TOPIC: COMPLIANCE AND FEASIBILITY REPORT

I. COMPLIANCE REPORT
The simplest definition is that a compliance report documents how well a company is
or isn’t complying with some regulation that applies to the business. That compliance
report is usually (but not always) written by the compliance officer, and it can go to
several audiences—the board, senior executives, regulators, business partners, and
others.

Broadly speaking, a compliance report tries to answer three questions:

 Is the organization in compliance with the regulation?

 Does the company have a reliable process to be in compliance?
 What else could or should be done to improve compliance?
 That’s the overview of compliance reporting, at least. Now let’s consider the
details of how to do compliance reporting well.

Why Compliance Reporting Is Important

Compliance reporting is important for many reasons.

First, some compliance reports can be required by regulatory obligation. For

example, banks must file certain reports with their industry regulators to
demonstrate compliance with rules governing liquidity risk. A business working under
a settlement for antitrust or FCPA infractions might need to file reports with the
Justice Department about corporate compliance. An inability to generate those
reports could invite serious trouble.

Second, even where a compliance report isn’t required by regulation, compliance

reports can inform your regulatory reporting. For example, in the state of New York,
financial firms need to certify the effectiveness of their cybersecurity programs. That
certification isn’t a compliance report in the strictest sense—but just about every
CISO would want an internally generated report about the firm’s compliance with
cybersecurity regulations before he or she certifies anything.

To put it another way, compliance reports are important because they document the
current state of your company’s compliance posture.

Spoiler alert: that posture is not perfect. Whether you are documenting compliance
with anti-corruption, privacy, human trafficking, or anything else, inevitably you will
find shortcomings. A compliance report identifies those shortcomings and provides a
roadmap to remediation.
Third, compliance reports can often be required by customers. For example, a
customer might want to understand your company’s cybersecurity or anti-corruption
programs, before it agrees to do business with you. A compliance report can answer
those questions. (And as the business landscape keeps marching toward a world of
high regulatory and ethical expectations, those demands from customers will only
get more insistent.)

Examples of Compliance Reports

Compliance reports come in all shapes and sizes, on many subjects. Some might have
a designated structure, if they’re driven by specific regulatory requirements. Many,
however, take whatever form and structure makes the most sense for your
organization’s needs; the content of the report is what matters most.

Examples of a compliance report include:

 A review of due diligence programs or internal accounting controls for FCPA

compliance
 A summary of the documentation and testing of security controls for PCI
compliance
 A report on policies and procedures necessary for HIPAA or GDPR compliance
 A review of policies and internal controls for AML or Know Your Customer
compliance
 The Justice Department’s guidelines for effective compliance programs don’t
specifically say, “Thou shalt do compliance reporting.” They do, however, talk
about a company’s ability to see warning signs of compliance risk, “such as
audit reports identifying relevant control failures.”

That implies an ability to study your compliance posture—which is what a

compliance report allows you to do. So whatever compliance obligations your
company might have, an effective compliance program should be able to generate
reports on all of them.

What a Compliance Report Should Include

A compliance report should include four main components:

 A statement regarding the regulation in question.

 A discussion around the scope of the report—that is, precisely what the
compliance officer reviewed, and what he or she didn’t. In many instances,
affirming what was not reviewed is just as important as stating what was.
 A review of the compliance process itself. For example, if reporting about the
effectiveness of third-party due diligence, describe how those procedures are
supposed to work.
 A summary of the findings of your analysis. How well is the company meeting
the stated compliance obligation, or not?
A compliance report can, and usually should, also include action items to improve
compliance. In some instances, however, such as a regulatory report with a fixed
structure, that might not be the case.

What Makes Compliance Reporting Effective

First, effective compliance reporting makes reports that are useful to the reader.
Remember that many compliance reports go to senior executives or board directors.
While they might understand the concepts for regulatory compliance, they won’t
necessarily know all the lingo or terms of art that compliance officers might use
internally.

A compliance report should anticipate that reality, and be written in such a way that
its readers can put the report to good use. To that end, all compliance reports
should:

 Use clear language and sentence structure.

 Be concise.
 Include an executive summary.
 List action items or timelines for improvement
 State any necessary action from executives or the board, such as decisions
that only they should make
Second, effective compliance reporting generates reports as quickly as possible. This
quality is more important for the compliance officer making the reports, rather than
for the executive reading the report—but it’s still important. Manual creation of
compliance reports is expensive, painstaking, and more prone to error.

For example, all useful compliance reports include data. So one place for a
compliance officer to start is to consider which parts of data collection and analysis
can be automated and then fed into a pre-existing compliance report. (Say, a
quarterly analysis of due diligence efforts.)

That also means the compliance officer should consider the design of your
compliance reports, and how much of the report can be pre-formatted so data flows
into the report automatically.

In the ideal world, many compliance reports can follow predesigned templates, to
capture data based on predetermined metrics. Then you can present those reports
quickly, clearly, and easily.

The one thing you probably shouldn’t automate: the analysis of weak spots in your
compliance program, and recommendations for improvement. Some things are still
better left to good old human judgment.
What are the objectives of compliance reporting?

