A hands-on guide to compliance training

Avatar photo
Published on 24/04/2020

All organisations that run employee compliance training are facing similar challenges. But every organisation is different. Their challenges might indeed look similar on the surface, but the reasons behind them are specific to each organisation.

There are a number of resources available on how to deal with the challenges of compliance training. Unfortunately, many of them only address generic approaches and solutions that provide little or no value to those who need to resolve their own problems.

This guide is based on our real-life experience with developing and running compliance training for numerous organisations. It provides practical answers to the most frequent questions that occur during the setup period or the training itself. We hope it will help you with your compliance training as well.

This guide is useful for novices who have just started setting up their first mandatory compliance training, but also intermediate or experienced compliance managers who want to learn more from our experience.

Table of contents

Introduction to compliance training

What is compliance training?

Compliance training is used to educate employees about the laws, rules and regulations that affect their job roles. This type of training ensures all employees are made aware of the regulations and commit to act accordingly – hence the term ‘compliance’.

What is the purpose of compliance training?

The main purpose of compliance training is to ensure the appropriate conduct of the employees and to legally protect organisations in case of incidents or violations. This is why compliance training is always mandatory with the main focus on recording completion.

In addition, compliance training helps employees to do their work with confidence and contributes to creating a more hospitable and respectful workplace.

The purpose of compliance training beyond protecting the company

Compliance training can be done in many different ways. For smaller groups of people, classroom-based training can be perfectly convenient. Sometimes face-to-face training is even a legal requirement. However, especially in large organisations, digital versions of training via e-learning programs are often the most effective way of running compliance training.

This post is mostly about digital compliance training, but the section covering compliance training content will be useful for other training types as well.

Why is compliance training specific?

Workplace training usually provides employees with knowledge and skills that help them execute their tasks better, faster and more efficiently. Employees can easily recognise its value because of the imminent impact of training on their work performance.

On the other hand, the purpose of compliance training is to prevent incidents.

In some fields, especially when health and safety is concerned, the value of training can be easily recognised.

In many other areas, the threats are not so obvious and the absence of incidents can hardly be seen by the naked eye. In such cases, the benefits of the training are not as obvious to the employees.

Last but not least, to satisfy the regulatory requirements, compliance training needs to be run periodically. Usually, this means going through the same or similar training every year. This can be perceived as a work distraction, particularly when more experienced employees are involved.

For these reasons, employees often view compliance training unfavourably.

We have even put together the list of most common excuses for not doing compliance training, but that’s the topic for another blog post.

How to deliver meaningful compliance training?

If we want employees to recognise the value of the training, we need to provide them with content that is relevant to their job roles and easily applicable to their everyday tasks. To achieve this we need to overcome two major obstacles:

The first is the fact that compliance content is usually based on extensive rules or legislation. Not all of which are applicable to everyone. Therefore you need to take responsibility in handpicking only the relevant topics from the content. It is a challenging task, but it needs to be done to keep the information relevant to your employees.

Aligning topics to job roles for a meaningful compliance training

The second obstacle is the fact that the rules and legislation are written in a prohibitive manner. From the authoring perspective, it is easier and safer to stick with this angle throughout the training.

Employees, however, appreciate learning about the positive aspects of appropriate behaviour. This means that the content needs to be rewritten with a positive sentiment while keeping the key messages intact. Even for the most skilful training designers, this is a serious challenge.

Prohibiting undesired behaviour vs. suggesting appropriate  behaviour

What are the goals of compliance training?

The goals of well-intended compliance training should not be limited to satisfying regulatory requirements, but to also provide efficient training that will result in the appropriate employee behaviour. There are several indicators that can help us monitor how efficient the training really is.

Completion rate

The most straightforward and commonly used indicator is the completion rate.

For compliance purposes, you want to keep this rate as close to 100% as possible. Whilst this indicator is certainly needed for the audit trail reasons, it doesn’t provide adequate information about the actual knowledge. That is why it is useful to combine it with other metrics to assess the final training success.

Completion rate chart showing employees who completed compliance training, those who started it and those who haven’t responded at all.

