June 24, 2021 | Series 1 / No. 5
The rise of the digital world and paperless technologies now offers maximization of business benefits and productivity improvement with proper Records Management.
The unique attributes of product regulatory compliance mandate a use of a dedicated and separate compliance repository with its own sets of terminology, rules, and features.
A proper system of organization and storage of the compliance related records enables a crisp business execution for all functions that are impacted by product regulatory compliance – Engineering, Legal, Product Management, Marketing, Distribution, Sales, Shipping & Logistics, and Customer Support!
Acquiring product regulatory compliance for disparate markets is a document-intensive process. Many documents are generated during the process of testing the product and obtaining the regulatory approval, which are used many times throughout the product life cycle by various business functions.
Regulatory approval is a prerequisite to a successful product launch, general availability, order booking, and shipment of the product to the customer. The documents acquired through the regulatory approval process need constant monitoring for updates and proper management throughout the product life cycle.
Generic repositories are available to manage regular documents requiring basic functions such as add, edit, versioning, share, archive, delete etc. But the records related to the product regulatory compliance are unique in nature with their own nuances and specifications requiring special management.
Following are important problems and needs while managing the records related to product regulatory compliance:
We have come across many examples where legacy businesses lack a formal storage policy for the regulatory compliance records. Without a policy, typically the compliance documents are housed in the computer and emails of a Compliance professional, making it hard to quickly find, retrieve and share the relevant documents with other interested parties. In some instances, the compliance documents remain with the test labs. We have also seen examples of companies growing rapidly through acquisitions, where the regulatory compliance continues to be managed in the silos of the newly acquired company (now one of the Business Units). As a result, getting an overall compliance view and assessment becomes difficult.
In the event the Compliance professional leaves the company, both the ownership and whereabouts of these critical documents are lost. A lack of general access to the key documents for the stakeholders draws major operational disadvantages.
Therefore, as far as the record-keeping is concerned, the first order of the business is having a secured repository that can be accessed by anyone from anywhere.
In the era where internet access is now ubiquitous, stakeholders should have an easy, instant but secure access to the documents from anywhere, which in turn ensures a frictionless business operation. The Engineering, Document Control, Product Management, Marketing, Distribution, Sales, Order Management and Shipping & Logistics teams use the compliance documents in direct support of the sales and operations. The Legal team reviews, approves and is involved in the storage of the compliance documents to ensure governance and legal protection of the company’s brands and products.
The stakeholders typically have different roles allowing them different level of access and privileges as they relate to the creation, modification, sharing, versioning, approval, archiving and deletion of documents. A Compliance Manager and Compliance professional should own full responsibility of the regulatory compliance activities and records, and hence enjoy full rights from creation to deletion of records. A test lab partner would like to upload documents, but they must be approved by the customer. A sales or shipping person may only want to review the approval certificates without having a need to modify them.
Businesses are looking for collaborative platforms that allow the formation of teams and facilitate a real-time work environment for different team members. The users should be able to form teams based on a product, project, market(s), or discipline (such as EMC, Product Safety, Radio, Telecommunications, Environmental, etc.), where documents are created, edited, and finalized; they could further be modified with or without versioning. A key stakeholder should have an ability to approve a critical document such as a test report, without which it could not be finalized. A collaborative work environment speeds up the processing, keeps everyone on the same page, and makes the overall system more efficient.
The function of product regulatory compliance is complex in nature as it deals with a maze of disparate and very important business attributes as listed below:
Therefore, the compliance repository must have the following capabilities:
Considering the above, it is imperative that one utilizes a dedicated and separate compliance repository to bring the simplified structure to the space of product regulatory compliance, to quickly derive the required compliance intelligence, and to collaborate with the core compliance stakeholders.
Having a system is the correct way to manage one’s compliance repository. Some companies use the commonly available tools such as SharePoint, Google Docs, Box, or Dropbox as a repository to house the compliance documents. However, the pitfalls of using these traditional systems are its generic nature and its folder structure.
The compliance documents – such as a Test Report, Type Approval Certificate, or a Declaration of Conformity (DoC) - may reference multiple products and markets. The use of a traditional repository requires that the compliance documents are now copied in multiple folders specific to different products or markets referenced on the documents. In the above example, one can see that the Compliance Certificate and Test Report have been generated for the Regulatory Model (Printer Laser); there are two copies of the same document, one each for Product 1 (Printer Laser 1200 dpi) and Product 2 (Printer Laser 600 dpi). Unfortunately, this leaves multiple copies of the same document in different folder locations, making verification of the authenticity of the document difficult. Additionally, the single source of truth is now lost, and as a result, the search gives multiple results for the same document opposed to a single outcome.
In a nutshell, with multiple folder structure, finding a correct document with a high level of confidence becomes difficult and allows for multiple copies of the same file and different locations.
Moreover, every time this document gets updated, one must remember to version up this document by revisiting all relevant folders where multiple copies of the original version reside.
Additionally, the system should leverage the industry’s best practices and provide key, pre-configured attributes such as record types, disciplines, and market groups. This in turn will provide the following capabilities and need fulfillment:
The past twenty years have seen the emergence and adoption of core vs. context framework, where businesses focus on core and mission-critical activities that create a competitive advantage, whereas they form partnership for important but context activities.
For businesses, the product testing is now universally identified as a mission-critical but context activity (only a few, multinational enterprises maintain in-house test labs). Since the test documents are generated by the test labs, the uploading of these documents should also be out-tasked to the publishers of the documents. The document control could be exercised by retaining and conducting reviews and approval of the documents by the Compliance professional working for the business. The Compliance repository should allow uploading of the documents by the third-party using approval rights defined by the Compliance professional working for the business. This activity frees up the administrative time of the Compliance professional, makes her/him more productive, and allows to do more with less.
In conclusion, the unique attributes and special requirements of product regulatory compliance mandate the use of a dedicated and separate compliance repository with its own sets of terminology, rules, and features. Such a dedicated repository will bring enormous benefits of important compliance views, quick search and retrieval of compliance records, ease of use and collaboration, while making the Compliance professional more productive.