Ever since the diesel emissions scandal, product compliance has become an essential part of corporate compliance management – not only in the automotive industry, but for almost all sectors.
Products are subject to numerous regulations, such as the German Product Safety Act (Produktsicherheitsgesetz, or ProdSG) or the German Product Liability Act (Produkthaftungsgesetz, or ProdHaftG). Among other provisions, these laws govern the requirements that must be met for product certifications such as the GS (Geprüfte Sicherheit – “tested safety”) or CE labels. The focus of social values and standards is also changing, as are customer expectations regarding a company’s products and services. Manufacturers need to keep a critical eye on what they promise for their products – more so now than ever before. Failure to meet product promises or regulatory requirements will endanger the core elements of company success, and can result in severe fines and loss of reputation. Dedicated compliance management systems (CMSs) for products can help manage these risks – in a structured, holistic and sustainable manner.
“Managing Product Compliance systematically is not a ‘nice-to-have’. Rather, it is an indispensable factor to ensure the sustainable success of companies.”
When making an initial assessment, you need to ask yourself questions such as:
Product compliance is a new stage in the evolution of corporate compliance management. Transferring traditional success factors from compliance to new areas enables horizontal expansion of existing CMSs.
A sustainable and effective management system requires the commitment of all employees and a good corporate culture.
The company’s vision and its mission determine what constitutes a good culture. The framework of values in an organisation is the foundation of integrity and compliance. In the traditional approach to compliance, the target culture is dominated by legal and economic perspectives. But effective product compliance also requires a technical perspective: it must be accessible and usable for engineers, scientists, software developers and technicians. Measures to promote the target culture must effectively combine all perspectives and viewpoints.
The scope of a product compliance management system is determined by the organisation’s strategy and corporate objectives.
Product compliance means adhering to product-related regulations throughout the product life cycle. Working in a risk-oriented manner, the corporate objectives serve as a basis for determining which regulations and business units the product compliance management system will focus on. Integrating product compliance into operations means understanding that compliance is the foundation of traditional targets – i.e. time, costs and quality – because product compliance sets minimum requirements for products and processes.
A systematic risk analysis is essential for effective design of a product compliance management system.
Where does your organisation stand in terms of product safety? Which specific risks are associated with your products? What is the probability of different risk scenarios occurring? If internal or external requirements are not met, placing products on the market may result in potential risks. To avoid or limit potential damage as effectively as possible, the risks of defective products need to be identified and assessed as early and as comprehensively as possible. The first step is to identify the processes and organisational units relevant to product compliance. The specific risks involved then need to be recorded and assessed. This creates an individual and complete (and therefore manageable) risk profile for each unit in the organisation.
Product compliance risks can be effectively managed with an individual package of measures.
Appropriately designed and effectively implemented, the package serves to reduce risks and protect the company from harm. This involves both proactive and reactive measures. In this regard, it is particularly important to include technical experts, and to use their knowledge of processes and idiosyncrasies throughout the product life cycle when planning suitable measures. Generally accepted standards from the world of traditional compliance management (e.g. “Evaluation of Corporate Compliance Programs” by the US Department of Justice) and industry benchmarks – including those from other industries – may serve as a helpful comparison.
The segregation of duties is a crucial success factor for the effective management of product compliance.
As noted above, traditional compliance management tends to focus on legal and economic aspects. Product compliance management, on the other hand, requires additional perspectives: companies need a mix of technical and operational knowledge, along with expertise on traditional compliance areas, internal control systems (ICS) and risk management. Both the role of the compliance organisation and the responsibilities of each operational unit must be clearly defined. Seamless interfaces with other management systems are vital, and reporting, decision-making and escalation processes must be clear and well documented.
Product compliance can only be effective if employees follow the compliance procedures in their thinking and their day-to-day actions.
Tailored information and dedicated training are vital for long-term success of product compliance management. Communication and employee training must therefore serve two essential goals:
Effective product compliance requires regular monitoring.
Product life cycles are complex, demanding for the organisation, and subject to constant change. Because of this, intelligent mechanisms are necessary to identify possible errors and potential for improvement – for example, regular audits. Staff involved in these monitoring and testing activities should have an appropriate understanding of product-oriented procedures, processes and challenges, both from training and practical experience.
PwC’s product compliance services combine product-related expertise with the success factors of traditional compliance management.
Director, PwC Germany
“We support you in designing and implementing your product compliance management system, or individual elements of it.”
Partner, Strategy& Germany
“We verify your control mechanisms from a compliance perspective – across critical processes in product development, certification or field monitoring.”
Partner, PwC Germany
“We assess and certify your product compliance management system under IDW PS 980, the widely used German assurance standard for compliance management systems.”