Assessment results

Typically, at the end of the training, employees need to pass a compliance test to prove what was actually learned during training.

These test results (and the number of retakes required to pass the test) can tell us a lot about the efficiency of the training. If the test results are bad, the training might be inadequate or the questions are too hard. On the other hand, if everybody passes the test with a 100% score, the questions might have been too straightforward. Finding the right balance is essential.

Charts showing three possible compliance test scenarios where the number of attempts to pass indicate whether the training content is aligned with the test questions or not

Knowledge gaps

If you dig deep enough into the test results you can identify questions which were largely answered incorrectly.

This could mean that the related content wasn’t explained well enough during the training. It could also mean that such questions have been poorly written. In both cases, you might need to react in order to improve the training for the next generations of employees.

Learning analytics used to identify knowledge gaps in JollyDeck’s LMS

Employee feedback

Employee feedback provides a number of first-hand information about how the training could be improved. But tracking user sentiment on a longer-term can be even more important. This is because data can demonstrate the improvement or satisfaction level with each iteration of the training.

The amount and severity of incidents

The final goal of compliance training is to minimize the risk of incidents. We all agree that a correlation between compliance training and the number of incidents exists. Unfortunately, it is not so easy to prove – especially on a short term basis. However, if you decide to measure a number of training variables and keep a track-record of incidents, the relation between these two should be visible through time.

You should now know two things

  • Firstly, you understand the goals of the training you are issuing.
  • Secondly, you should know how to measure the efficiency of the training.

The next step that you need to know is how to start planning your training.

Developing a compliance training program

Digital compliance training consists of two parts:

  • The content
  • The technology

These are both closely connected, and you cannot have one without the other.

The content needs to be relevant to the learners. Otherwise, it will not be understood or embraced.

Likewise, the technology defines the delivery of the content. If good, user-friendly technology is not in place, the content is harder to access and friction develops between the learner and the content.

If the content is hard to access, this results in the learning becoming jeopardized.

The perfect match of content and technology

In an ideal world, you would explore all of the technology and content options available to find a fitting combination that works best for you. However, reality dictates that this is rarely the case.

We know from experience that implementing technology is a timely process. There needs to be time invested to find the technology, then there are a huge amount of resources required to put that technology into place. This all comes after you have talked your stakeholders around to giving their approval.

This is why every compliance training plan should start with the technology assessment.

Compliance training technology assessment

Most organisations will already have some form of learning technology in place. Usually, it is an LMS (Learning management system), but in some occasions, other systems (e.g. intranet sites or content management systems) are used as well.

If you do already have an LMS, you only need to assess whether it can launch your selected compliance training. However, if you need to implement the technology, then it is helpful to have a list of requirements when choosing the one that suits you best. In both cases, you might want to read more about choosing the right LMS for compliance training.

The role of an LMS in compliance training

The LMS as a delivery platform

As a delivery platform, your LMS must deliver your compliance training in the most frictionless way possible. Whenever a user has to stop and attempt to figure something out, that is a friction point.

Friction points like the above may not seem like much. However, every friction point, no matter how small, may turn users away – ultimately resulting in lower completion rates.

So what should you look out for when reviewing an LMS? The below points will shine a light on the common considerations you need to account for.

How convenient is the technology?

This should be first and foremost on your LMS wishlist. Always think about the end-user and how easy or difficult it will be for them to access the content. If you’re still unsure, consider these questions:

How will the user access the system?

  • Will they use only company devices?
  • Will they use their own devices (like smartphones)?

What about logging in to the system?

  • Do they need to register the first time?
  • How does the registration process work?
  • Do they need to register with a work email address?
  • If they don’t have a work email address, what other options are available to them?
  • Can this be simplified through the use of a Single Sign-On (SSO)?

It might seem like a lot, but the login and registration process is the learner’s first impression of your selected LMS. If this is too difficult, it can set the wrong tone too quickly.

Supported platforms

Most modern LMSs are accessible through a number of different ways. Primarily, they can be accessed through all major desktop and mobile web browsers. Some vendors also provide native mobile apps.

