Regulatory Compliance Is a Continuous Process: Interview With Intive’s CEO, Gurdeep Grewal

Modern companies understand that their broad footprint should not be assessed solely through the commercial lens. At intive, we want to make sure that we positively impact the lives of individuals, communities, and the environment we interact with. We operate in 3 continents and must comply with numerous local laws and regulations. On top of that, our customers have their own pressing requirements and expectations we must adhere to. We have a complex regulatory compliance in place and we are set to become even more compliance-oriented in the future.

Regulatory compliance is not just about steering clear of legal trouble – it’s about making a difference in the world by advancing the standards of business conduct worldwide. At intive, we’ve just implemented our Supplier Code of Conduct. What do we commit to when it comes to our purchasing processes?

We understand that our suppliers co-create the business culture with us and we want to make sure that we share common values and maintain the highest ethical standards.

In our Supplier Code of Conduct we address fair labor practices, employee health and safety, as well as wellbeing and development. We also outline our policy regarding anti-corruption and gifts, conflict of interest, and security of confidential information and personal data. Basically, we ask of our suppliers to strive toward being a better employer, more responsible partner, and a more sustainable business.

We’re aware that we’ve set the bar high, but that’s because we demand a lot of ourselves in the first place. Take environmental awareness for instance – we can’t flat out tell our suppliers that they should cancel their business trips, but we can surely suggest to them implementing a “think twice” policy, just as we have done. The global pandemic has proven that a lot of meetings and decisions can take place  online. 

Another important thing: We ask our suppliers to let us know whenever they notice any misconduct on our side – all such information will be treated with utmost concern. Integrity is everything.  

Compliant companies have the so called “license to operate”: They go about their business being socially responsible and grow sustainably. What forms our license to operate?

Businesses create and uphold many high professional standards voluntarily, upon the belief that how they act as companies matters just as much as their performance. Apart from internal sets of rules such as codes of conduct, there are mandatory regulations like industry-specific compliance standards, government-imposed regulations (like GDPR) and all local laws applicable to businesses regardless of their nature.

At intive, we treat regulatory compliance with special attention. We comply with all mandatory regulations everywhere we operate. We have local data protection officers and plan to designate local compliance representatives too. We also have compliance onboarding for all new intivers and carry out GDPR training and privacy awareness refresher trainings for those exposed to higher risk. 

On top of the mandatory regulations, we follow our intive Code of Conduct and now also the recently implemented  Supplier Code of Conduct. 

A company code of conduct is part of corporate governance, however, it’s sometimes regarded as a supplement to actual governance. What’s your view on the importance of this document?

A company code of conduct should be treated as a natural point of reference and it must be internalized so that everyone in the organization is able to follow the guidelines intuitively. We’re “one intive”, we all follow the same rules. 

The Code of Conduct provides guidance in professional situations and we want people to operate within that structure. If it’s done right, it’s adaptable to the business you’re in and it supports day-to-day decision making. Also, you must make sure you train people on it, top-down. A code of conduct requires effective implementation across the whole organization.

Another thing is building customer trust – it takes a lot of time and effort. Such document, if it’s lived, not just written on paper, helps you build that trust, day by day. When presenting a proposal to your customer, you follow the code of conduct; you think about it when planning service delivery. You use it in your everyday processes: hiring, managing, delivering services.

The example comes from the top: How does a company build a culture of integrity and make sure that managers don’t kiss up and kick down?

You foster an open and transparent culture. It’s not just words: You need a whistleblowing system in place, and you need to build this safe, comfortable environment where dialogue is key. Sometimes a simple conversation and constructive feedback is enough. When it’s not, we have an “intive speak up service” to ensure our people feel safe to anonymously report misconduct.

Managers need to act as role models – this goes without saying. You can’t expect your people to behave in a certain way if they see their superiors breaking the rules. So, you need this transparency and respect: The stronger the mutual trust, the better transparency, management, and company culture.

Of course, it’s a continuous process. It takes time, training, monitoring and benchmarking.

Have you ever come across a situation – in your long professional career – where you felt you had to speak up in a workplace, and if so, did you in fact voice your concern?

Many times. Absolutely. I feel it’s a duty. Whether it has to do with doing business in an ethical way or with treating people in the organization right – you have to be true to yourself and to the code of conduct. If you feel uncomfortable, it’s a sign that something is or might be wrong. 

A trust-based company culture is one that encourages people to speak up. Such employees not only feel obliged to use the whistleblowing system, they also believe that their concerns will be addressed. It takes years to build such trust, one action at a time.  

Compliance is there to ensure that businesses and corporations act responsibly. They don’t always do, though. The recent Wirecard scandal casts a shadow on corporate governance. What can be done to further advance regulatory compliance in the future and prevent misconduct?

We need to have more trusted antennas embedded in the system – people that are responsible for reporting any misconduct. We need to strive to be proactive rather than reactive. Compliance teams should always have a chance to deal with issues BEFORE they become major problems.

As a company, you have a duty to your people, your customers, your suppliers. You shouldn’t have to wait for more strict regulations from the top, you should act on your own, and make sure you’re doing everything to build a safe environment for everyone, all stakeholders alike.

¿Cómo podemos ayudarte?


¿Te ves trabajando acá? ¡Genial!

Unite al equipo