Please see below the latest Legal happenings for this week.
Land borders shut, alcohol ban remains in new Covid restrictions
President Cyril Ramaphosa announced minimal changes to the country’s coronavirus strategy even as he sounded the alarm about an acceleration in infections and deaths since the discovery of a new Covid-19 variant late in 2020.
Top tips for using free Wi-Fi without getting hacked
South Africans who want to browse the web or access online services for work or entertainment while using a public Wi-Fi network are cautioned to take extra care to protect themselves from malicious hackers.
Ramaphosa appoints Judge Desai as Legal Services Ombudsman
Retired Western Cape High Court Judge Siraj Desai has been appointed Legal Services Ombudsman by President Cyril Ramaphosa.
Desai will serve in the role for seven years with the mandate to advance and safeguard the legal profession by investigating complaints and alleged maladministration.
Why POPI compliance is not just an IT issue
While many organisations believe that POPI compliance will not affect them, or that it is just an IT problem, this is a short-sighted attitude that could see them falling foul of the law. Compliance requires business and IT to work together to manage data effectively, which at the same time provides a number of business benefits.
If you are s subscriber and wish to view a more detailed Newsletter, with the links to the Government Notices, please click the link below:
If you would like to subscribe to our more detailed UPDATE service, please request a quote by clicking the link below:
Businesses preparing for their Compliance audits will need to enhance digital capabilities and embrace tools that enable virtual audit procedures as they navigate the uncertainties presented by COVID-19. Firms empowered by digital technologies will undoubtedly be better positioned to satisfy reporting requirements and remain compliant.
The pandemic and global lockdowns have added unique challenges to the usual process of the physical compliance audits. Constraints on physical proximity, travel restrictions, remote working, limitations on resources and shifting business priorities, have all combined to hinder the ability of auditors to conduct standard audit procedures. Everything has been affected – from meeting with management, visiting sites and interviewing auditees, to walking through processes, conducting risk assessments, holding audit discussions, checking documents, and observing and testing controls for quality assurance.
The Legal Team is here to assist you with the above dilemma.
THE COMPONENTS MAKING UP THE LEGAL TEAM
The Legal Team is secure cloud-based software that gives management and its legal and compliance function a single view of its compliance and contract related performance.
Organizations may elect to select one or all of the components depending on its needs.
So Let’s get started….
THE COMPLIANCE TEAM
This part of the software tool,
Identifies the Laws (rules, codes, acts and regulations) which apply to the Organization;
(known as the Regulatory and Compliance Universe)
Identifies the compliance obligations as per the laws which apply to and which have to be followed by the Organization;
(known as the Regulatory and Compliance tasks)
Identifies the risks of non-compliance;
(known as the Compliance Risks)
Identifies the consequences of non-compliance should the identified compliance obligations not be followed and/or the Compliance Risks materialise;
(known as the Non-Compliance Consequences)
Identifies the required controls as per the laws and best practice, which the Organization should implement or apply in order to minimise and/or control the identified Compliance Risks;
(known as the Compliance Controls)
Allows the Organization, using standard risk rating methodologies on a 10-point scale, to rate the impact of the law, which rates indicate the level of risk and the significance of the law under focus and its impact on the Organization;
(known as the risk and impact measurement and related Risk Rating)
Provides a compliance risk register per law, which highlights the compliance risks, consequences of non-compliance and the main controls which should be in place in order to ensure that the law under focus is complied with, which risk register can be adapted and customised by the user, by extracting or adding risks, consequences and controls;
(known as the Compliance Risk Register)
Sets out under a document known as a “Matrix” a comprehensive summary of each law, including compliance obligations, compliance risks, consequences of non-compliance, required controls, compliance tasks, statutory reporting requirements, requirements for permits, requirements for policies and procedures, record retention periods, persons or departments who the relevant compliance obligations or duties apply to, as well as other useful details such as details of the responsible Regulator, the availability of prescribed forms, impact of POPIA, and the penalties and sanctions for non-compliance, etc;
(known as the Compliance Umbrella Report)
Provides a range of required and recommended compliance tasks per law which have to be followed, implemented and completed by the Organization. The allocated tasks can via the Compliance Management Tool be date allocated to a responsible person and which tasks are then managed by the compliance function or administrator and the responsible person. This part of the system submits in an automative manner, via email, reminders and alerters, which are directed and sent to the allocated responsible person. Once an allocated compliance task is completed, the allocated responsible party will be required via an upload feature, to confirm that the task has been completed. Following this, the Compliance Management Tool will then indicate that the compliance task(s) has been actioned and implemented, indicating and allowing for compliance sign off and confirmation that the task has been completed; once all compliance tasks have been completed per law, the system will indicate full compliance with the law under focus, which will be reflected under the dashboard component of The Legal Team;