An overview of LMS platforms: desktop and mobile web browsers and native mobile apps

Naturally, the more ways your learners can access their content, the better. However, there are points to consider:

  • A native mobile app is a nice addition to web access, but most generic content will not work well with these apps. Make sure you trial this before committing to anything.
  • If your users are likely to access the content while offline, then web-only access is out of the question. You need some form of a native app that supports offline learning.
  • Think of any specific use cases in your company. Sometimes not all employees use the most recent devices. They may use outdated web browsers or operating systems. In each case, make sure you trial the software before you make the final decision.


As well as being accessible, the LMS also needs to be user-friendly.

For most employees, LMSs are not one of the tools they use every day, so you can’t expect them to invest their time in learning how to use them. That’s why a simple and intuitive user interface is extremely important.

Things like logging in, accessing training and completing training should simply be a few clicks away. Anything too lengthy causes friction, which can be detrimental to the learning experience and process.


It is a rare occurrence that you will instantly be happy with an LMS setup as soon as you unpack it, and small bits and pieces can have a huge impact on training.

The most common example of this is customisation. Frequently you’ll want the app to resemble your organisation’s branding as closely as you can, so it’s important to know exactly how much your company branding can be applied.


Accessibility is key with compliance training. It is likely that there will be employees within your organisation that have a disability that affects how they read, such as dyslexia or visual impairments. Therefore, you need to make sure that your compliance training is inclusive for people with disabilities.

The LMS as an enrollment tool

It goes without saying that the larger your organisation, the more challenging user management in an LMS is. There are two key points to consider to combat this.

How to manages users in an LMS

Firstly, you need to ask if the user database will sync with your existing employee database. The ideal answer to this question is ‘yes’. This means that the LMS’s database will automatically update employees’ records, deactivate leavers and add newcomers with your employee database at regular intervals.

If the answer is ‘no’, then you need to carefully define the process of manual data synchronization.

In each case you need to be prepared for a number of real-life scenarios that could affect the data in your user database:

  • Adding new users / removing leavers
  • Reporting training data back to the HR system
  • Managing changed job roles, positions and other parameters that affect training requirements
  • Updating personal data, especially when used as a key to match data between the systems (e.g. if a user changes their email address)
  • Dealing with anomalies (e.g. merging duplicate accounts while keeping all learning records)

Once your users are in the LMS, there then needs to be clarity on how the learners will be enrolled in training. If there are many different job roles and many different types of training for different user groups, how will this be overcome?

The easiest way is if the LMS allows for user segmentation – but if this is not an option then clarity is needed as to how this will be dealt with.

How to automate tasks with an LMS

Automation is crucial. Especially if you’re a larger organisation. Ideally, your LMS should be able to automate as much as possible. This includes tasks like:

  • Notifying learners they have been invited to training
  • Letting learners know if they are behind on training
  • Reminding learners that the learning deadline is coming up

Above all, you want to be able to sit back and do as little chasing as possible, having confidence that your LMS will take care of it. However, a communication plan will certainly help.

Email automation in JollyDeck LMS

The LMS as a reporting tool

Every LMS will offer some basic form of monitoring KPIs and reporting, including an audit trail. This is a basic legal requirement of compliance training.

However, there needs to be consideration into the quality of the reporting. Think about useful factors like the type of data that is available, how easy it is to export to a spreadsheet and how configurable that data is.

You should also consider how frequent those data reports are, and who can access them. Are they available at the touch of a button to all stakeholders, or can only one person access them after requesting them?

Most importantly, check what data you need, and what data you can actually pull from the LMS. If there are things that you have to validate for your compliance training goals – make sure the LMS can help you reach these goals.

An example of a compliance training report

Utilising existing LMS vs introducing a new LMS

If you already have an LMS in place then it might be worth sticking with it. The simple reason being it saves time and money. If you don’t have an LMS in place, or your current LMS isn’t working for you, there are a few things to take into account.

Getting people’s buy-in takes time

The people who hold the purse strings are typically resistant to splashing the cash, so highlighting the benefit and the savings of a new system can be a lengthy process. Likewise, IT will often be hesitant to implement new systems in the company. Especially when staff’s personal data is concerned.

