• Determine whether domain names infringe on another organisation’s trademarks or service marks.
• Review website and review procedures for content monitoring.
• Determine whether other proprietary information should be protected.
• Grants likely to have intellectual property provisions that would include provisions re allocation of rights and requirements for protection of rights.
• Review licenses, contracts and other agreements relating to IP and computer software to which the organisation is a party or a third-party beneficiary.
• Review policies and third-party agreements relating to non-disclosure of confidential information and ownership of intellectual property created by employees and contractors.
• Review procedures for maintaining confidentiality of trade secrets.
• Verify status of trademarks, trade names, domain names, and copyrights.

Employment

• Review job application form, standard job posting and recruiting materials.
• Review procedures and practices for use of temporary workers.
• Review whether individuals are properly classified as employees and independent contractors.
• Review employment contracts and letter agreements.
• Consider option provisions and dates for exercise.
• Review compliance with requirements for documentation of citizenship of employees.
• Review compliance with laws prohibiting various forms of discrimination.
• Review employee manuals, handbooks and policies.
• Review policies re public statements and speaking to the media.
• Review existing tax qualified benefit plans.
• Review fringe benefits.
• Review non-qualified deferred compensation plans.
• Review procedures and practices for terminating employees.
• Review severance plans or policies.
• Review record keeping for compliance purposes.

Anti-bribery & corruption

• Put in place a governance charter and committee.
• Complete a risk assessment.
• Put in place policies and procedures on anti-bribery and corruption, gifts and entertainment, corporate hospitality and charitable giving.
• Draft a supplier code of conduct/attestation for all third parties (including partners).
• Complete ongoing monitoring and due diligence on all third parties.
• Conduct training for all staff.
• Conduct a review of compliance with economic sanctions.

Anti-slavery & human trafficking

• Put in place a governance charter and committee.
• Complete a risk assessment.
• Put in place policies and procedures on anti-slavery and human trafficking in the supply chain.
• Create a website transparency statement on anti-slavery and human trafficking compliance.
• Supplier code of conduct/attestation for all third parties (including partners).
• Complete ongoing monitoring and due diligence on all third parties.
• Conduct training for all staff.

Data protection

• Identify whether to appoint a Data Protection Officer.
• Compile and update a data register regularly (including all types of personal data and lawful bases).

Need help in building or further developing your compliance programs? Get in touch with our team at compliance@aria-grace.com