 Fulfilling regulatory requirements: Reports may be required as part of the

specific regulatory requirement or law your organization is adhering to.
 Proof of compliance: A compliance report provides you with concrete
evidence that your company is adhering to regulations correctly. An inability
to create a compliance report could indicate that your business is vulnerable
to serious legal issues.
 Provide a synopsis for decision makers: Internal stakeholders outside the
realm of the compliance office, like the board and other executive-level
decision makers, may want to check in to ensure compliance requirements
are being met, how they’re being met, and determine if any further action is
needed.
 Identify areas of improvement: Compliance reporting is a meaningful means
of oversight. A compliance report subject to an internal audit might reveal
areas where compliance can be improved in the future.

What is a feasibility report?

A feasibility report is a report that evaluates a set of proposed project paths or
solutions to determine if they are viable. The person who prepares a feasibility report
evaluates the feasibility of different solutions and then chooses their
recommendation for the best solution. They then present the feasibility report to
their company and make their recommendation.

What is the purpose of a feasibility report?

The purpose of a feasibility report is to determine the feasibility of solutions or
project paths and choose the best option. The feasibility report serves to break down
different approaches to a problem or project and help readers understand the
feasibility of each approach. Based on the evaluation outlined in the report, readers
can decide whether to take the report's recommendation of the best approach. This
thorough analysis of different approaches can help companies make the best
possible decisions on projects and problems.
Elements of a Basic Feasibility Report
Below are the seven key elements of a feasibility report:

 Introduction: You need to persuade the decision maker to even consider any
sort of alternative. You need to convince them to even read your report first.
Tell them what they will gain personally or as an organization by considering
your work.
 Criteria/Constraints: You must specifically map out the criteria of what the
ideal outcomes are. This will allow you to make practical and logical
decisions. You can present the criteria in your feasibility report in one of two
ways. First, you can separate the criteria into its own section. This is best
when you have a extensive report and you need to go in-depth with the
explanation. Second, you can incorporate the criteria throughout your report
as the criteria become relevant. However, it is important to realize that
whichever strategy you chose make sure that the criteria is introduced early
in the report. It is also very important to map out the constraints of your
suggested solutions. This will show the audience that you understand and
acknowledge the fact that no solution is perfect. This will also make sure that
the audience makes the decision in their best interest.
 Method: It is very important to present facts that are accurate and relevant.
You should state the reliable sources you used and what method they came
from (internet,interview, book, etc.). Without a credible research method or
credible sources your document itself will lack credibility.
 Overview of Alternative Options: You must underline the key features of
each possible option. Make sure they are easy to understand and presented
in a friendly layout. Keep in mind that the goal is to allow your audience to
make the best decision.
 Evaluation: This should be the bulk of your report, you must evaluate the
options using the criteria you created. Add graphs, charts, etc. to show that
you have studied your options, and have come up with statistics that back up
your reasons as to why your alternative beats the competition.
 Conclusions: State the conclusion you have reached. How did you reach this
conclusion? How did you evaluate the alternatives? Why is this solution the
best one for your organization?
 Recommendations: Use your experience, knowledge, and research to state
which option you think should be adopted.

Structure of a Basic Feasibility Report

The following is a list of front matter elements included in a typical feasibility report:

Cover Page: Use an APA cover page.

Transmittal Letter
A transmittal letter is sent to the company who requested the feasibility report.
Although this letter is sent under separate cover than the Feasibility Report, it is a
courtesy to include a copy of the transmittal letter in the Report.

This letter tells the need for the feasibility report and the date of completion of the
report. The letter includes the background of the project, a reference to the Problem
Analysis, and outlines the procedure used to determine the recommendations
presented from the feasibility report.

Table of Contents

Identify the sections and their corresponding pages.

Executive Summary: Briefly explains the problem, the possible solutions, and the
recommendations

EXAMPLE:

The purpose of this feasibility research report was to address the problem of
________________. This report offered three alternative solutions to this problem:
_________________, ________________, _______________. In addition, the report
ranked the alternative solutions, according to its strengths and its benefits. Solution
#3, _______ was the first recommendation. Solution # 1 ________________ was the
second recommendation. Solution #2, __________ was the third recommendation.

The following is a list of the sections that form the body of the feasibility report:

Introduction: Write a brief introduction: This section will be from the Problem
Analysis. Tell the why you conducted an investigation and the

Background: Explain the problem. This section explains how you know there is a
problem. This section will explain why you did the investigation, the findings and
conclusion from the Problem Analysis.

Purpose: State the specific purpose of the Feasibility Report. For example: The
purpose of this report is to address the problem that (the requester is experiencing
with state the problem). This report will accomplish this by investigating three
alternative solutions to this problem.
Research: From the analyses of the articles (Summaries/Responses), copy and paste
the summarized sections here. Only paste the summarized sections. You will attach
the entire analyses to the end of the report, as appendices.

References:
https://openoregon.pressbooks.pub/lbcctechwriting/chapter/7-7-feasibility-reports/
https://www.rapidfiretools.com/blog/2021/03/31/compliance-reporting/
https://www.rapidfiretools.com/blog/2021/03/31/compliance-reporting/