Last week we spoke with Stephen Herzog, Corporate Attorney and Member of the Cincinnati Bar Association, and received his recommendations on how to best align and partner with legal and compliance teams.


Equipped with the legal and compliance perspective, how can marketing begin to develop and align their practices?  I reached out to Ryan Coats, Director of Demand Generation at Optum.  Ryan has extensive experience successfully working within a highly regulated industry.  Ryan provided us with his 3 overarching compliance best practices, and tactics for executing against each.


  1. Develop, document, and automate privacy policy and global email policy


Develop: Get your facts straight, do some research and educate yourself enough to help guide a conversation.  You don't need to know it all or be an expert but you do need to be able to understand and contribute to a conversation with stakeholders.


Document: This is the toughest step to get right, for me.  We're all so busy, and once you gain agreement on your approach to policy/compliance you'll give some high fives and push forward without another thought to documenting the process, players, responsibilities and actions needed.  Upfront, appoint someone to be responsible for documentation.  When I don't appoint someone to be the C.D.O (Chief Documentation Officer) I fail at this critical step and find myself scrambling for documentation later. 12-nohighfive.jpg


Automate: Automation is a key to solving the many compliance complexities that exist for a regulated business.  Once you've developed and properly documented the policy it's much easier to build the programs you'll need to enable automated compliance. In my experience this takes some time to get right. Don't overpromise on your deadline; allow yourself and technical experts time for testing and improvement. Testing and improving goes a long way to getting to the right automated solution perfected.  Test, Test, Test has never been more appropriate than in an automated compliance program. Additionally, you need to ensure you've determined how this automated program might or might not impact other programs you have in place.


  1. Keep legal happy to ultimately get things done


Be proactive: Talk with them before, and not the day before, you need their help or sign off. Being proactive and showing you're interested in following their processes shows you respect their viewpoint and your willingness to be compliant.


Come prepared:  Bring with you some basic knowledge and ideas on how to proceed or what you think you need to be compliant or gain approval. Provide the legal and compliance team access to the same information you've already reviewed to prepare.  Being helpful is always a good approach.


Use visuals: As an example, we were recently talking about our UK Opt-In policy and what language would need to be included in the footer.  I walked everyone through the experience from start to finish.  Seeing the forms, emails, footers and related data assets in action made the conversation easy for all to understand and provide approval to proceed.


Admit you don't know: It's ok not to be an expert at regulatory compliance.  That?s why we have legal and compliance folks to help ensure we?re doing things properly.  Admitting you don't know helps the legal and compliance team know they need to be more involved and help guide you down the path to compliance.

  1. What regulation and compliance research is required and what are the best sources of information?

Start at the source of the policy or regulation:  Going to the governing entity's website usually gets you the key requirements for compliance. Not sure who the governing body is? Google is your friend, especially if you know the law or legislation you're researching.


Augment your understanding: Once you've gathered the key requirements you can look for other sources to augment your understanding, or as I usually find, give you information in simple and easier to understand terminology.  These other sources include Topliners, learn from people who have already tackled the issue.  Industry experts like SiriusDecisions, MarketingSherpa and Gartner have great information on compliance best practices related to marketing regulations.  There are also many not-for-profit organizations that you can gain membership to, such as ESPC, AMA, and likely others in specific industries relevant to you.


It takes effort and understanding on the part of marketing to develop a great partnership with legal.  By implementing these best practices, and executing against the supporting tactics, you can develop a successful process that supports the regulations imposed and leads to successful marketing programs.

What compliance best practices would you recommend for marketers?