Primary tabs

Postgraduate Course in Compliance

Program curriculum and final degree

Program Curriculum

Basic Structure

  • Essential Aspects of Business Ethics
  • Sources of Compliance Obligations: Hard Law and Soft Law
  • Business Management Models (GRC)
  • Compliance Management Systems (CMS)
  • Generic Reference Frameworks
  • Specific Reference Frameworks
  • Practical Development of Compliance Models in Spain
  • Internal Complaint and Investigation Procedures
  • Classification of Group and Individual Conduct
  • Communication Skills

Practical Case Studies during the Program:

  • Correcting Inadequate Business Initiatives
  • Detecting and Managing Corrupt Behaviour
  • Management of Compliance-Related Conduct that is Not Aligned with Objectives


Subjects Studied

I . Essential Aspects of Business Ethics. Aspects of business ethics that are applied in the corporate world and whose development habitually produces internal regulations. The relationship of business ethics to compliance with regulations and the establishing of voluntary standards above and beyond what is required by law.

II. Sources of Compliance Obligations: Hard Law and Soft Law. The importance of good practices and international standards as sources of obligations, and their interpretative (and even binding) nature.

  • Sources of soft law.
  • The traditional system of sources of law and obligation.
  • Sources of soft law and effectiveness in practice.
  • Taxonomy of technical standards (ISO, ISA and ISAE).

III. Business Management Models (GRC). Modern business management models encompass compliance-related activities within models that include governance and risk management (GRC models). This subject will examine the interactions between these three spheres.

  • The concept of Governance, Risk-Management and Compliance (GRC).
  • Integrated GRC management models: applications and solutions.
  • Locations of the compliance function within the organizational structure of the business.
  • Interaction between compliance, internal control and internal auditing.

IV. Compliance Management Systems (CMS). Due to the proliferation of regulations affecting companies (and which are either mandatory or self-imposed), it is necessary to develop systems that enable effective management of compliance. To this effect, efforts have been made to develop standards both within Spain and internationally in order to determine the state of the art in this area.

  • The concept of CMS and areas of compliance.
  • Generic and specific standards.
  • Organic compliance structures.
  • Role and functions of the Compliance Officer.
  • Compliance policy and CMS.
  • The ISO standard in CMS.
  • The ISO standard in ABMS.

V. Generic Reference Frameworks. With regard to compliance, both Spanish and international standards utilize a series of principles and components that are implemented within the context of internal business controls. This subject looks at these generic reference frameworks and the principles that have been developed through them.

  • The COSO framework: COSO I, COSO II and COSO III.
  • The OCEG capability model.
  • OECD guidelines.
  • Role and functions of the Compliance Officer.
  • Australian standard AS 3806-2006.
  • The technical audit standard IDW AssS 980.

VI. Specific Reference Frameworks. Due to the nature of certain technical activities and areas of operation, compliance frameworks have been developed and specifically adapted accordingly. These include measures to prevent corruption, which have become models for ethical management and a source of inspiration for a large number of regulations in this area.

  • The corporate guidelines of the US Sentencing Commission.
  • The OECD anti-corruption guidelines.
  • The USA's Foreign Corrupt Practices Act (FCPA).
  • The UK's Bribery Act.
  • The compliance model of the Spanish Criminal Code.
  • Tax governance, tax morality and tax transparency.
  • Money-laundering prevention model.
  • Compliance and competition.
  • Defence of consumers in relation to the banking industry.
  • Environmental management models.
  • Privacy management models

VII. Practical Development of Compliance Models in Spain. The practical application of compliance models requires the use of techniques that have been developed from both generic and specific reference frameworks in relation to compliance.

  • Risk assessment: prioritizing risky conduct.
  • Policies, procedures, controls and investigations.
  • Risk map for compliance and crime prevention.
  • Organizational measures.

VIII. Internal Complaint and Investigation Procedures. The practical application of compliance models also involves the implementation of detection mechanisms and the subsequent development of investigative processes combining respect for legality with the most advanced forensic techniques.

  • Complaint channels and investigation protocols.
  • Guaranteeing privacy and no reprisals.
  • Procedural guarantees in internal investigations.
  • Forensic investigation techniques.
  • Obtaining and processing digital evidence.

IX. Classification of Group and Individual Conduct. The behaviour of individuals and groups must be taken into consideration for both the design and application of compliance models. This subject will tackle essential questions of social psychology that affect the compliance sphere.

  • Risk assessment: prioritizing risky conduct.
  • Policies, procedures, controls and investigations.
  • Risk map for compliance and crime prevention.

X. Communication Skills. The behaviour of individuals and groups must be taken into consideration for both the design and application of compliance models. This subject will tackle essential questions of social psychology that affect the compliance sphere.

  • Framing techniques and influence on the tendency to comply.
  • Techniques for communicating under adverse circumstances.
  • Media communication.

Practical Case Studies during the Master

(All of the practical case studies will be presented using the "simulated immersion" methodology)

1. Correcting Inadequate Business Initiatives

In this practical case study, students will manage a sales initiative that is inadequate from a compliance perspective, via two approaches:

  • Approach 1: the CO joins a product launch committee where an initiative is proposed that would be highly profitable in a business sense, but would contravene competition law.
  • Approach 2: the CO attends a meeting of the Board of Directors, where the above initiative is evaluated.

2. Detecting and Managing Corrupt Behaviour

In this practical case study, students will manage an incident involving deliberate non-compliance by a particular business area:

  • Approach 1: an employee reports a serious case of corruption. The CO studies it. The case affects the head of the organization's most important business unit.
  • Approach 2: after a period of investigation involving the Purchasing Department, the case of corruption is confirmed. The CO prepares a report for the Board of Directors.
  • Approach 3: the CO presents the case of corruption to the Board of Directors.

3. Management of Compliance-Related Conduct that is Not Aligned with Objectives

In this practical case study, students will manage a situation in which the actions of the head of compliance for a specific business area are not in line with the organization's stated compliance objectives:

  • Approach 1: at a Compliance Committee meeting, the head of the Tax Department reports on the implementation of a high-risk tax restructuring operation. The organization has made it known that its compliance policy and values are deliberately conservative. The CO gives his/her opinion.
  • Approach 2: the CO presents a monthly compliance report to the Board of Directors. S/he gives his/her view of the tax initiative.

Final Degree

Upon successfully completing the program, students will receive a Postgraduate Course in Compliance, awarded by Pompeu Fabra University.

.