Compliance training people don't hate: a working formula
Compliance training has two jobs: satisfy the auditor, and change what people do on a Tuesday afternoon when nobody is watching. Most of it does only the first. The 45-minute annual module gets completed — under duress, in a second monitor, on 2x speed where the player allows it — and behaviour stays exactly where it was.
The uncomfortable truth is that the audit job is easy and the behaviour job is hard, so organisations quietly settle for the easy one. But the gap is closable, and closing it doesn't require more budget — it requires a different structure. Here is a formula that has held up across policy, safety, and conduct topics.
Why the standard module fails
The typical compliance module fails in three predictable ways:
- It recites the policy instead of the situations.Nobody violates a policy because they couldn't recall clause 4.2. They violate it because a real situation didn't look like a policy situation — the gift was from a friend, the shortcut was how the last team did it, the data request came from someone senior.
- It's sized for the auditor, not the learner.One 45-minute module "covers" everything, which guarantees nothing is retained. Attention through a module of that length decays badly; the final third is effectively unwatched.
- It tests recall, not judgement."In what year was the Act passed?" is answerable by someone who will fail every real-world test the policy exists for.
The formula
1. Open with the grey area, not the definition
Write the module scenario-first. The opening screen is not "What is bribery?" — it's a named colleague in a specific bind: "A supplier you've worked with for years offers you two tickets to the final. Your renewal decision is next month. What do you do?" Definitions come after the learner has felt the ambiguity, at the moment they actually want the rule. This single inversion — situation, then policy — does more for retention than any production value you can buy.
A practical sourcing tip: your best scenarios already exist in your incident reports, whistleblowing themes, and audit findings, anonymised. Fictional scenarios written by legal tend toward the obvious; real ones are ambiguous in exactly the ways that matter.
2. Ship honest module lengths
Split the 45-minute monolith into modules of 7–12 minutes, each owning one topic and one behaviour. Three consequences follow: completion rates rise because starting is cheap; the LMS record becomes more granular (you can see which topic people struggle with); and updates get cheaper, because when the gifts threshold changes you re-issue one 9-minute module, not the whole estate.
3. Write knowledge checks that test judgement
Every question should put the learner in a situation and ask what they'd do. The craft is in the wrong answers: each distractor should be a plausible rationalisation someone in your organisation has actually used — "it's fine because it's under the threshold", "it's fine because I'd disclose it later". If a distractor wouldn't tempt a reasonable colleague, replace it. Aim for 4–6 scenario questions per module with a pass mark you're willing to defend to an auditor — 80% is conventional and defensible.
4. Replace annual panic with a cadence
The annual all-topics rollout exists for administrative convenience, and it concentrates exactly the behaviours you don't want: cramming, box-ticking, and a support-ticket spike every October. A better cadence: the full module on joining and on material policy change, plus a quarterly 3–5 minute refresher — one scenario, one question, one reminder of where to ask. Spacing content out is one of the few learning-science findings robust enough to bet a programme on, and it also spreads the completion-chasing workload across the year.
What the auditor actually needs
None of the above sacrifices the audit job — it improves it. What an auditor typically wants to see is: a named individual, a completion date, a score against a stated pass mark, and evidence of which version of the content they saw. That last one is the sleeper requirement: when the policy changes, you need to show who was trained on the old rule and who on the new. Version your modules explicitly and keep the mapping.
All of this is exactly what SCORM tracking exists for — completion, score, and date, recorded per learner in the LMS. If the packaging side is unfamiliar, our plain-English SCORM guide covers what the LMS records and how.
Prove it changed behaviour (or at least judgement)
Completion is attendance, not learning. The minimum honest upgrade is to compare assessment performance on scenario questions over time, and — for high-stakes topics — pair the training data with the operational metric the policy protects: incident reports, near-misses, audit findings, policy-exception requests. If twelve months of training moves none of those, the training is decoration. We go deeper on this in Beyond completion rates.
A build checklist you can run this quarter
- Inventory current modules; note length, last update, and pass-rate data.
- Pull 5–10 real (anonymised) grey-area situations per topic from incidents, audit findings, and manager interviews.
- Split anything over 15 minutes into single-topic modules of 7–12 minutes.
- Rewrite every knowledge check as a scenario decision; run the one-question audit on each.
- Set the quarterly refresher cadence and put it in the calendar now.
- Version each module and record which cohort saw which version.
The writing is the real work in this formula; the production shouldn't be. Mltitude's eLearning generator turns a brief — your scenarios, your policy points, your pass mark — into a SCORM-ready module with knowledge checks, which makes the 7–12 minute, update-often cadence economically sane. If you want to test the idea on your least-loved compliance topic, the free trial needs no account.