Compliance assurance at Serco – helping to build resilient and sustainable public service solutions
Our shareholders 2021
Governance is an essential part of Serco’s public service ethos and how we manage our impact as a public company. We strive to maintain an effective system of internal compliance and assurance control and risk management that promotes business growth whilst ensuring that we operate safely and ethically and deliver quality services, and that safeguards the best interests of our stakeholders.
We use a ‘three lines of defence’ compliance assurance model to test business compliance, operating at Contract, Divisional and Group levels and maintained by an international network of governance experts, embedded in or working closely with the business.
Here, two key members of our global governance network share experience and insight from their roles helping Serco to be the best managed company in its sector through compliance assurance.
Leila Tavakoli is Head of Quality and Compliance for Serco Americas
For her, compliance is not about checking boxes or calling people out – it’s about listening, learning, and helping to build sustainable solutions that work well for everybody.
“Our quality and compliance assurance programs dig deep into the hearts, minds and day-to-day realities of how our people deliver outstanding service. We go out into the business, engaging face-to-face with frontline colleagues to find new ways to do better for our customer, better for our business and better for our people.”
A strong focus on colleague engagement and maintaining a positive compliance culture is key:
“Our people want to do the right thing. They want to know what their responsibilities are, they’re comfortable with becoming better, and our leaders are always willing to reach out and invest time and energy. When preparing for site visits, they ask me: “What should I focus on?” That’s amazing. Government auditors come sit in our offices and see first-hand that this is something we all live every day. They love how engaged everyone is. Our role is to foster that culture – to help people feel good about improvement, rather than feeling bad about not being perfect. That’s why we put so much into our communication and training.”
However, care must be taken to safeguard against regulatory overwhelm and fatigue, which can erode compliance, create paralyzing uncertainty and sap innovative energy.
“Our industry is highly regulated – at last count there are nearly 100 external audits conducted annually on our business in North America. Balance is key – we want to add value, not compliance ourselves out of business. Command and control can make people rigid and reactive, whereas proportionate freedom and flexibility fosters ownership, inclusion, and accountability. The onus is on us to prioritize effectively and understand the impact of all the rules and regulations so we can approach the business with realistic expectations in a supportive way.”
Nowhere is that more evident than at the expanding frontier of the business:
“None of our contracts are alike. Each has a unique risk profile requiring subtle differences in assurance and quality management. As the business grows and evolves, so we must adjust and evolve as well – bringing new operations into the fold through careful, considerate, and collaborative integration.”
Robert Smith is Contract Compliance Manager, NorthLink Ferries for Serco in the UK
For Robert, compliance at the contract level starts and ends with care and innovation for the benefit of the communities Serco serves every day.
“It’s about what they experience and the impact that it has – including the broader impact on local wellbeing and prosperity in the case of NorthLink Ferries. Every little detail matters. Our role is to ensure that, from the moment someone considers making a reservation, their personal data will be secure, for example. That they will be safe in our care. That they will get from A to B in comfort and on time.”
Serco’s wider compliance landscape is just as dynamic as many of the environments in which it operates. Helping the business to keep its feet is critical:
“Whether we’re responding to shifts in societal or political expectations or industry standards, we play a key role in helping the business prepare for emerging challenges and opportunities. To do that well, we’ve got to be proactive – eyes open for change. At NorthLink, for example, our focus on combatting modern slavery and human trafficking risks has been driven by our recognition of societal expectations. Meanwhile, our early investment in cyber security and data governance has paid dividends. It’s important to catch hold of and move on these things for the business. You don’t want to be the last to know that the goalposts are moving.”
Of course, the needs and expectations of Serco’s government customers must be taken into account and managed through robust, constructive dialogue:
“There’s a constant flow back and forth from the client to the frontline. We sit in the middle, looking at current and future priorities through different stakeholder lenses, internal and external, never afraid to ask questions and challenge thinking in either direction. We work with our management team, our client, and other key industry stakeholders to interpret new requirements in context and understand how best to fulfil and report on them.”
At NorthLink Ferries, all of this adds up to a public service that is reliable, resilient, and striving to improve continuously for the benefit of a wide range of stakeholders.
“Delivering lifeline ferry services in an often-challenging operating environment, service resilience is vital for our communities and the economy. There are many dimensions to ensuring safety, security, and value generation to meet the needs and expectations of all our stakeholders. Our dynamic and horizon-scanning approach to compliance focuses on helping the business keep pace with the complex fabric of rapidly evolving requirements and giving our client and customers every confidence in the governance of our service.”