Compliance Management

Dec. 15, 2016
Staying legal involves more than simply managing your business licenses

Everyone with an alarm business knows that there are compliance issues to deal with, and most even know exactly what is required to stay legal; however, few security professionals – from company owners to installers – understand that being in compliance means more than just being legally able to install and maintain a system. It is about creating a compliance culture – having everyone in the organization take ownership of the compliance process. This will not only boost compliance but will aid in mitigating risk.

Thirty-three states and the District of Columbia have licensing requirements for alarm companies, and many regulate fire as well. Some license under a low voltage electrical requirement. But in any state, operating a business as an unlicensed entity where licenses are required is costly.

There are direct and indirect costs to having a company or person out of compliance. These costs may be associated with the company or the individual technician, but nonetheless they are very real. You assume the risk of both fines and possible jail time, depending on your location, by operating without the required license.

Licensing and compliance are not glamorous. Requirements may include fingerprinting, background checks, documented experience in the industry and technical proficiency exams. In most areas, you must also complete continuing education courses each year in order to maintain or renew the license –and its success or failure can make or break your ability to operate your business and generate revenue.

Suddenly compliance becomes a little sexier; however, in spite of the extreme liability, some organizations expose themselves by placing the responsibility of compliance in the hands of unreliable spreadsheets or to glorified calendars. Rarely is there a full-time person focused on compliance, but the frequency of even a part-time person is rare.

It takes more than a simple checklist to keep your business and people in compliance – it takes a strategic and tactical effort, along with tools to assist in the process. It also requires an organizational commitment to getting into and maintaining positive compliance status. If all of these are not in place and fervently committed to, the compliance process may fail, and there will be consequences.

Whether you own an alarm company, are a qualifying agent, or are a technician out in the field, licensing and compliance should matter to you. Like it or not, we operate in an occupation with the 12th most burdensome licensing requirements and is the 17th most heavily regulated occupation. This means a lot of varied statutes, piles of documentation and a need for laser focused operations allowing management (and consumers) to trust in the legality of your business.

With all this taken into consideration, it is not good business to leave the licensing process to someone without expertise in the field or to let the process fall by the wayside in the midst of all your “more important” issues. Licensing matters, and compliance is easy to maintain with the right knowledge and by using tools to assist in the process.

The First Steps to Compliance Management

What does it take to manage the compliance process? One of my favorite business quotes is “What is measured can be managed.” It is often attributed to famed business guru, Peter Drucker, but no one is really sure of the quote’s origination. Regardless, the line seems like it was written by a very knowledgeable Compliance Officer, as it is very much the case when dealing with compliance that we must document, document, document!

There are systems available to help with this mission-critical step – otherwise, the process can easily become overwhelming and run awry. But proper documentation lends itself to the compliance management process by way of measuring (and more documenting).

In many instances, we have to know what we don’t know to even get started, meaning you must consider your first step in the compliance management process to know what the guidelines and requirements are for every state you are operating – whether it be installing, supporting or monitoring.

Several guides have been published that attempt to break down the state laws to inform business owners what licenses, if any, are required and the steps to get and maintain them; however, each of these historical attempts to develop a guide has ended with a document that quickly becomes dated and therefore useless. That said, one guide that has just been released to the industry that is both current and commits to remain so: the Guide to Licensing and Continuing Education, A State-by-State Resource. This document includes each state’s (and some local jurisdictions) requirements for a license, the associated fees, full contact information and the continuing education requirements; and it is free for the asking. Simply email [email protected] and ask for the Compliance Guide.

Doing Your Homework and Documentation

A thorough due diligence is the next step in the compliance management process. It is essential to research what is required to install security systems in your state, city or local jurisdiction. There is no national standard for license compliance – that would make too much sense! Rather, it is the responsibility of the alarm company to know what steps are necessary to legally install security systems in their location(s). These are the requirements for physical security technicians, often published as low voltage installation guidelines. Sometimes there is no standard at the state level, but the local jurisdiction requires a license. Ignorance of the laws will be no excuse if you are in violation of them.

While getting and keeping licenses is an obviously good thing, another big factor is record keeping. Anyone from the authority having jurisdiction (AHJ) to your legal counsel could want to know the status of licenses. It is important to have this information handy and readily available – and yet another reason why compliance management is so important. Each location’s requirements are as varied as the locations themselves. The technician must often be licensed in two or event here locations just to keep legal.

There are jurisdictions where the technician must have proof of licensing in the field; therefore, having a credential is very important. Some organizations do not have the credential sent to the technician directly but rather have the credential sent to the office (internal contact), and then the technician can sign off when they pick it up. This allows for credential accountability.

Renewals

Just because you are in compliance does not mean you shouldn’t be proactive. If someone’s license expires on December 1, you do not want to discover that on November 28. The time it takes to take the exam and process a renewal needs to be done months in advance. Most locations have a documented license renewal process, allowing the applicant to process all the required paperwork, obtain the necessary continuing education courses, and send renewal payment to the appropriate body (usually state licensing boards). Also, to make life a little easier, most locations have online systems where you can submit and renew for a license.

Given the importance of this process and the fact that each location in which you must be licensed probably has varying renewal procedures, using a tool to assist with the compliance management process pays for itself in multiple ways. For instance, License HQ offers a software system designed to assist with the licensing and compliance process. The tool is robust, but it is not specific to the security industry. SecurityCEU.com offers a Compliance Management System (CMS) that is specific to our industry. Look at both of these tools (or another one) to help you manage your compliance process. The benefit of using a tool like this will far outweigh the cost.

In most cases, renewing a license requires anywhere from 12 to 60 hours of continuing education during the renewal period, which may be anywhere from one to three years. Since this training is required, why not make the most of it? Take advantage of the opportunity to educate your technicians and sales people.

Many times, technicians take any course available to get their CEUs. This means the quality of the training may suffer or the tech may be taking courses for topics in which they are already an expert, therefore not expanding their knowledge set. It makes the most sense to genuinely give the technician education that benefits their job. For example, have them take training on IP networking because it is such an important topic for technicians these days.

The goal here is not to look at continuing education as a necessary evil, but rather an opportunity to sharpen staff’s skills and update their knowledge set.

Connie Moorhead is President of The CMOOR Group (www.cmoor.com), a provider of security training and education services. To request more info about the company, please visit www.securityinfowatch.com/10546338.