Want to avoid a compliance training disaster?
Want to ensure it will be useful and relevant and avoid resulting in your sales team storming your office with pitchforks and torches?
Well, then answer three questions before you do anything.
They're simple, but they will ensure you understand exactly what you are doing (and why) so you produce something that is relevant, useful, and tailored to your target audience—the approach the Department of Justice talks about.
Ready? Here we go.
1. Who is this training for?
First, all compliance training is for people. So, which people?
The more specific your answer, the better.
You want an answer like "sales managers in China" or "senior directors" or "accounts payable clerks"—people who are either high-risk or high-control by virtue of their job or seniority.
The reason you want to get specific is because you want to keep it simple, and specificity breeds simplicity.
You ever wonder why our work looks so simple? Because it is specific. When we are targeting a specific thing a specific employee does, we are able to leverage context about who that person is and what they do, and that lets us dramatically distill down what they need to know.
On the other hand, the broader your audience, the more context you need to set. And that means your training tends to either be (1) a bunch of high-level stuff, because you want to keep it short or (2) punishingly long, because you have to lay so much context.
People hate both of those things.
For that reason, if your answer to this question is "all employees," stop and proceed VERY carefully.
There is definitely a small amount of compliance information that everyone at your company needs to know, but the operative word in this sentence is "small." This is because you work at a company, and companies use delegation of authority and division of labor to carve up responsibilities and liability.
So yes, there is information that both your interns and your senior directors need to know (what the Code covers, how the hotline works, etc.), and that's where all-employee training makes sense. Beyond that, however, your answer to this question should be much narrower and much more targeted.
2. What do we want people to do?
Next, you have to ask what you want your audience to do. Compliance training is about behavior, not abstract knowledge.
Another way to ask this question is "if this training works, what will people do differently?"
Now, sometimes people throw their hands up here. They say "well, we can't possibly know everything the business does, and they ultimately own compliance anyway, so we'll just tell them about risks and then they'll just have to figure it out what that means for them."
That has been the historical approach. And that approach has been a historical failure.
Because if you don't know what you want employees to do, your employees won't know either. Employees can't meet your expectations if they don't know what they are.
And if you don't even know what your expectations are, then you're not giving your employees training at all; you're just dumping information on them. You have to define what you want people to do or you are not ready to do training yet.
(And side note: that historical, the-business-will-have-to-figure-it-out approach is a good way to get laid off. Literally anyone can train employees on risks; you don't need in-house people to do that. In-house teams add value by putting things in business context; that's how you make yourself indispensable.)
3. What's the minimum amount of information they need to know to do that?
Finally, once you know who your audience is and what you want them to do, you define the minimum amount you need to tell them to make that happen.
This question asks you to limit yourself to what your audience needs to know to take action, so that you do not confuse or lose them on extraneous information.
And that requires a lot of thought and mastery of the information. It is really easy to include too much information "just in case."
Do not do that.
That is, if you feel like you have to include extra information "just in case," you have not mastered the subject enough to be training anyone on it. Keep working through the content until you're confident that everything in that training is absolutely necessary.
Why? Because it is hard for people to learn things, and hard for them to remember them, and hard for them to apply them. Do not make it even harder by first requiring your employees to figure out what's important and what isn't.
Your employees are not positioned to know that—you are. Iterate on the content until you're absolutely sure that you're only including what they need to know, and then you're ready to go.
Want tools that are relevant, useful, and tailored to your target audience?
Check out Compliance Design Club!
Questions you don't need to ask (yet).
One final note: think about what questions we didn't ask here.
We didn't ask what format the training should be in.
We didn't ask how long it should be.
We didn't ask if there should be a quiz or completion requirement.
Those are valid things to think about. But until you first answer the questions in this post, any decision you make on them will be arbitrary.
That's why a lot of training turns out so bad: because someone started by saying "we need to have a half-hour online training, with video and a quiz" and then came up with the content.
That's backwards: content drives format, not the other way around. (More on that here.)
You do not hire a cinematographer and grip and director and actors and then on the first day of production say "ok, anyone have ideas what this movie should be about?"
That is a recipe for disaster...but that is how a lot of compliance training gets made.
The format, media, length, etc. all flow from your audience, goal, and the amount and type of content. You have to start there, and then you can decide if you want to use a video or checklist or whatever; at that point, the right format and length will usually be pretty obvious—because you'll have defined what you're trying to do, and that makes picking the right tool all the easier.