This can be complicated further when the current LMS caretaker gets involved. Naturally, any added LMSs are seen as internal competitors, and it can be difficult to win them around.

Whilst this undeniably is a lot of effort, the upside of having a system that you like and fits your needs is worth the time.

Choosing the right learning content

When you’ve finally found a technology partner – surely the hardest part is yet to come? Well, more often than not, choosing a content provider is comparatively easier.

It is unlikely that compliance training learning content will need to be written from scratch. As it’s mandated by-laws and legislation, there are many different vendors that offer off-the-shelf content.

What you have to consider is how suitable that content is for your organisation and the needs of your learners. As we mentioned at the beginning of this post – every company needs something tailored. Read more about this in our Comparison of off-the-shelf vs. bespoke learning content.

So sit back, relax, and read on as we show you what is available and what you should be looking for when you choose your content partner.

Content formats

Like most things in learning – the format is foremost.

Typically, compliance training is a course followed by an assessment. The courses are usually composed of slides, e-books, a few questions and perhaps some infographics and compliance training videos. The assessments are commonly a bank of questions with a pass rate. Simple enough.

A typical compliance training setup with a course and a test

But there are other formats available – the most popular alternative variations being in gamification (as in JollyDeck quiz). These always look like the most attractive offer at first glance. They’re fun, usually user friendly and offer some sweet relief to legalistic topics.

However, they’re not the right fit for everyone, and there’s also some debate on how meaningful the gamification format is for learning. Having a pretty package is nice, but remember that you’re doing compliance because you want learners to come away with actually having learnt something.

That being said, it is often beneficial to use other content types to support basic training. This is for the following reasons:

  • They can be used as useful support references
  • Different content types help to break up training

For example, in JollyDeck we often make use of references and checklists in our training. This is beneficial in use cases such as information security, where learners will complete training on remote working. During training, they are pointed to a checklist on what to watch out for when working remotely. This allows them to simply access the checklist the next time they find themselves working away from the office.

So what content type is the most appropriate? The best way to answer this is to put yourself in your learner’s shoes. Think about the problem you are trying to solve and the best resources you have available to do this.

  • If you need to provide lots of essential information to people who need it urgently, consider using a course.
  • If you want to distribute refresher information on content which is a ‘nice to know’ rather than ‘need to know’, then it might be worth considering alternatives like a quiz or a game.

Content types

Another way to view the content is based on its origin. Typically, there are two different formats here. Generic content is created by a vendor, whilst custom content is created internally.

The former is more common as it is often cheaper to create and faster to set up initially. However, if you require a lot of modifications then it can become more costly and time-consuming. Custom solutions require more resources at the beginning, but the final solution is more tailored to your needs.

On the other hand, there lies an area in between both approaches where you can find even more possibilities.

To help you decide which type of content is most appropriate for you, why not validate your options by putting them on the content type axes?

Compliance training content comparison: generic vs custom

Quadrant A covers most of the vendors with a generic content offering that allows for little or no customisation. This is not necessarily a bad offering. As we discussed, this typically allows for a quicker and less expensive solution to basic compliance training.

But no matter how great the generic content is, you will always be tempted to make minor changes. This might be adding your own examples, own ways of processing compliance-related issues or more relevant industry case studies.

In quadrant B, we find the generic compliance content that can be customised to a small extent. As with anything, the range of customisation varies from vendor to vendor.

Some vendors will make the changes for you, and some will allow you to make the changes yourself with an open format. Before you decide whether this is the right solution, consider the following:

  • How difficult it is to modify content?
  • What tools do you need to modify the content?
  • Do you have the know-how to use these tools internally?

If generic content really doesn’t work for you, then you’ll need to develop your own. This brings us to quadrant C.

Typically, creating your own content takes more time. You also need to make sure that you can re-edit again in the future.

If you cannot edit the content again in the future, you end up in quadrant D. Custom content that can never be edited again. Videos are a common example of this. They may look great at the time, but if any part of the process described in a video changes, it’s not trivial to re-edit the whole video just to change one part. In this case, the whole video becomes unusable.

