Tips for Small Businesses

As a business, you have certain expectations of your employees. You want them to treat one another with respect, try their hardest to complete their tasks, and act in a professional manner both within and outside of the workplace. You also want to ensure that your employees comply with the law.

Do not assume that these expectations are common knowledge. Instead, you should gather these principles into a formal document known as your employee code of conduct.

In addition to benefiting your employees, having a code of conduct is a great way to demonstrate your company’s values to your clients. Having a strong employee code in place, as well as consequences for employees who violate that code, demonstrates to your consumers that you care about maintaining a pleasant workplace as well as curbing inappropriate behavior.

UNDERSTAND WHAT SHOULD BE INCLUDED

Keep in mind that your code of conduct will be unique to your company and your team. However, there are some “standard” sections that most codes cover. These include:

• Your company’s core values;
• Compliance with laws;
• Disciplinary actions; as well as

Rules and policies for:

• 1. Respect (including harassment, discrimination, and more);
  2. Use of company property;
  3. Personal appearance (including cleanliness and dress code);
  4. Absenteeism and lateness;
  5. Conflicts of interest;
  6. Communication and collaboration;
  7. Bribes; and
  8. Accounting

These are just the basics. Your own code of conduct might need to dig deeper into things that are important to your own organization (like work-life balance or volunteerism, for example). Remember to collect opinions and suggestions from other leaders and employees so that you can hash out an outline for a well-rounded code of conduct.

 

ADDRESS AREAS OF RISK

Running a business involves a variety of risks. Some of these risks have the power to completely dismantle a business, while others have the power to seriously damage it, making repairs expensive and time-consuming.

When writing your code of conduct, consider the specific risks that your business and industry face. Risks that differ depending on the industry include sexual harassment, conflicts of interest, workplace safety, and environmental regulations.

 

MAKE SURE YOUR EMPLOYEES COMPLY WITH THE LAW

Outside of any ethical decision-making, you want to ensure that your employees understand how the law should impact their decisions. You can do this by detailing in your code of conduct the provisions of certain laws or regulations that are relevant to your business and industry.

Sarbanes-Oxley Act – This Act was passed due to the accounting scandals that resulted in billions of dollars in corporate and investor losses. Under the Act, all applicable organizations are required to set up a financial accounting structure capable of producing financial reports that can be easily verified using traceable source data. In addition, all modifications to accounting or financial software must be fully documented, including what was modified, why, by whom, and when.

Foreign Corrupt Practices Act – Passed in response to an increase in global corruption costs, this Act prohibits companies from bribing foreign officials in an effort to obtain or retain business, and it requires that companies maintain adequate books, records, and internal controls to prevent unlawful payments. Accordingly, if your business grows to the point of having a global footprint, be sure to include relevant provisions of this Act in your code of conduct.

 

ESTABLISHING A WHISTLEBLOWER HOTLINE

A whistleblower hotline is a crucial component of a successful code of conduct. Business owners often are not immediately aware of misconduct because it is concealed or carried out covertly. For instance, accounting and other paperwork is frequently used to conceal fraud. Theft of merchandise, falsified time sheets, billing and payroll fraud, and the confiscation of receivables are easily concealed inside the books and can go unnoticed for a long time before being discovered.

The majority of the time, management only becomes aware of misconduct after an employee chooses to report it anonymously. Other times, wrongdoing is discovered entirely by chance.

Establish Multiple Reporting Methods

Make your hotline easily accessible via mail, phone, and webform. Depending on factors such as employee location, education, age and level of employment, they may differ on their preferred method of reporting compliance concerns. Multiple access points ensure any reporter can use the program in an easy-to-use format through an engagement point of their preference. This will increase program buy-in and usage.

Create an Anti-Retaliation Policy

Employers must emphasize that they will not tolerate any form of retaliation against those who come forward with information. Whistleblowers experience a very genuine fear of retaliation, and this fear may have a negative impact on the quality of the reporting process.

Employees must feel confident in their employer’s whistleblower policy and free from retaliation in order to disclose suspected unethical behavior internally and avoid internalizing their concerns or taking them outside the business.

Ensure Clear Messaging from Management

Management must inform employees about the whistleblower hotline once it has been successfully implemented within the organization. This can be done through emphasizing the hotline’s importance through the code of conduct.  The management message should stress the importance of speaking up and promote a compliance culture.

This will encourage employees to call the hotline as soon as they become aware of any misconduct. The more they use the hotline, the more cases of internal fraud management can investigate, and the better it is for the organization.

CONSISTENTLY REEVALUATE YOUR CODE

Your code of conduct is not something you can “set and forget.” Set a recurring appointment on your calendar to thoroughly review this document and make any necessary changes.  Because your business is constantly changing, you may need to tweak the language or even add or remove sections.

For instance, if your team had to make a sudden switch to remote work, you’d want to include some remote-specific portions in your code so that staff members are aware of what is expected of them away from the conventional office setting.

