Back to overview

SMEs: Why compliance is becoming increasingly important

Compliance violations can have a detrimental effect on small and medium-sized companies. This article explores how you can protect yourself from scandals and sanctions.

by Moritz Homann 4 min

    Small and medium-sized enterprises (SMEs) face many compliance challenges but often lack resources and know-how. Investing in robust compliance management can pay dividends.


    The benefits are that the company will:

    • meet its legal requirements,
    • protect itself and its employees from fines and imprisonment,
    • increase its appeal to customers, partners, investors, banks and employees,
    • protect its reputation,
    • identify risks earlier and
    • thus, take early and proactive action against any wrongdoing.

    Compliance is mandatory, not optional

    Violations of the law such as bribery, money laundering or fraud have serious consequences. Breaches not only damage the company’s reputation, but can also lead to heavy fines or even imprisonment. If an infringement occurs, CEOs, managing directors and board members are liable if they have not implemented a compliance system or do not monitor it. This affects small and medium-sized companies as well as the big players.

    Compliance infringements are not trivial offences

    Penalties for compliance violations are illustrated by two well-known large corporations. In September 2014, the British pharmaceutical company GlaxoSmithKline (GSK) was fined €380 million by a Chinese court for corruption. This also resulted in the Former China head at GSK, Mark Reilly, spending three years in a Chinese prison. Former MAN manager Anton Weinmann was sentenced in Slovenia in 2012 with a suspended sentence of ten months and a fine of €100,000 for aiding and abetting bribery.

    The legislator doesn’t however ignore smaller companies. In 2006, the building contractor Karl-Heinz Wildmoser junior was sentenced by the Munich Regional Court to four and a half years in prison. He was charged with bribery and embezzlement in connection with awarding the construction contract for the Allianz Arena in Munich.

    In 2010 investigators uncovered price fixing by 17 bathroom equipment manufacturers including Villeroy & Boch and Grohe. The result: the EU Commission imposed a fine of €622 million. Following this, Grohe invested in a compliance department to help prevent any future infringements.

    Compliance measures protect a company’s reputation

    Compliance management not only helps a company to avoid financial penalties, it also helps to protect the company’s reputation and its employees. The advertising agency Scholz & Friends shows how difficult it can be for a company to recover from public accusations. In August 2020, Die Zeit newspaper published an article on the sexist climate at the agency based on more than 25 interviews with former and current agency employees. A leading creative is said to have exposed himself at a Christmas party in 2017. Despite this, the man was promoted to team leader within the agency shortly afterwards.

    The agency subsequently reacted to the allegations with personnel changes in the management team. Two women were promoted to the Management Board and one of them was put in charge of Diversity, Equality & Inclusion. Another female employee became Managing Director of the Berlin office.

    Short term staffing changes have been unable to repair the damage to the agency’s image. Preventive compliance measures such as having a whistleblowing reporting system in place may have encouraged employees to speak up internally, allowing the company to resolve the serious matter away from the public glare while also protecting their reputation in the process.

    Whistleblower systems protect every company

    Whistleblowing has become an increasingly important subject in Europe in recent years, especially following the EU Directive on whistleblower protection.
    This Directive obliges employers to introduce a reporting channel through which employees and third parties can confidentially report violations. These include tax fraud, money laundering and data protection breaches.

    The Directive applies to companies with 50 or more employees. Those who opt for a whistleblowing system early on not only fulfil compliance requirements, but also increase their appeal to banks, investors, employees and business partners.

    Four tips for SMEs taking their first steps towards improving compliance:

    Starting is always hard. With these four simple tips, your company can set the right course for better compliance.

    1. Define at least one specific person in the company who will deal with compliance issues. At the beginning this could be someone on the management board or in the legal or human resources department. Some companies establish a position responsible for compliance from the offset. It is important that you communicate this new position to all employees and explain their role.
    2. Conduct a risk assessment to identify the most significant risks in the company. Then develop measures to mitigate the most significant risks. You may not be able to eliminate all risks at once but it is important to draw up a roadmap with the next steps.
    3. Provide your employees with a channel where they can report any wrongdoing confidentially (see whistleblowing system above).
    4. Promote an ethical corporate culture. To do this, involve the human resources department from the outset and provide regular training for employees and managers.
    The ultimate guide: optimising compliance risk assessment

    Tips on how to successfully analyse compliance risk in your organisation

    Download now
    Moritz Homann
    Moritz Homann

    Managing Director Corporate Compliance – EQS Group | Moritz Homann is responsible for the department of Corporate Compliance products at EQS Group. In this function, he oversees the strategic development of digital workflow solutions tailored to meet the needs of Compliance Officers around the world.

    Contact