Annual compliance questionnaires – reporting and tracking challenges

Many businesses, such as law firms and accountancy firms, need to collect and analyse data from employees for regulatory and compliance purposes. While many firms carry this out annually, some may do it more often. VinciWorks spoke to several firms to learn how they collect, analyse and track responses from the annual declarations questionnaire, often referred to as annual compliance questionnaire, to uncover the key challenges in the process. What we learnt helped us develop our annual declaration reporting portal.

Compliance Questionnaire Definition

An annual compliance questionnaire is a document typically used by organisations in the UK to assess and verify compliance with relevant laws, regulations, policies, and industry standards on an annual basis. It serves as a tool to gather information from individuals or entities regarding their adherence to specific requirements.

By completing the annual compliance questionnaire, individuals or entities provide a self-assessment of their compliance status and disclose any potential compliance breaches or issues. This process helps organisations to monitor and manage their compliance risks effectively, identify any non-compliance, and take appropriate remedial actions.

What do the annual declarations questionnaires include?

There are no regulations guiding the specifics of what information an annual declaration questionnaire should collect. The declaration might include information on the following:

Conflicts of interest

Staff should declare whether they have had any business dealings for the firm whereby their own interests are served. If there is a conflict of interest, this must be declared in the questionnaire.

Directorships

Have any of your staff recently accepted a position as a trustee of director in a company or charity? If so, this should be declared so that the compliance team can ensure there has not been a conflict.

Significant shareholdings

Becoming a significant or majority shareholder in a company may present a conflict of interest if that company is, or has been, a client.

Outstanding insurance liability issues

Many annual declarations questionnaires require staff to declare they do not have any outstanding insurance claims.

Potential client complaints

Have your staff received any complaints from clients that they did not report? The annual questionnaire is an opportunity for staff to report any complaints that were not flagged, such as complaints against staff or complaints on the firm’s client due diligence processes.

General compliance

The annual declaration is also used by compliance managers to ensure all staff understand and comply with relevant regulations. Law firms will often reference the SRA Handbook, soon to become the SRA Standards and Regulations, and require their staff to declare that they have conducted training on and understand the regulations. 

Challenges of annual declarations

We have spoken to several organisations to understand the challenges presented by the traditional annual declarations process. The process causes three core issues that makes it complicated, tedious and time-consuming: 

  • It is hard to track who has completed the form and who hasn’t
  • Large organisations have thousands of employees. Looking among all the submissions for the ones that actually matter can be overwhelming and extremely time consuming for managers.
  • From one year to the next, 95% of the data is the same. Asking staff to input the exact same information on a regular basis is unlikely to be a welcome task.

Managing the annual declaration process effectively

In order to effectively collect, process and analyse data from an annual declaration survey, managers should make it easy for staff to complete the form. After consulting with multiple organisations, we have built a best-practice solution that saves time for employees and administrators, delivers completed declarations faster and can be deployed in less than a week. VinciWorks’ annual declaration reporting software, powered by our data collection and reporting software, Omnitrack, allows employees to easily complete their declarations, without having to enter the same information each year. Any potential compliance issues are automatically flagged, allowing compliance and risk teams to rapidly assess the risk.

How does the annual declaration portal work?

VinciWorks’ annual declarations portal has four main features:

Build

Annual declarations form builder screenshot
Build an entire form, from user instructions to each individual field

Having examined the current forms and processes of several firms, VinciWorks has created a best-practice customisable built-in data collection form for annual declarations. Administrators can choose whether to use the existing form and customise it to be relevant to the organisation’s industry, staff and needs, or they can build the form themselves using Omnitrack’s easy-to-use form-building platform. High risk submissions are then automatically flagged.

Report

Annual declaration reporting screenshot

Collecting data and ensure all staff complete the annual declaration questionnaire is one of the core challenges of the process. Our software allows submissions to be segmented by administrators, with the ability to easily export all entries and reports. 

Track

Annual declarations reminder email screenshot
Administrators can schedule automatic “nag” emails to staff who are yet to complete their annual declaration form

Keeping track of each entry year on year can be pretty overwhelming for administrators. Omnitrack automatically tracks who has completed the annual declaration form, allowing administrators to easily track who has completed the form and identify any risks. Any entries that raise any concern can be flagged, allowing administrators to easily keep track of all problematic responses. Automatic emails can be drafted and sent to “nag” staff who have not yet completed the form to do so. For example, you can schedule an email to all staff who have not completed the form five days before the deadline.

Review and resolve

Annual compliance questionnaire entries screenshot

The days of poring over a huge Excel document with several spreadsheets are now over. Administrators can now easily review flagged entries via our dashboard and take appropriate action. Any action taken can also be logged and monitored via the portal.

Book a demo for our annual declarations portal

To book a demo for our annual declarations portal, complete the short form below.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.