From October 12 to 14, the German-Southeast Asian Center of Excellence for Public Policy and Good Governance (CPG), based at the Thammasat University Faculty of Law, will hold its Ninth Annual International Conference. This year’s theme is Making Compliance Work: Challenges and Innovations. The conference, which is open to the public, will be held at the Royal Orchid Sheraton Hotel Bangkok.

Compliance is an important point for private and public organizations. To comply is a verb meaning to follow someone’s  wish or command. It also means to meet certain standards. The word originates from a Latin term meaning to fulfill. Today, compliance still means fulfillment of requirements. The CPG conference will focus on local conditions that determine whether rules and standards are followed. Examples from law, economics, and related fields will be used in discussion, including psychology and military perspectives. Expert speakers will include ajarns, members of watchdog bodies, senior officers, and business managers. Participation is free of charge. Online registration is available at https://s.surveyplanet.com/SJn92m0Wm

In management, the challenge is to get staff and other people to gladly do what is necessary. In studies of compliance, the problem is to get people to follow rules, even if they are not always happy about it. Without compliance, laws and other rules and standards are less effective, since guidelines are ignored. Compliance management systems (CMS) try to resolve these issues. The Federal Deposit Insurance Corporation (FDIC), a United States government corporation providing deposit insurance to depositors in U.S. commercial banks and savings institutions, defines a CMS as how an institution:

• Learns about its compliance responsibilities
• Ensures that employees understand these responsibilities
• Ensures that requirements are incorporated into business processes
• Reviews operations to ensure responsibilities are carried out and requirements are met
• Takes corrective action and updates materials as necessary

The FDIC adds that a CMS is important because

It helps manage risks associated with: 

• Changing product and service offerings 
• New legislation enacted to address developments in the marketplace

Noncompliance with consumer protection laws may result in: Litigation, monetary penalties, and other formal enforcement actions

Compliance may mean conforming to a rule, policy, standard or law. Regulatory compliance refers to laws, policies, and regulations. So-called compliance controls are developed because there are so many rules and regulations in most fields that it can be difficult to keep track of them all. TU students who are interested in the fields of banking and finance may have heard of the Payment Card Industry Data Security Standard (PCI-DSS), an information security standard for organizations that handle branded credit cards from the major card schemes. The PCI Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council (PCI-SSC). Another compliance standard in the US financial industry is described online:

The Gramm-Leach-Bliley Act (GLB Act or GLBA) is also known as the Financial Modernization Act of 1999. It is a United States federal law that requires financial institutions to explain how they share and protect their customers’ private information. To be GLBA compliant, financial institutions must communicate to their customers how they share the customers’ sensitive data, inform customers of their right to opt-out if they prefer that their personal data not be shared with third parties, and apply specific protections to customers’ private data in accordance with a written information security plan created by the institution.

A major advantage of GLBA compliance is that it helps protect against unauthorized sharing or loss of private customer data. The GLBA Safeguards Rule specifies that

• Private information must be secured against unauthorized access.
• Customers must be notified of private information sharing between financial institutions and third parties and have the ability to opt out of private information sharing.
• User activity must be tracked, including any attempts to access protected records.

Comparable common sense guidelines are also found in the U.S. food and beverage industry with Hazard analysis and critical control points (HACCP). This preventive approach to food safety avoids biological, chemical, and physical dangers in production processes. Such dangers may cause finished products to be unsafe. Instead of just inspecting food after it has been produced to see if it contains dangers, HACCP tries to keep these mistakes from happening before it is too late. The HACCP system applies to all stages of food production and preparation, including packaging and distribution. The Food and Drug Administration (FDA) and the United States Department of Agriculture (USDA) require HACCP programs for juice and meat to protect public health.

TU students preparing for careers in healthcare may know about the Health Insurance Portability and Accountability Act of 1996 (HIPAA) enacted by the United States Congress, providing health insurance coverage for workers and their families when they change or lose their jobs. National standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers are required, and guidelines set.

New challenges

How data about compliance is stored by organizations is an important matter. If the data cannot be found, it is impossible to know how much compliance is happening. Usually such data is stored apart from other corporation data. Compliance software has been designed to make the process more efficient for companies to manage. In some fields, there are data retention laws, about how long the data is kept.

The International Organization for Standardization (ISO) and its ISO 19600 standard set prominent international standards for how businesses handle regulatory compliance. Last December, the TU Library received official ISO 9001:2015 certification from SGS (Thailand) Limited. Guidelines were formulated for quality management in every service-related process, following ISO 9001:2015 regulations. The goal was to improve library capacity to provide required information resources and maximize reader satisfaction. Ongoing system improvements satisfy quality management system requirements and regulations.

Distinguished speakers

Among distinguished speakers at the CPG Annual Conference will be Major General Ashok Hukku, Y.S.M. (Retd), a former infantry officer of the Indian Army. He has extensive counter-insurgency and operational experience in India and Sri Lanka. Major General Hukku participated in the war of Bangladesh in 1971 and was an instructor at the Indian Military Academy. He commanded an infantry battalion in counterinsurgency areas in India and later as a part of Indian Peace Keeping Force in Sri Lanka.  As a Major General he commanded a mountain division and participated in the Kargil war of 1999, and has served as Chief Military Intelligence Advisor in the Cabinet Secretariat at New Delhi. He retired in 2005 and was called as a Centre Director at the National Technical Research Organization (NTRO).

Also speaking will be Professor Louis de Koker of La Trobe Law School, Australia. Professor de Koker is national program leader of the Law and Policy research program of the Australian government-funded Data to Decisions Cooperative Research Centre. This program considers the legal and policy aspects relating to Big Data analysis and Australian national security objectives. He is also a senior financial crime policy consultant to Consultative Group to Assist the Poor (CGAP), an independent think tank housed at the World Bank, promoting financial inclusion.

Among other speakers will be Khun Supreeya Mokaramanee, Chief Financial Officer for Siemens Thailand. Khun Supreeya earned bachelor’s and master’s degrees in business administration from Chulalongkorn University. Also making a presentation will be Khun Kobkiat Padungkittimal, Head of Compliance at Deutsche Bank. Khun Kobkiat earned a double LL.M. from Duke University School of Law and Chulalongkorn University in banking, corporate, finance, and securities law. Among his professional responsibilities:

• Ensuring that the staff and officers of Deutsche Bank AG Bangkok Branch are adequately briefed as to the relevant local regulations, guidelines, and corporate policies and that the operations and activities of Deutsche Bank AG Bangkok Branch comply with the related requirements in order to reduce regulatory and reputational risk of the Deutsche Bank AG, Bangkok Branch.
• Identifying local laws and regulations that apply to the business activities of Deutsche Bank AG, Bangkok Branch. Liaise with Regional Compliance in respect of local regulations and corporate policies that apply to the domestic business and in respect of overseas transactions requiring input from the Thailand perspective, including participation in New Product Approval Process to assess regulatory risk and to sign off. 
• Performing the function as the Country Anti-money Laundering & Embargo Officer responsible for the implementation of all applicable domestic and German anti-money laundering legal and regulatory requirements, including Deutsche Bank Group’s internal rules and regulations.

Among the other outstanding speakers will be Khun Buntoon Wongseelashote, Vice Chairman of the Committee on Foreign Trade Negotiation at the Board of Trade of Thailand & the Thai Chamber of Commerce and Professor Kai Chi (Samuel) Yam, who teaches management and organization at the National University of Singapore Business School. Professor Yam received a Ph.D. in organizational behavior, with a focus on business ethics, from the University of Washington.

(All images courtesy of Wikimedia Commons)