A needs analysis should not be taken lightly. The overall goal is to ensure from a compliance training standpoint that all organizational risks are covered. During the needs analysis stage, the key is to gather as much data as possible to formulate your training plan. If certain data is missed, the organization, the Chief Compliance Officer (CCO), and you could be held accountable if the regulators come in for an examination. To cover all your bases, a solid project plan must be in place. Think of yourself as being a project manager: you need to lay out the approach, timelines, milestones, and the approval process.
There are four steps for conducting a thorough needs analysis:
- Understand the organizational goals and objectives
- Collecting data
- Analyzing data
- Discussions with key stakeholders
Understand the organizational goals and objectives
When creating your summary for a needs analysis, you need to understand the organizational goals and objectives as well as regulators’ expectations. In the financial industry there are several regulators, but your organization will only have a certain number depending on the products and services offered. Your summary should include which regulators are applicable and what products or services need to be covered.
Do your regulators require certain compliance training topics to be trained on? This should be identified in your summary, along with the relevant rules and regulations.
In addition, organizational locations should be cited.
You will also need to identify how you will handle non-Full Time Equivalents (non-FTEs) in addition to existing staff. Will new hires, consultants, contractors and part-time staff be trained the same as FTEs or will there be a separate curriculum? Lastly, you should outline the methodology that you adopt to perform your needs analysis. Is it a risk-based approach? If so, provide some details about your approach. For example: ‘a risk-based approach was used to identify the key risks within the organization, prioritizing the compliance training program around these risks.’
The summary should be detailed, providing an overall view of what and how you are targeting full compliance coverage through training.
The data derived from your needs analysis should feature in your training plan.
There should be a column devoted to acknowledging the sources from which the training entries originated (i.e. risk assessment, audit, or examination). This is covered in detail in the training plan section.
The key is to show a linkage throughout the process. If an audit or regulator conducts an examination, you will be able to show a detailed audit trail of each training entry.
This is an excerpt from our new whitepaper, ‘Conducting a Needs Analysis and Developing a Training Plan’
Written by Justin Muscolino
Head of Compliance Training