The subject matter

The last question when you’re dealing with compliance content should be this:

How well does it address the needs of your employees?

We previously discussed how compliance training needs to be meaningful to be successful. But to be meaningful, it needs to meet the following criteria:

  • The training should have a clear explanation behind its purpose, and how it will impact your employees ‘on the job’.
  • Use clear examples that employees can relate to. These examples should be as specific to their functions or expected behaviours as possible.
  • The training should not just cover ‘why’ employees are doing the training, but ‘what’ can go wrong in case of inappropriate conduct.

But besides being meaningful, compliance training should provide just the right amount of information. If it is too sparse, learners will have gaps in their knowledge. Too rich, and the learner will struggle to retain it all.

A chart showing the learning curve in relation to the amount of information

Finally, let us not forget that like technology, the content requires the same accessibility as described above.

But whilst accessibility with technology refers to how employees will access the training, accessibility to the content refers to how employees will consume the content.

This will be addressed differently by different vendors. For example, in JollyDeck, we offer audio narration with all of our content, but this may not be the case with everyone so make sure you check how your selected vendor will approach this issue.

Are you already anxious about the number of things that can go wrong? We’ve compiled a checklist of content considerations to make sure you don’t miss anything important.

Getting the buy-in from stakeholders

With any luck, all of your questions around content and technology have been answered at this stage.

The next step you’ll have to take is to get the approval from your organisation. This is key, as you will need the support from everyone involved whilst the training is running. Don’t let dealing with your stakeholders turn into a nightmare.

Your number one hurdle to overcome is senior management. They are the first people in any organisation to embrace and build out compliance procedures, and they want to instil this from the top down. Therefore it is imperative that they have an active involvement in bringing best practices to life.

Secondly, you need to win over the business-related functions. During the implementation and rollout of training, you will be working closely with functions such as IT and HR, so it is important to be on the same page before you even begin the implementation stage.

IT will need to assess the technology and the vendor, and you will likely have to make sure they understand the need for the training and the role they will play in its delivery.

As for HR, they hold the data you need on your learners and may want to run the compliance register centrally with all of the other employee data. Therefore it is likely that IT and HR will need to work together to set up all of the data in one place.

Finally, your line managers need to understand the importance that training will have on their team members. The role of the line manager within the training can be overlooked, but without their buy-in, you may run into some problems.

For starters, line managers have direct access to the learners. This means that they can have a hands-on approach to making sure that the importance of the learning is understood, and the training is completed.

Secondly, they will need information and data on the performance of their team members if they are to be in charge. If they are unable to see the training performance of their teams, they are unlikely to see the value of the training.

Training completion rate chart showing  the intervention from line managers

Setting up a communication plan

Before you issue any training, you need to devise a clear communication plan.

The best way to start is to figure out how you will notify learners about their training. Whilst many LMSs will do this for you, it’s important to understand how this is done.

Typically, this will be an email, but there are questions you should ask around how customisable these can be and how frequently they are sent.

For example, will the LMS send just one email to notify the learner they have been invited to the training? Or will they send out multiple emails reminding learners who have not started the training that they need to complete it?

It is also worth considering the other communication plans that need to be in place. For example, how will you and your stakeholders report on the success/criticisms on the training – to each other and the vendors involved?

Finally – what will be done about users who don’t have email accounts yet? A creative yet non-invasive form of communication needs to be developed to make sure they are on top of their training. Once again, line managers are often a great help here.

Setting up a training communication plan with automated email invitations and reminders for unresponsive users

Setting up the technical support

When running most forms of technology, technical support is also needed in some form. Compliance training is no different.

Technical issues are often the biggest barrier to learning being completed, so you need to choose a partner who can eliminate these issues quickly.

Often, the issues are on the learners’ side. Common issues like lost passwords, forgetting login details or not being able to find the training is all to be expected.