(known as the Compliance Management Tool)
Provides the Organization with an overview of its compliance status per law via a dashboard;
(known as the Compliance Status of the Law)
Provides the Organization with an overview of its compliance status in respect of its entire compliance program, via a dashboard;
(known as the Status Of The Organizations Entire Compliance Program)
Identifies the policies and procedures which the Organization in response to the applicable laws should have in place with links to The Legal Team Policy / Contract Library, should the Organization not have the necessary policy; alternatively, the compliance tool allows the Organization to upload its own Policy which is then recorded in a policy register, which via the Compliance Management Tool, allows for the management of the Organization’s Policies;
(known as the Policy Register)
Identifies the Permits/Authorizations and Records which the Organization should have in place as per the applicable laws with links to the relevant prescribed forms and the Regulator. This feature also includes a permit register which is populated once the required permit has been obtained and uploaded to the system, and which is then recorded in the Organization’s Permit Register; which via the Compliance Management Tool, allows for the management of the Organization’s Permits;
(known as the Permit Register)
Sets out the statutory reports which the Organization has a legal duty to submit to the Regulator or to other bodies, as per the applicable laws and, where applicable, provides the required prescribed format or forms which have to be completed and submitted to the Regulator, and timing which via the Compliance Management Tool, allows for the management of the Organization’s statutory reports;
(known as the Statutory Reporting Register)
Allows for compliance monitoring and auditing via The Legal Team Audit tool which is made up of compliance checklists which can be completed online;
(known as the Audit Team)
Allows for online training via The Legal Team E-Learning Portal;
(known as the E-learning Team)
Provides the Organization with real time compliance status reports via The Legal Team Compliance Dash Board.
MORE ABOUT THE COMPREHENSIVE COMPLIANCE UNIVERSE KNOWN AS THE UMBRELLA REPORT
The Umbrella Report sets out all the laws which apply to an Organization and its various areas of operation and details who is responsible for compliance with these laws.
Certain areas of the Umbrella report can be adjusted in line with the Organization’s Risk methodologies including the risk rate allocated to each law, the type of risks and related consequences of non-compliance as well as the controls which should be in place within the Organization to manage these risks.
The Umbrella Report not only gives the Organization an umbrella overview of the laws which apply to its operations, but also tracks and indicates whether the Organization is complying with these laws, using a level of compliance metric, which is pulled from the Compliance task part of the system.
The entire listing of laws housed under the Umbrella report, or selected parts, can be pulled in to a Compliance Report, which the user can download and which report can then be sent to the board or others within the Organization for review and comment.
MORE ABOUT THE COMPLIANCE PROGRAM
The various compliance tasks which have to be performed by the Organization per applicable law, have been unpacked and documented under this area of the system, which component is referred to and known as The Legal Team Compliance Program.
The number of compliance tasks per law, will differ, depending on the nature and/or severity of the law.
The Organization, via an appointed administrator, is able to allocate the compliance tasks to the person or employee within the Organization who is responsible for compliance with that particular law.
Once allocated, the allocated (responsible) person will receive an email advising that certain tasks have been allocated to him or her and the time period within which the task or series of tasks have to be completed.
The responsible person will then be required to log onto the system, and via a simple series of questions, confirm that the task (s) have been completed. Where a physical control is required, which is evidence or proof that such task has been completed, and that compliance with the relevant section / regulation of the law is in place, then in such instance, the responsible party will be asked to upload the relevant compliance control, such as the policy, permit or even a picture of the signage or area of the workplace where the compliance control has been implemented.
Once the responsible person has completed the compliance tasks, the system will calculate the level of compliance, which is then reflected in a compliance dashboard, either per law or in respect of all the laws applicable to the Organization and which score will be indicated in the compliance report and related dashboard. This allows the Organization to manage compliance online and remotely.
MORE ABOUT THE POLICY TEAM
The Policy Team is a comprehensive Policy drafting and management tool which:
houses a comprehensive policy template library;
- provides the Organization with a list of policies which it should have in place and which will educate and guide the Organization’s employees, directors and service providers on their respective business and compliance duties and responsibilities;
- allows, the Organization to upload and store all of its policies which it has in place via an upload function, within the system, which policies are managed via The Legal Team policy management tool, which policies are, once uploaded, listed in a Policy Register, allowing for policy revision and updates;
- gives all allocated users access to the Organizations polices where applicable.
MORE ABOUT THE PERMIT TEAM
The Permit Team is a specific tool which, according to the laws applicable to the Organization, lists the permits, approvals and/or authorizations which the Organization should have in place.
