Compliance App as the new superpower in times of crisis – How digital tools save lives

superpower compliance app

Covid-19 has made the compliance department systemically relevant overnight – far beyond just the company environment. Today, the risk of rule violations is no longer only threatening the company with high sanctions. After all, we are living in times of a global epidemic for the time being. A breach of the rules today can ultimately mean that our lives and our health are endangered.

Compliance can save lives. Compliance has the chance to go from being an annoying killjoy to a superpower in the company.

Only yesterday, the snitch, the smart aleck, the know-it-all, with whom nobody really wanted to play.

Today, however, it can be one of the “cool kids”, be part of the team and support leadership instead of slowing down. Be part of the team when they all fly to Mars soon.

Three lines of defense ready for take-off

Three lines of defence: Compliance as a driving force

What is meant: Properly understood and properly integrated, compliance can actively move the company forward. The top-down approach needs fresh, new ideas, a new mindset and concrete alternatives.

And therefore technical requirements for implementation. This is possible today with a Compliance App. To understand this, a linear representation of the actors and their tasks within crisis management is helpful: the system of the so-called “Three Lines of Defense“.

The Three Lines of Defense (TLoD; also model of the three lines of defence) is a model for a systematic approach to risks that can occur in companies and organisations. In that way, it is a governance system for identifying and handling corporate risks. These must be recorded, identified, analysed and evaluated at an early stage and communicated within the company.

A paradigm shift away from war scenarios towards good corporate behaviour

The name reflects the traditional understanding of risk management and thus also of compliance. It used to be primarily about defending against risks and defending the company.

Today, however, risk management means – and not just since Corona – minimising risks jointly and responsibly through good corporate behaviour; the paradigm shift away from defence to good corporate behaviour in the run-up to a crisis has been taking place for a long time.

Accordingly, the Three Lines of Defense would need a modernization push in its name and understanding.

Even more concrete:

In the traditional understanding, the first (operational) line is the leadership which has to decide and execute quickly and responsibly in times of crisis.

Via the second line, the so-called “line of defence”, risk management functions of the first “line of defence” can be controlled and monitored.

The third line is the last risk-controlling instance, which independently informs the leadership about operational potential and risks. The internal audit department is responsible for this central task of managing and controlling corporate risks.

Even here, in the third line, the Rulebook compliance app is a highly efficient tool for proving the effectiveness of rules: Leadership and employees can use the app contextually. In this way, authentic, “real” feedback from employees can be recorded more efficiently, more quickly and can be incorporated into the continuous improvement of the system.

Rulebook compliance app user feedback


The compliance app can have the greatest impact where compliance is located according to a systemic understanding: In the second line of defense – as the well-known annoying know-it-all.

In order to be able to support the first line quickly and competently and to do operational justice to the changed role from nuisance to team player, the communication channels from the second to the first line must be free, easy and allow agile cooperation through short distances.

Before Corona, in a crisis, these were usually just a few metres from the corner office to the open-plan office. There the compliance officer tried to do his work in peace between the shouting of the sales team and the stand-up meetings of the marketing team, and with a frown gave the desired OK – or not.

Today, these short communication channels no longer exist as a rule – because in the office, there’s nobody there.

The “New Normal“, as is well known:

– intelligence services,

– virtual conference providers,

– team working tools,

with which the teams communicate with each other.

Three lines of defense in new workblank

Communication dilemma: How can compliance unleash its superpower on the way to the front line?

Compliance communication must first find its effective way within the multitude of communication tools available. Like all other departments.

In addition, compliance may have its own department in the enterprises, but usually not in the medium-sized companies. As a rule, compliance is only one of many urgent issues that the legal advisor/legal department has on its table every day and is subject to its own priorities.

That means there is also a complexity dilemma in addition to the communication dilemma. So, the beautiful idea of superpower tends to fade into a vision for the next 5 years. The hope of currently using compliance as a suitable immediate measure in times of crisis is fading.

Push that reset button!

Compliance app as active tool for the three lines of defense

If it weren’t for the often-quoted reset button, which we can and should use for us. In C2S2, we call it contextual compliance for good corporate behaviour.

With this solution, compliance can already be an active tool right here and now to support the first line from the second line. Actively, agile and efficiently, for example with questions and rules for safely working from home.

In concrete terms, the Rulebook Service ‘hooks’ the second line of defense into the new communication channels and tools in the company and provides contextual decision support.

The C2S2 Rulebook compliance app provides the right answer to every question. Always and everywhere knowing what works and what does not work: That is what the C2S2 Rulebook makes possible. On a business trip, on site at the customer or in the office. The C2S2 Rulebook provides employees with a tool that generates competence in all situations. This creates motivation and trust, while at the same time avoiding breaches of rules and defensive attitudes.

From thematic content sets, which are developed from the rule contents of your guidelines or provided by C2S2 – optimised on request. We have developed a protected technology for this purpose: Interactive Rule Modeling (IRM®). Your guidelines are digitally mapped: The results are intuitively retrievable rules that communicate what employees are allowed to do, what they have to do and what to pay attention to in certain processes. Comfortable user guidance and clear language make dealing with your company rules a motivating process.

Effective communication of corporate values

The C2S2 Rulebook is also a digital service that communicates corporate values – and concrete guidelines – not only in an understandable but also emphatic manner. This is particularly important in Covid-19 times.

Compliance App Corona