 

https://www.sarbanes-oxley-101.com/sarbanes-oxley-faq.htm

https://www.natlawreview.com/article/10-reasons-why-fcpa-compliance-critically-important-businesses#:~:text=The%20Foreign%20Corrupt%20Practices%20Act,controls%20to%20prevent%20unlawful%20payments.

https://www.wrike.com/blog/how-to-write-employee-code-of-conduct/#What-is-an-employee-code-of-conduct

https://blog.whistleblowersecurity.com/blog/how-to-implement-a-whistleblower-hotline-at-your-company

https://www.polonious-systems.com/5-tips-setting-up-a-whistleblower-hotline/

https://www.stryker.com/us/en/about/governance/code-of-conduct.html

https://iuk.ac.ke/code-of-good-conduct/

https://www.trainingexpress.org.uk/course/business-ethics-in-the-workplace/

https://share.america.gov/spoke-wrongdoing-boss-safe-job/

Running a business involves a variety of risks. Some of these risks have the power to completely dismantle a business, while others have the power to seriously damage it, making repairs expensive and time-consuming. Business owners, no matter how big or small the business is, may foresee and plan for risks that are inherent in doing business. Risks are being taken by small business owners every day. However, putting too much at stake could affect your net income. To ensure that you are making the right decisions, conduct a risk assessment for your small business.

While many people are involved in the process and several factors are considered, executing a thorough risk assessment boils down to three main components: risk identification, risk analysis, and risk review.

 

RISK IDENTIFICATION

To properly address hazards and risks in the workplace, they must first be correctly identified. The goal of risk identification is to identify what, where, when, why, and how a situation can hinder a company’s ability to function. For example, a business located near the Gulf of Mexico would list “the potential for hurricanes” as an occurrence that could interfere with normal business operations. This will enable you to minimize harmful risks before they arise.

Here are some ways that a small business owner can identify risks:

Brainstorming:

To brainstorm is to take a holistic view of the business you are developing. In doing this, you want to think about any challenges you anticipate as well as anything that you are unsure about.

Thinking Pessimistically:

Generally, pessimists have a gloomy or skeptical outlook. While pessimism is typically not encouraged in the workplace, asking yourself “what is the worst thing that could possibly happen to the business” is a good way to identify risks.

Imagining yourself in the employee’s shoes:

Even if you are a new business owner and currently operate as the sole employee, employee perceptions of a business’s dangers can be very different from those of the business owner. In their regular work activities, employees can come across new threats that were not previously noticed or anticipated. As a result, putting yourself in the employee’s shoes can give you a good sense of what could go wrong.

 

RISK ANALYSIS

After you have identified potential risks, you must prioritize them in accordance with an assessment of their likelihood of occurrence. With this in mind, establish a probability scale for the purposes of risk assessment.

For example, risks may:

1. Be very likely to occur;
2. Be somewhat likely to occur;
3. Have a small chance of occurring; or
4. Have little to no chance of occurring.

Failure to appropriately assess risk likelihood can have serious implications. If you underestimate the likelihood of an incident, you might not take the appropriate preventative measures, which can result in expensive mishaps or even fatalities. The opposite is also true: if you overestimate the likelihood of an event, you could take unnecessary precautions that cost you time and money.

RISK REVIEW

Once you have established a list of potential business risks and determined each risk’s likelihood of occurrence, detail them in a document. Develop a method to evaluate the impact of each risk, then consider the extent of the potential harm and the difficulty of recovery. Determine the controls you may apply to limit potential risks. To predict your revenue cycle, look at patterns over time. Additionally, evaluate the effect risks have on your business, and consider a risk’s importance as well as the possibility that it will affect your business.

Periodically review your risks. Your risk assessment is not a one-time commitment; it is instead an ongoing an ongoing responsibility. At the end of each year, you should evaluate your risk management procedures to assess how you manage risks. Additionally, keep an eye out for emerging risks that may not have been significant during the prior evaluation.

CONCLUSION

Risk assessments are an essential component of managing a business. Your business risk assessment can be used to inform decisions about funding. A quick risk assessment will assist you in avoiding problems that could impact your finances. You learn from the assessment what actions you should take to safeguard your company. This will enable you to recognize the situations you need to deal with, and steer clear of. In addition to helping you internally, a financial risk assessment can aid in your readiness for financer interactions. Before lending you money, these people want to know how risky your business is. They consider the potential of your business expanding as well as your likelihood of repaying the loan. By putting the aforementioned risk assessment methods into practice, you may control any potential risk to your business. Prepare your risk assessment plan so that you can take the time to identify and manage the risks that your company faces.

 

 

Jaiden Moore, at the time of this post, is a second-year law student at Penn State Dickinson Law. He has a B.A. in Liberal Studies from North Carolina A&T State University, and is interested in civil litigation. Jaiden is Treasurer of the International law society and is a member of the Black Law Students Association as well as the Business Law Society at Dickinson Law.

 

Sources:

https://safetymanagement.eku.edu/blog/risk-identification/

https://www.assp.org/news-and-articles/conducting-a-risk-assessment

https://www.patriotsoftware.com/blog/accounting/small-business-risk-analysis-assessment-purpose/

https://www.projectmanagement.com/contentPages/article.cfm?ID=274371&thisPageURL=/articles/274371/Brainstorming-Risk#_=_

https://www.berkeleywellbeing.com/pessimism.html#:~:text=Pessimists%20typically%20have%20a%20gloomy,t%20willing%20to%20take%20risks.

https://www.eclipsesuite.com/risk-likelihood/

https://www.investopedia.com/articles/financial-theory/09/risk-management-business.asp

https://www.lucidchart.com/blog/risk-assessment-process

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Welcome to Sites At Penn State. This is your first post. Edit or delete it, then start blogging!