Compliance Management Systems in Germany

Compliance, commonly understood as acting in accordance with all applicable rules, laws and regulations in Germany, is one of the central tasks of the company's management bodies. The focus lies on compliance with the objective law by the company and all its employees.

What is a compliance management system?

To ensure a monitoring system within the company that meets its needs, a sensible organizational system, known as a compliance management system (CMS), is required. On the one hand, this system must be perfectly tailored to the company and, on the other hand, it must constantly be adapted after implementation. This applies to all sectors of the economy.

Is there a universal solution?

A one-size-fits-all solution using a rigid, ready-made compliance concept is not feasible due to the differing requirements arising from individual business objectives. 

As a basic principle, the requirements for compliance management systems differ according to a company's industrial sector, size, legal form and nationality (or international nature).

Functional compliance management systems emphasize the corporate culture to which the company aspires. This is done by addressing concrete, existing company-specific factors (both internal and external) and representing them by means of suitable sets of rules in order to implement a model that is accepted by all employees - regardless of their level of hierarchy - and that is applicable and manageable in the daily working environment.

Four phases of setting up a compliance management system in Germany

Most compliance management systems in Germany take a similar approach in terms of their basic structures and procedures:

  1. Risk analysis phase to identify individual risks determined by the nature and character of the company in question by means of appropriate due diligence together with an analysis of existing precautions to ensure that behavior conforms to compliance requirements
  2. Conception of the compliance management system
  3. Implementation phase for the conceptual compliance management system
  4. Monitoring phase together with any adjustments that may be required

Compliance in the company's everyday operations

Compliance management systems are characterized by the ensemble of established structures and measures within a company that ensure compliance (with both legal and ethical rules). This includes, but is not limited to, the following areas and measures:

  1. Compliance risk assessment
  2. Export control systems
  3. Business partner checks
  4. Data protection
  5. Employment law
  6. Environmental compliance
  7. Product compliance/product liability
  8. Emergency measures and plans/pandemic plans
  9. Traveler compliance
  10. D&O insurance
  11. Documentation
  12. Internal audits
  13. Fulfilment of reporting requirements
  14. Compliance due diligence

What are the advantages of a compliance management system?

A customized CMS helps identify possible compliance violations, breaches of duty and negligence at an early stage, making it possible to take proactive efforts in order to ward off civil and criminal liability risks and resulting severe penalties and reputational damage for companies, managers, supervisory bodies and senior executives.

Beyond being a mere legal imperative, compliance management should reflect a decision in favor of the corporate and economic value added. Ultimately, this is about defending a reputation, which includes the avoidance of damage and costs such as sanctions or fines and the fostering of company-wide legally compliant behavior and a sustainable compliance culture.

Our services regarding compliance management systems

Drawing on comprehensive and integrative expertise, our team of compliance experts will work with you to develop organizational and personnel measures and coordinate the compliance tools already implemented with those yet to be developed. Specifically, we will support you with:

  • Setting up and optimizing a CMS
  • Setting up and optimizing an ICS (internal control system)
  • Setting up and optimizing a risk management system
  • Setting up and optimizing internal auditing
  • Risk assessment
  • Compliance risk analyses
  • Compliance audits
  • Business partner audits
  • Compliance training
  • Compliance due diligence
  • Preventive corporate governance consulting
  • Compliance tools (code of conduct, compliance policies, implementation guidance/signature matrix, management and employee training)
  • Provision of an advising compliance officer
  • Breaches of duty, claims for compensation, defense against liability claims
  • Evaluating the compliance structure
  • Disaster situations, emergency plans
  • Whistleblower system/ombudsman
  • Implementing a tax CMS 
  • Risk control matrix 
  • Explaining tax procedures
  • Tax guidelines (modular by tax types)
  • Audit of the tax CMS
  • Optimizing the tax structure

Your German attorney for compliance management systems

Your company does not have a compliance management system yet? You would like to adapt or expand your existing CMS? Your experiences contact persons are:

You can reach us by e-mail (info@winheller.com) or by phone (+49 69 76 75 77 80). We look forward to hearing from you!

Contact

Contact

Awards

Juve AwardLegal 500 Germany 2019
azur100: Top Employer for Lawyers 2021