It is possible to encounter issues such as technical bugs, problems with your users’ data or software malfunctions. However, the better the provider, the less frequent these will be, but bugs happen to even the highest-flying technical companies, so it’s important to get an understanding of how they are able to deal with them.

Running compliance training

The best way to run any compliance training program is through preparation. The more prepared you are before it starts, the easier it will be to take a back seat whilst it runs. To make sure you haven’t missed anything, check out our series of checklists on Launching compliance training.

But as we all know, this is never as easy as it sounds. The following tips will help you make sure your compliance training is running as smoothly as you’d prepared for:

Monitor your learners’ progress

Before training starts, set a deadline for its completion, and make sure this is adhered to. You should have anticipated how long it will take most people to complete, so communicate this to stakeholders and learners. If the deadline is approaching and the majority of learners are yet to start – consider why that is and talk to those who have influence over the learners to really hone in on the importance of the deadline.

Monitoring trainig progress throughout the company in JollyDeck LMS

There can be several reasons why learners don’t complete training. Some, however, are more legitimate than others.

For example, you may have employees on maternity or annual leave and this wasn’t updated in your LMS, or perhaps they’re simply on holiday. These little details don’t always get picked up on by LMSs, but they may affect the overall training completion rates. Occasionally, you may have to do this manually by checking things like auto-respond emails (‘sorry, I’m on annual leave until…’). Sometimes you have to chase line managers to get this information.

Either way, you should partner with an LMS that allows you to tag this information correctly, and process it quickly and accordingly.

Pushing hard for completion rates

When you issue compliance training, you need high completion rates. In order for organisations to be fully compliant, they need an audit trail to prove this, and high completion rates are the best way to show that these objectives have been met. But high completion rates don’t come automatically.

If you’ve planned the training carefully, the work should be spread evenly and it won’t feel like an uphill battle. However, you should still be carefully monitoring the training and analysing every area as you go along.

To do this best, you should work from the bottom up. Work with line managers to see what is really happening, why people are or are not completing the training, and what can be improved. It may take time, but the more you understand what the learners are thinking, the more you will achieve higher completion rates.

Training evaluation and further steps

Once the training is completed, you’ll need to evaluate the results.

Naturally, starting with the completion rates is the best way to go. Ask yourself:

  • Were they what you aimed for?
  • If not, what went wrong?
  • What could be done to keep future completion rates high?

Secondly, take a deeper look into other metrics like the questions.

  • Were there questions across the board that learners answered incorrectly?
  • Were there segments of your learners (i.e. marketing and sales) that collectively answered incorrectly, whilst other segments didn’t have that issue?

It is important that you communicate these results with your stakeholders, and see what can be done to improve on this in the future.

It is also important that you think long term. For example, do the results show behaviour throughout the company that is undesired? If so, is this a result of inadequate training? Is it something that needs to be addressed now, or can it be solved in a refresher course?

Extend compliance training with monitoring, analysing and improving phases.

These may seem like philosophical conundrums, but getting a wider scope of your current training progress and future needs will provide you with a long term action plan.

Combining compliance training with newcomers’ onboarding

Compliance training isn’t just for current staff. Newcomers need attention too.

When a new member of staff joins the company, they must understand the company’s values, and undergo the appropriate training program. It is worth sitting down and looking at your current onboarding program and evaluating when and where a newcomer is best placed to take the compliance training. Too early and it may be information overload. Too late and they may develop bad habits.

Evolve compliance training into an ongoing training program

Compliance training is too often a ‘once in a blue moon’ process. But it shouldn’t be this way. In order to remain compliant, learners need to be regularly refreshed, updated and tested.

These refreshers shouldn’t be as lengthy as the initial training. However, they should cover aspects like legislation changes, common knowledge gaps or pivotal points that need to be remembered.

A training refresher every year is a reasonable expectation. If nothing has changed in the legislation (which is likely) then it won’t become overbearing, and if you combine it with a quiz or a game then it may even become interesting…

In summary

We hope that you have found our insights in compliance training useful. You should now have enough information to go out and set it up yourself, and even see the desired results as you’re building the culture of compliance in your organisation.

Related articles

© 2024 All rights reserved