Not only does the Permit Team list the Organization’s Permit requirements, it also manages these requirements by listing under a permit register, the current permits held by the Organization, status of permits, dates of renewal, cost of the permits, as well as the conditions which have to be met by the Organization in terms of the respective permits, all under a Permit Register / Repository, known as a Permit Management Tool.
MORE ABOUT THE REPORT TEAM
The Report Team is a specific reporting tool which sets out what statutory reports have to be submitted by the Organization as per the applicable laws, the required or prescribed format and the manner in which it is to be submitted as well as the required reporting timelines.
MORE ABOUT THE AUDIT TEAM
The Audit Team is an automotive auditing tool.
This tool houses a checklist, or a series of checklists, per law.
The Organization is able via the Compliance Management Tool or via the Audit Team Tool, to program or schedule online audits, testing allocated persons, such as employees or service providers, on their respective compliance levels with the selected and allocated laws.
In order to ensure true real time assessments of one’s compliance levels, all allocated persons will not only be required to answer the audit queries, they will also be asked to verify their compliance status by uploading proof of compliance in the form of physical controls including the uploading of permits, compliance status reports indicating compliance with permit conditions, reports, supporting documents, photographs and policies, which will then be viewed and verified by the Administrator or compliance function – allowing for internal and external verification and assurance.
MORE ABOUT THE TRAINING TEAM
All Organizations have a duty to skill and train its employees on a variety of compliance and other workplace related matters. However, this is a time-consuming exercise as employees spend a lot of time out of the office leading to loss of working hours.
An Organization therefore should consider an in house online learning solution (e-learning) which delivers training on a selection of topics to its employees at their level and in a manner and format which the employees can follow and understand, and which can be done by each employee at his/her desk and most importantly at his or her own pace. The training solution however has to be cost effective and deliver desired outcomes and objectives.
We are able to provide an Organization with a cost effective and simple online learning solution which can cover any type of training and which can be done in-house by employees at their own pace.
Examples of course topics on offer:
- National Credit Act No 34 of 2005 (training is required according to section 163);
- FAIS Act No 37 of 2002 (Insurance);
- Treating Customers Fairly;
- Protection of Personal Information Act No 4 of 2013;
- Financial Intelligence Centre Act No 38 of 2001 (KYC and Suspicious Transaction Reporting);
- Consumer Protection Act No 68 of 2008;
- The Occupational Health and Safety Act No 85 of 1993;
- Companies Act, 71 of 2008.
The Training Team comprises an online e-learning/training portal, which houses a selection of compliance training programs, either in a generic format or in a customised format as per the Organization’s specifications.
The compliance or legal team or administrator of The Legal Team, will via a training register application, be in a position to determine who is to be trained, on what law and following this, will be able via the tool to allocate selected training course to the relevant and selected employees or service providers.
The training is outcome based requiring the allocated user to answer various questions as he/she proceeds through the training modules. The management component of the training tool sends the training requests to the selected users, allowing them to register, and following registration, will submit to the users, periodical training reminders so that the allocated training is completed within the allocated time period and deadlines.
The tool houses a training register which documents the available courses, the allocated users, the status of the training, the allocated time periods, outstanding tasks, and records, once the training has been completed, that the user has successfully completed the training. The system will also generate a certificate once the training has been completed which will be sent to the user and a copy held on the system together with the results of the training session or course.
In order to arrive at the end product, which meets an Organization’s requirements, we suggest the following phased approach:
- Discussion and agreement of topics and/related courses which the Organization employees need to be trained on;
- Development of skills development and training matrix which sets out what the Organization employees need to be trained on and the required training programs/topic;
- Population of the Organization skills development and training matrix which sets out which Organization employees are going to be trained, on what topics and the date and duration of the training period;
- Development of the agreed training courses;
- Discussion on and finalization of course;
- Loading of the courses onto the E-learning portal;
- Loading of all Organization employees selected for e-learning on the e-learning portal;
- Allocation of course to selected Organization employees;
- Notice to selected Organization employees advising of the requirement for them to complete the e-learning and instruction sheet / guideline setting how to access site and undertake the course;
- On-going help desk support;
- Weekly report to Organization Legal/HR and selected managers on progress – i.e. who has completed the course, partially completed the course and who has not attempted the course at all;
- Ad hoc reminders to Organization employees to complete course by determined deadline;
- Final completion report to the Organization including detailed employee results reports – soft and hard copy for training records purposes;
- On completion of a course, the next Organization course would be loaded and the same cycle as per 5-13 would commence again.
Once training has been completed, the system will archive these records.
For a full Demo of The Legal Team, please contact our offices:
Telephone: 011 476 3217 (ext2)